import type { Warning, WarningDefault } from "@nodesecure/js-x-ray";
import * as Vulnera from "@nodesecure/vulnera";
import type { PackageModuleType } from "@nodesecure/mama";
import type { SpdxFileLicenseConformance } from "@nodesecure/conformance";
import type { IlluminatedContact } from "@nodesecure/contact";
import type { Contact } from "@nodesecure/npm-types";
export type Maintainer = Contact & {
    /**
     * Path to publisher's avatar on "https://www.npmjs.com"
     * @example /npm-avatar/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.LwimMJA3puF3ioGeS-tfczR3370GXBZMIL-bdpu4hOU
     */
    npmAvatar?: string;
};
export type Publisher = Omit<Maintainer, "url"> & {
    /**
     * First version published.
     */
    version: string;
    /**
     * Date of the first publication
     * @example 2021-08-10T20:45:08.342Z
     */
    at: string;
};
export interface DependencyLinks {
    /** NPM Registry page */
    npm: string;
    /** Homepage URL */
    homepage?: string;
    /** VCS repository URL */
    repository?: string;
}
export interface Engines {
    node?: string;
    npm?: string;
}
export interface Repository {
    type: string;
    url: string;
}
export interface DependencyVersion {
    /** Id of the package (useful for usedBy relation) */
    id: number;
    type: PackageModuleType;
    isDevDependency: boolean;
    /**
     * Tell if the given package exist on the configured remote registry (npm by default)
     * @default true
     */
    existOnRemoteRegistry: boolean;
    /** By whom (id) is used the package */
    usedBy: Record<string, string>;
    /** Size on disk of the extracted tarball (in bytes) */
    size: number;
    /** Count of dependencies */
    dependencyCount: number;
    /** Package description */
    description: string;
    /** Author of the package. This information is not trustable and can be empty. */
    author: Maintainer | null;
    engines: Engines;
    repository?: Repository;
    scripts: Record<string, string>;
    /**
     * JS-X-Ray warnings
     *
     * @see https://github.com/NodeSecure/js-x-ray/blob/master/WARNINGS.md
     */
    warnings: Warning<WarningDefault>[];
    alias: Record<string, string>;
    /** Tarball composition (files and dependencies) */
    composition: {
        /** Files extensions (.js, .md, .exe etc..) */
        extensions: string[];
        files: string[];
        /** Minified files (foo.min.js etc..) */
        minified: string[];
        required_files: string[];
        required_thirdparty: string[];
        required_nodejs: string[];
        required_subpath: string[];
        unused: string[];
        missing: string[];
    };
    /**
     * All Licenses with their SPDX conformance
     */
    licenses: SpdxFileLicenseConformance[];
    uniqueLicenseIds: string[];
    /**
     * Flags (Array of string)
     *
     * @see https://github.com/NodeSecure/flags/blob/main/FLAGS.md
     */
    flags: string[];
    /**
     * If the dependency is a GIT repository
     */
    gitUrl: null | string;
    /**
     * Version MD5 integrity hash
     * Generated by the scanner to verify manifest/tarball confusion
     *
     * (Not supported on GIT dependency)
     */
    integrity?: string;
    links?: DependencyLinks;
    deprecated?: string;
}
export interface Dependency {
    /** NPM Registry metadata */
    metadata: {
        /** Number of releases published on npm */
        publishedCount: number;
        lastUpdateAt: Date;
        /** Last version SemVer */
        lastVersion: string;
        hasChangedAuthor: boolean;
        hasManyPublishers: boolean;
        hasReceivedUpdateInOneYear: boolean;
        /** Author of the package. This information is not trustable and can be empty. */
        author: Maintainer | null;
        /** Package home page */
        homepage: string | null;
        /**
         * List of maintainers (list of people in the organization related to the package)
         */
        maintainers: Maintainer[];
        /**
         * List of people who published this package
         */
        publishers: Publisher[];
        /**
         * Version MD5 integrity hash
         * Generated by the scanner to verify manifest/tarball confusion
         */
        integrity: Record<string, string>;
    };
    /** List of versions of this package available in the dependency tree (In the payload) */
    versions: Record<string, DependencyVersion>;
    /**
     * Vulnerabilities fetched dependending on the selected vulnerabilityStrategy
     *
     * @see https://github.com/NodeSecure/vuln
     */
    vulnerabilities: Vulnera.StandardVulnerability[];
}
export type Dependencies = Record<string, Dependency>;
export interface Payload {
    /** Payload unique id */
    id: string;
    /** Name of the analyzed package */
    rootDependencyName: string;
    /** Global warnings list */
    warnings: string[];
    highlighted: {
        contacts: IlluminatedContact[];
    };
    /** All the dependencies of the package (flattened) */
    dependencies: Dependencies;
    /** Version of the scanner used to generate the result */
    scannerVersion: string;
    /** Vulnerability strategy name (npm, snyk, node) */
    vulnerabilityStrategy: Vulnera.Kind;
}
export interface Options {
    /**
     * Maximum tree depth
     *
     * @default 4
     */
    readonly maxDepth?: number;
    readonly registry?: string | URL;
    /**
     * Enables the use of Arborist for rapidly walking over the dependency tree.
     * When enabled, it triggers different methods based on the presence of `node_modules`:
     * - `loadActual()` if `node_modules` is available.
     * - `loadVirtual()` otherwise.
     *
     * When disabled, it will iterate on all dependencies by using pacote
     */
    packageLock?: {
        /**
         * Fetches all manifests for additional metadata.
         * This option is useful only when `usePackageLock` is enabled.
         *
         * @default false
         */
        fetchManifest?: boolean;
        /**
         * Specifies the location of the manifest file for Arborist.
         * This is typically the path to the `package.json` file.
         */
        location: string;
    };
    highlight?: {
        contacts: Contact[];
    };
    /**
     * Include project devDependencies (only available for cwd command)
     *
     * @default false
     */
    readonly includeDevDeps?: boolean;
    /**
     * Vulnerability strategy name (npm, snyk, node)
     *
     * @default NONE
     */
    readonly vulnerabilityStrategy?: Vulnera.Kind;
    /**
     * Analyze root package.
     *
     * @default false for from() API
     * @default true  for cwd()  API
     */
    readonly scanRootNode?: boolean;
}
//# sourceMappingURL=types.d.ts.map