$73 GRAYBYTE WORDPRESS FILE MANAGER $28

SERVER : vnpttt-amd7f72-h1.vietnix.vn #1 SMP Fri May 24 12:42:50 UTC 2024
SERVER IP : 103.200.23.149 | ADMIN IP 216.73.216.22
OPTIONS : CRL = ON | WGT = ON | SDO = OFF | PKEX = OFF
DEACTIVATED : NONE

/opt/cpanel/ea-nodejs22/lib/node_modules/npm/lib/utils/

Current File : /opt/cpanel/ea-nodejs22/lib/node_modules/npm/lib/utils//sbom-spdx.js

const crypto = require('node:crypto')
const normalizeData = require('normalize-package-data')
const npa = require('npm-package-arg')
const ssri = require('ssri')

const SPDX_SCHEMA_VERSION = 'SPDX-2.3'
const SPDX_DATA_LICENSE = 'CC0-1.0'
const SPDX_IDENTIFER = 'SPDXRef-DOCUMENT'

const NO_ASSERTION = 'NOASSERTION'

const REL_DESCRIBES = 'DESCRIBES'
const REL_PREREQ = 'PREREQUISITE_FOR'
const REL_OPTIONAL = 'OPTIONAL_DEPENDENCY_OF'
const REL_DEV = 'DEV_DEPENDENCY_OF'
const REL_DEP = 'DEPENDENCY_OF'

const REF_CAT_PACKAGE_MANAGER = 'PACKAGE-MANAGER'
const REF_TYPE_PURL = 'purl'

const spdxOutput = ({ npm, nodes, packageType }) => {
  const rootNode = nodes.find(node => node.isRoot)
  const childNodes = nodes.filter(node => !node.isRoot && !node.isLink)
  const rootID = rootNode.pkgid
  const uuid = crypto.randomUUID()
  const ns = `http://spdx.org/spdxdocs/${npa(rootID).escapedName}-${rootNode.version}-${uuid}`

  const relationships = []
  const seen = new Set()
  for (let node of nodes) {
    if (node.isLink) {
      node = node.target
    }

    if (seen.has(node)) {
      continue
    }
    seen.add(node)

    const rels = [...node.edgesOut.values()]
      // Filter out edges that are linking to nodes not in the list
      .filter(edge => nodes.find(n => n === edge.to))
      .map(edge => toSpdxRelationship(node, edge))
      .filter(rel => rel)

    relationships.push(...rels)
  }

  const extraRelationships = nodes.filter(node => node.extraneous)
    .map(node => toSpdxRelationship(rootNode, { to: node, type: 'optional' }))

  relationships.push(...extraRelationships)

  const bom = {
    spdxVersion: SPDX_SCHEMA_VERSION,
    dataLicense: SPDX_DATA_LICENSE,
    SPDXID: SPDX_IDENTIFER,
    name: rootID,
    documentNamespace: ns,
    creationInfo: {
      created: new Date().toISOString(),
      creators: [
        `Tool: npm/cli-${npm.version}`,
      ],
    },
    documentDescribes: [toSpdxID(rootNode)],
    packages: [toSpdxItem(rootNode, { packageType }), ...childNodes.map(toSpdxItem)],
    relationships: [
      {
        spdxElementId: SPDX_IDENTIFER,
        relatedSpdxElement: toSpdxID(rootNode),
        relationshipType: REL_DESCRIBES,
      },
      ...relationships,
    ],
  }

  return bom
}

const toSpdxItem = (node, { packageType }) => {
  normalizeData(node.package)

  // Calculate purl from package spec
  let spec = npa(node.pkgid)
  spec = (spec.type === 'alias') ? spec.subSpec : spec
  const purl = npa.toPurl(spec) + (isGitNode(node) ? `?vcs_url=${node.resolved}` : '')

  /* For workspace nodes, use the location from their linkNode */
  let location = node.location
  if (node.isWorkspace && node.linksIn.size > 0) {
    location = node.linksIn.values().next().value.location
  }

  let license = node.package?.license
  if (license) {
    if (typeof license === 'object') {
      license = license.type
    }
  }

  const pkg = {
    name: node.packageName,
    SPDXID: toSpdxID(node),
    versionInfo: node.version,
    packageFileName: location,
    description: node.package?.description || undefined,
    primaryPackagePurpose: packageType ? packageType.toUpperCase() : undefined,
    downloadLocation: (node.isLink ? undefined : node.resolved) || NO_ASSERTION,
    filesAnalyzed: false,
    homepage: node.package?.homepage || NO_ASSERTION,
    licenseDeclared: license || NO_ASSERTION,
    externalRefs: [
      {
        referenceCategory: REF_CAT_PACKAGE_MANAGER,
        referenceType: REF_TYPE_PURL,
        referenceLocator: purl,
      },
    ],
  }

  if (node.integrity) {
    const integrity = ssri.parse(node.integrity, { single: true })
    pkg.checksums = [{
      algorithm: integrity.algorithm.toUpperCase(),
      checksumValue: integrity.hexDigest(),
    }]
  }
  return pkg
}

const toSpdxRelationship = (node, edge) => {
  let type
  switch (edge.type) {
    case 'peer':
      type = REL_PREREQ
      break
    case 'optional':
      type = REL_OPTIONAL
      break
    case 'dev':
      type = REL_DEV
      break
    default:
      type = REL_DEP
  }

  return {
    spdxElementId: toSpdxID(edge.to),
    relatedSpdxElement: toSpdxID(node),
    relationshipType: type,
  }
}

const toSpdxID = (node) => {
  let name = node.packageName

  // Strip leading @ for scoped packages
  name = name.replace(/^@/, '')

  // Replace slashes with dots
  name = name.replace(/\//g, '.')

  return `SPDXRef-Package-${name}-${node.version}`
}

const isGitNode = (node) => {
  if (!node.resolved) {
    return
  }

  try {
    const { type } = npa(node.resolved)
    return type === 'git' || type === 'hosted'
  } catch (err) {
    /* istanbul ignore next */
    return false
  }
}

module.exports = { spdxOutput }

[ Back ]

NAME	SIZE	LAST TOUCH	USER	CAN-I?
..	--	16 Mar 2026 5.04 PM	root / root	0755

audit-error.js	1.021 KB	17 Jan 2026 1.16 AM	root / root	0644
auth.js	3.214 KB	17 Jan 2026 1.16 AM	root / root	0644
cmd-list.js	2.89 KB	17 Jan 2026 1.16 AM	root / root	0644
completion.fish	1.559 KB	17 Jan 2026 1.16 AM	root / root	0644
completion.sh	1.854 KB	17 Jan 2026 1.16 AM	root / root	0755
did-you-mean.js	1.16 KB	17 Jan 2026 1.16 AM	root / root	0644
display.js	15.38 KB	17 Jan 2026 1.16 AM	root / root	0644
error-message.js	14.795 KB	17 Jan 2026 1.16 AM	root / root	0644
explain-dep.js	3.03 KB	17 Jan 2026 1.16 AM	root / root	0644
explain-eresolve.js	2.556 KB	17 Jan 2026 1.16 AM	root / root	0644
format-bytes.js	0.614 KB	17 Jan 2026 1.16 AM	root / root	0644
format-search-stream.js	4.695 KB	17 Jan 2026 1.16 AM	root / root	0644
format.js	1.911 KB	17 Jan 2026 1.16 AM	root / root	0644
get-identity.js	0.783 KB	17 Jan 2026 1.16 AM	root / root	0644
get-workspaces.js	1.707 KB	17 Jan 2026 1.16 AM	root / root	0644
installed-deep.js	1.103 KB	17 Jan 2026 1.16 AM	root / root	0644
installed-shallow.js	0.569 KB	17 Jan 2026 1.16 AM	root / root	0644
is-windows.js	0.173 KB	17 Jan 2026 1.16 AM	root / root	0644
log-file.js	7.784 KB	17 Jan 2026 1.16 AM	root / root	0644
npm-usage.js	2.016 KB	17 Jan 2026 1.16 AM	root / root	0644
open-url.js	2.357 KB	17 Jan 2026 1.16 AM	root / root	0644
output-error.js	0.749 KB	17 Jan 2026 1.16 AM	root / root	0644
ping.js	0.256 KB	17 Jan 2026 1.16 AM	root / root	0644
queryable.js	9.556 KB	17 Jan 2026 1.16 AM	root / root	0644
read-user-info.js	1.91 KB	17 Jan 2026 1.16 AM	root / root	0644
reify-finish.js	0.865 KB	17 Jan 2026 1.16 AM	root / root	0644
reify-output.js	5.652 KB	17 Jan 2026 1.16 AM	root / root	0644
sbom-cyclonedx.js	5.206 KB	17 Jan 2026 1.16 AM	root / root	0644
sbom-spdx.js	4.586 KB	17 Jan 2026 1.16 AM	root / root	0644
tar.js	3.469 KB	17 Jan 2026 1.16 AM	root / root	0644
timers.js	2.07 KB	17 Jan 2026 1.16 AM	root / root	0644
update-workspaces.js	0.989 KB	17 Jan 2026 1.16 AM	root / root	0644
validate-lockfile.js	0.999 KB	17 Jan 2026 1.16 AM	root / root	0644
verify-signatures.js	11.939 KB	17 Jan 2026 1.16 AM	root / root	0644

GRAYBYTE WORDPRESS FILE MANAGER @ 2026 CONTACT ME