UNPKG

@cyclonedx/cdxgen

Version:

Creates CycloneDX Software Bill of Materials (SBOM) from source or container image

github.com/cdxgen/cdxgen

cdxgen/cdxgen

132 lines 5.42 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
export function buildActivitySummaryPayload(activities: any, dryRunMode?: any): { activities: any; mode: string; summary: { blocked: any; completed: any; failed: any; total: any; }; }; export function serializeActivitySummary(activities: any, reportType?: string, dryRunMode?: any): any[]; /** * Prints the BOM components as a streaming table to the console. * Delegates to {@link printOSTable} automatically when the BOM metadata indicates * an operating-system or platform component type. * * @param {Object} bomJson CycloneDX BOM JSON object * @param {string[]} [filterTypes] Optional list of component types to include; all types shown when omitted * @param {string} [highlight] Optional string to highlight in the output * @param {string} [summaryText] Optional summary message to print after the table * @returns {void} */ export function printTable(bomJson: Object, filterTypes?: string[], highlight?: string, summaryText?: string): void; /** * Prints OS package components from the BOM as a formatted streaming table. * * @param {Object} bomJson CycloneDX BOM JSON object * @returns {void} */ export function printOSTable(bomJson: Object): void; /** * Prints the services listed in the BOM as a formatted table. * Includes endpoint URLs, authentication flag, and cross-trust-boundary flag. * * @param {Object} bomJson CycloneDX BOM JSON object * @returns {void} */ export function printServices(bomJson: Object): void; /** * Prints the formulation components from the BOM as a formatted table. * * @param {Object} bomJson CycloneDX BOM JSON object * @returns {void} */ export function printFormulation(bomJson: Object): void; /** * Prints component evidence occurrences (file locations) as a streaming table. * Only components that have `evidence.occurrences` are included. * * @param {Object} bomJson CycloneDX BOM JSON object * @returns {void} */ export function printOccurrences(bomJson: Object): void; /** * Prints the call stack evidence for each component in the BOM as a formatted table. * Only components that have `evidence.callstack.frames` are included. * * @param {Object} bomJson CycloneDX BOM JSON object * @returns {void} */ export function printCallStack(bomJson: Object): void; /** * Prints the dependency tree from the BOM as an ASCII tree diagram. * Uses the `table` library for small trees and plain console output for larger ones. * * @param {Object} bomJson CycloneDX BOM JSON object containing a `dependencies` array * @param {string} [mode="dependsOn"] Dependency relation to traverse (`"dependsOn"` or `"provides"`) * @param {string} [highlight] Optional string to highlight in the tree output * @returns {void} */ export function printDependencyTree(bomJson: Object, mode?: string, highlight?: string): void; /** * Prints a table of reachable components derived from a reachability slices file. * Aggregates per-purl reachable-flow counts and sorts them descending. * * @param {Object} sliceArtefacts Slice artefact paths, must include `reachablesSlicesFile` * @returns {void} */ export function printReachables(sliceArtefacts: Object): void; /** * Prints a formatted table of CycloneDX vulnerability objects. * * @param {Object[]} vulnerabilities Array of CycloneDX vulnerability objects * @returns {void} */ export function printVulnerabilities(vulnerabilities: Object[]): void; /** * Prints an OWASP donation banner when running in a CI environment. * The banner is suppressed when `options.noBanner` is set or the repository * belongs to the cdxgen project itself. * * @param {Object} options CLI options * @returns {void} */ export function printSponsorBanner(options: Object): void; /** * Prints a BOM summary table including generator tool names, component package types, * and component namespaces extracted from BOM metadata properties. * * @param {Object} bomJson CycloneDX BOM JSON object * @returns {void} */ export function printSummary(bomJson: Object): void; export function printActivitySummary(reportType?: undefined): void; /** * Prints a grouped secure-mode environment audit call-out panel. * * @param {EnvAuditFinding[]} envAuditFindings Audit findings to display * @returns {void} */ export function printEnvironmentAuditFindings(envAuditFindings?: EnvAuditFinding[]): void; /** * Runs the pre-generation environment audit and renders the results as formatted * tables to the console. Called when the --env-audit CLI flag is set. * * @param {string} filePath Project path being scanned * @param {Object} config Loaded .cdxgenrc / config-file values * @param {Object} options Effective CLI options * @param {EnvAuditFinding[]} envAuditFindings Audit findings to display */ export function displaySelfThreatModel(filePath: string, config: Object, options: Object, envAuditFindings: EnvAuditFinding[]): void; export function buildTableSummaryLines(bomJson: Object, filterTypes: string[] | undefined, summaryText: string | undefined, displayedProvenanceCount?: number): string[]; export function buildDependencyTreeLegendLines(treeGraphics: string[]): string[]; export function buildDependencyTreeLines(dependencies: Object[], mode?: string): string[]; export type EnvAuditFinding = { type: string; variable: string; severity: string; message: string; mitigation: string; }; //# sourceMappingURL=display.d.ts.map