herodevs · rlmestre · Aug 5, 2025 · Aug 5, 2025
diff --git a/README.md b/README.md
@@ -14,7 +14,7 @@ npm install github:herodevs/eol-shared
 
 ## API
 
-### [`spdxToCdxBom(spdxBom: SPDX23): CdxBom`](./src/spdx-to-cdx.mts#L61)
+### [`spdxToCdxBom(spdxBom: SPDX23): CdxBom`](./src/spdx-to-cdx.ts#L61)
 
 Converts an SPDX BOM to CycloneDX format. This conversion takes the most important package and relationship data from SPDX and translates them into CycloneDX components and dependencies as closely as possible.
 
@@ -31,7 +31,7 @@ const cdxBom: CdxBom = spdxToCdxBom(spdxBom);
 **Parameters**: `spdxBom` - The SPDX BOM object to convert  
 **Returns**: A CycloneDX BOM object
 
-### [`xmlStringToJSON(xmlString: string): CdxBom`](./src/cdx-xml-to-json.mts#L161)
+### [`xmlStringToJSON(xmlString: string): CdxBom`](./src/cdx-xml-to-json.ts#L161)
 
 Converts a CycloneDX XML string to a JSON object. The CycloneDX spec does not change between formats, so conversion from XML to JSON is lossless.
 
@@ -46,7 +46,7 @@ const jsonBom: CdxBom = xmlStringToJSON(xmlString);
 **Parameters**: `xmlString` - The XML string to parse  
 **Returns**: The parsed CycloneDX BOM object
 
-### [`trimCdxBom(cdxBom: CdxBom): CdxBom`](./src/trim-cdx-bom.mts#L3)
+### [`trimCdxBom(cdxBom: CdxBom): CdxBom`](./src/trim-cdx-bom.ts#L3)
 
 Creates a trimmed copy of a CycloneDX BOM by removing SBOM data not necessary for EOL scanning:
 

diff --git a/package.json b/package.json
@@ -15,13 +15,13 @@
   ],
   "exports": {
     ".": {
-      "import": "./dist/index.mjs",
-      "require": "./dist/index.mjs",
-      "types": "./dist/index.d.mts"
+      "import": "./dist/index.js",
+      "require": "./dist/index.js",
+      "types": "./dist/index.d.ts"
     }
   },
-  "main": "./dist/index.mjs",
-  "types": "./dist/index.d.mts",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/herodevs/eol-shared.git"

diff --git a/src/bom/validation.mts → src/bom/validation.ts b/src/bom/validation.mts → src/bom/validation.ts
@@ -1,5 +1,5 @@
 import type { SPDX23 } from '../types/bom/spdx-2.3.schema.ts';
-import type { CdxBom, SupportedBom } from '../types/index.mjs';
+import type { CdxBom, SupportedBom } from '../types/index.js';
 
 function parseBomOrString(bomOrString: string | object): SupportedBom | null {
   if (typeof bomOrString === 'string') {

diff --git a/src/cdx-xml-to-json.test.mts → src/cdx-xml-to-json.test.ts b/src/cdx-xml-to-json.test.mts → src/cdx-xml-to-json.test.ts
@@ -1,7 +1,7 @@
 import { test, describe } from 'node:test';
 import { strict as assert } from 'node:assert';
 import { readFile } from 'node:fs/promises';
-import { xmlStringToJSON } from './cdx-xml-to-json.mts';
+import { xmlStringToJSON } from './cdx-xml-to-json.ts';
 
 describe('CycloneDX XML to JSON Converter', () => {
   test('should convert CycloneDX 1.4 XML to JSON with correct structure', async () => {

diff --git a/src/cdx-xml-to-json.mts → src/cdx-xml-to-json.ts b/src/cdx-xml-to-json.mts → src/cdx-xml-to-json.ts
@@ -1,5 +1,5 @@
 import { XMLParser } from 'fast-xml-parser';
-import type { CdxBom } from './index.mts';
+import type { CdxBom } from './index.ts';
 
 const COLLECTION_KEYS = [
   'tools',

diff --git a/src/eol/utils.test.mts → src/eol/utils.test.ts b/src/eol/utils.test.mts → src/eol/utils.test.ts
@@ -1,7 +1,7 @@
 import { test, describe } from 'node:test';
 import { strict as assert } from 'node:assert';
-import { deriveComponentStatus } from './utils.mts';
-import type { EolScanComponentMetadata } from '../types/eol-scan.mts';
+import { deriveComponentStatus } from './utils.ts';
+import type { EolScanComponentMetadata } from '../types/eol-scan.ts';
 
 describe('deriveComponentStatus', () => {
   test('should return UNKNOWN when there is no metadata', () => {

diff --git a/src/eol/utils.mts → src/eol/utils.ts b/src/eol/utils.mts → src/eol/utils.ts
@@ -1,9 +1,9 @@
 import { PackageURL } from 'packageurl-js';
-import type { CdxBom } from '../types/index.mjs';
+import type { CdxBom } from '../types/index.js';
 import type {
   ComponentStatus,
   EolScanComponentMetadata,
-} from '../types/eol-scan.mjs';
+} from '../types/eol-scan.js';
 
 export function deriveComponentStatus(
   metadata: EolScanComponentMetadata | null,

diff --git a/src/index.mts → src/index.ts b/src/index.mts → src/index.ts
@@ -1,7 +1,7 @@
-export { xmlStringToJSON } from './cdx-xml-to-json.mjs';
-export { trimCdxBom } from './trim-cdx-bom.mjs';
-export { spdxToCdxBom } from './spdx-to-cdx.mjs';
-export { deriveComponentStatus, extractPurlsFromCdxBom } from './eol/utils.mjs';
+export { xmlStringToJSON } from './cdx-xml-to-json.js';
+export { trimCdxBom } from './trim-cdx-bom.js';
+export { spdxToCdxBom } from './spdx-to-cdx.js';
+export { deriveComponentStatus, extractPurlsFromCdxBom } from './eol/utils.js';
 
 export type {
   ComponentStatus,
@@ -14,7 +14,7 @@ export type {
   EolReportQueryResponse,
   EolReportMutationResponse,
   NesRemediation,
-} from './types/eol-scan.mjs';
+} from './types/eol-scan.js';
 
 export type {
   CdxBom,
@@ -25,7 +25,7 @@ export type {
   License,
   SPDX23,
   SupportedBom,
-} from './types/index.mjs';
+} from './types/index.js';
 
-export { ComponentScope } from './types/index.mjs';
-export { isCdxBom, isSpdxBom, isSupportedBom } from './bom/validation.mjs';
+export { ComponentScope } from './types/index.js';
+export { isCdxBom, isSpdxBom, isSupportedBom } from './bom/validation.js';
diff --git a/src/spdx-to-cdx.test.mts → src/spdx-to-cdx.test.ts b/src/spdx-to-cdx.test.mts → src/spdx-to-cdx.test.ts
@@ -1,8 +1,8 @@
 import { test, describe } from 'node:test';
 import { strict as assert } from 'node:assert';
-import { spdxToCdxBom } from './spdx-to-cdx.mts';
+import { spdxToCdxBom } from './spdx-to-cdx.ts';
 import type { SPDX23 } from './types/bom/spdx-2.3.schema.js';
-import type { Component, Dependency } from './types/index.mts';
+import type { Component, Dependency } from './types/index.ts';
 
 function buildSpdxAndConvert(spdx: Partial<SPDX23>) {
   const baseSpdx: SPDX23 = {

diff --git a/src/spdx-to-cdx.mts → src/spdx-to-cdx.ts b/src/spdx-to-cdx.mts → src/spdx-to-cdx.ts
diff --git a/src/trim-cdx-bom.test.mts → src/trim-cdx-bom.test.ts b/src/trim-cdx-bom.test.mts → src/trim-cdx-bom.test.ts
@@ -1,7 +1,7 @@
 import { test, describe } from 'node:test';
 import { strict as assert } from 'node:assert';
-import { trimCdxBom } from './trim-cdx-bom.mts';
-import type { CdxBom } from './types/index.mts';
+import { trimCdxBom } from './trim-cdx-bom.ts';
+import type { CdxBom } from './types/index.ts';
 import { Enums } from '@cyclonedx/cyclonedx-library';
 
 describe('trimCdxBom', () => {

diff --git a/src/trim-cdx-bom.mts → src/trim-cdx-bom.ts b/src/trim-cdx-bom.mts → src/trim-cdx-bom.ts
@@ -1,4 +1,4 @@
-import type { CdxBom } from './types/index.mts';
+import type { CdxBom } from './types/index.ts';
 
 /**
  * Creates a trimmed copy of a CycloneDX BOM by removing SBOM data not necessary for EOL scanning.

diff --git a/src/types/eol-scan.mts → src/types/eol-scan.ts b/src/types/eol-scan.mts → src/types/eol-scan.ts
@@ -1,4 +1,4 @@
-import type { CdxBom } from './index.mjs';
+import type { CdxBom } from './index.js';
 
 export interface CveStats {
   cveId: string;

diff --git a/src/types/index.mts → src/types/index.ts b/src/types/index.mts → src/types/index.ts