feat: public export of type PackageJson

jkowalleck · jkowalleck · commit 88e1ef2c8cf7 · 2025-07-13T20:03:04.000+02:00
Signed-off-by: Jan Kowalleck &lt;jan.kowalleck@gmail.com&gt;
diff --git a/src/_helpers/packageJson.ts b/src/_helpers/packageJson.ts
@@ -33,34 +33,3 @@ export function splitNameGroup (data: string): [string, string?] {
     : [data, undefined]
 }
 
-/**
- * Intended to represent normalized data structures
- * based on [PackageJson spec](https://github.com/SchemaStore/schemastore/blob/master/src/schemas/json/package.json)
- * and explained by [PackageJson description](https://docs.npmjs.com/cli/v9/configuring-npm/package-json).
- * Normalization should be done downstream, for example via [`normalize-package-data`](https://www.npmjs.com/package/normalize-package-data).
- */
-export interface PackageJson {
-  name?: string
-  version?: string
-  description?: string
-  license?: string
-  licenses?: Array<{
-    type?: string
-    url?: string
-  }>
-  author?: string | {
-    name?: string
-    email?: string
-  }
-  bugs?: string | {
-    url?: string
-  }
-  homepage?: string
-  repository?: string | {
-    type?: string
-    url?: string
-    directory?: string
-  }
-  // ... to be continued
-  dist?: any // see https://github.com/CycloneDX/cyclonedx-node-npm/issues/1300
-}
diff --git a/src/builders/fromNodePackageJson.node.ts b/src/builders/fromNodePackageJson.node.ts
@@ -26,14 +26,14 @@ Copyright (c) OWASP Foundation. All Rights Reserved.
  * Normalization should be done downstream, for example via [`normalize-package-data`](https://www.npmjs.com/package/normalize-package-data).
  */
 
-import type { PackageJson } from '../_helpers/packageJson'
 import { splitNameGroup } from '../_helpers/packageJson'
 import { ComponentType } from '../enums/componentType'
 import type * as Factories from '../factories/index.node'
 import { Component } from '../models/component'
 import { ExternalReferenceRepository } from '../models/externalReference'
 import { LicenseRepository } from '../models/license'
 import { Tool } from '../models/tool'
+import type { PackageJson } from '../types/packageJson'
 
 /**
  * Node-specific ToolBuilder.
diff --git a/src/factories/fromNodePackageJson.node.ts b/src/factories/fromNodePackageJson.node.ts
@@ -31,12 +31,12 @@ import { PurlQualifierNames } from 'packageurl-js'
 
 import { tryCanonicalizeGitUrl } from "../_helpers/gitUrl"
 import { isNotUndefined } from '../_helpers/notUndefined'
-import type { PackageJson } from '../_helpers/packageJson'
 import { ExternalReferenceType } from '../enums/externalReferenceType'
 import { HashAlgorithm } from "../enums/hashAlogorithm";
 import type { Component } from '../models/component'
 import { ExternalReference } from '../models/externalReference'
 import { HashDictionary } from '../models/hash'
+import type { PackageJson } from '../types/packageJson'
 import { defaultRegistryMatcher, parsePackageIntegrity } from '../utils/npmjsUtility.node'
 import { PackageUrlFactory as PlainPackageUrlFactory } from './packageUrl'
 
diff --git a/src/types/index.ts b/src/types/index.ts
@@ -21,3 +21,6 @@ export * from './cpe'
 export * from './cwe'
 export * from './integer'
 export * from './mimeType'
+
+// yes, this is node-specific, but who cares - these are just types
+export type * from './packageJson'
diff --git a/src/types/packageJson.ts b/src/types/packageJson.ts
@@ -0,0 +1,59 @@
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+
+/**
+ * Intended to represent normalized data structures
+ * based on [PackageJson spec](https://github.com/SchemaStore/schemastore/blob/master/src/schemas/json/package.json)
+ * and explained by [PackageJson description](https://docs.npmjs.com/cli/v9/configuring-npm/package-json).
+ *
+ * Normalization should be done downstream, for example
+ * via [`normalize-package-data`](https://www.npmjs.com/package/normalize-package-data).
+ */
+export interface PackageJson {
+  name?: string
+  version?: string
+  description?: string
+  license?: string
+  licenses?: Array<{
+    type?: string
+    url?: string
+  }>
+  author?: string | {
+    name?: string
+    email?: string
+  }
+  bugs?: string | {
+    url?: string
+  }
+  homepage?: string
+  repository?: string | {
+    type?: string
+    url?: string
+    directory?: string
+  }
+  // ... to be continued
+  dist?: any // see https://github.com/CycloneDX/cyclonedx-node-npm/issues/1300
+}
+
+
+/* TODO: write type assertion
+export function isPackageJsonNode (value: any): value is PackageJsonNode {
+  return...
+}
+*/
