/**
 * Dependency Scanner - Detects vulnerable or disallowed dependencies based on
 * locally available metadata (package-lock.json) without requiring network
 * access. This provides deterministic findings in CI while still encouraging
 * upgrades away from well-known CVEs.
 */
import type { SecurityScanner, SecurityFinding, ScanContext, SeverityLevel } from '../types.js';
interface DependencyScannerConfig {
    enabled: boolean;
    severityThreshold: SeverityLevel;
    checkLicenses: boolean;
    allowedLicenses?: string[];
}
export declare class DependencyScanner implements SecurityScanner {
    name: string;
    private config;
    private severityThreshold;
    constructor(config: DependencyScannerConfig);
    scan(context: ScanContext): Promise<SecurityFinding[]>;
    isEnabled(): boolean;
    private loadDependencies;
    private collectFromDependencies;
    private inferNameFromPath;
    private evaluateVulnerabilities;
    private evaluateLicenses;
    private normalizeLicense;
    private isVersionLessThan;
    private severityAllowed;
}
export {};
//# sourceMappingURL=DependencyScanner.d.ts.map