pkg

package
v0.38.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 23, 2022 License: Apache-2.0 Imports: 33 Imported by: 18

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Provide

func Provide(userInput string, config ProviderConfig) ([]Package, Context, error)

Provide a set of packages and context metadata describing where they were sourced from.

Types

type Context

type Context struct {
	Source *source.Metadata
	Distro *linux.Release
}

type Digest added in v0.35.0

type Digest struct {
	Algorithm string `json:"algorithm"`
	Value     string `json:"value"`
}

type ID

type ID string

ID represents a unique value for each package added to a package catalog.

type JavaMetadata

type JavaMetadata struct {
	VirtualPath    string   `json:"virtualPath"`
	PomArtifactID  string   `json:"pomArtifactID"`
	PomGroupID     string   `json:"pomGroupID"`
	ManifestName   string   `json:"manifestName"`
	ArchiveDigests []Digest `json:"archiveDigests"`
}

type MetadataType added in v0.33.0

type MetadataType string

MetadataType represents the data shape stored within pkg.Package.Metadata.

const (
	UnknownMetadataType MetadataType = "UnknownMetadata"
	JavaMetadataType    MetadataType = "JavaMetadata"
	RpmdbMetadataType   MetadataType = "RpmdbMetadata"
)

type Package

type Package struct {
	ID           ID
	Name         string             // the package name
	Version      string             // the version of the package
	Locations    source.LocationSet // the locations that lead to the discovery of this package (note: this is not necessarily the locations that make up this package)
	Language     pkg.Language       // the language ecosystem this package belongs to (e.g. JavaScript, Python, etc)
	Licenses     []string
	Type         pkg.Type  // the package type (e.g. Npm, Yarn, Python, Rpm, Deb, etc)
	CPEs         []pkg.CPE // all possible Common Platform Enumerators
	PURL         string    // the Package URL (see https://github.com/package-url/purl-spec)
	Upstreams    []UpstreamPackage
	MetadataType MetadataType
	Metadata     interface{} // This is NOT 1-for-1 the syft metadata! Only the select data needed for vulnerability matching
}

Package represents an application or library that has been bundled into a distributable format.

func ByID

func ByID(id ID, pkgs []Package) *Package

func FromCatalog

func FromCatalog(catalog *pkg.Catalog, config ProviderConfig) []Package

func New

func New(p pkg.Package) Package

func UpstreamPackages added in v0.33.0

func UpstreamPackages(p Package) (pkgs []Package)

func (Package) String

func (p Package) String() string

Stringer to represent a package.

type ProviderConfig added in v0.30.0

type ProviderConfig struct {
	RegistryOptions               *image.RegistryOptions
	Exclusions                    []string
	CatalogingOptions             cataloger.Config
	GenerateMissingCPEs           bool
	Platform                      string
	AttestationPublicKey          string
	AttestationIgnoreVerification bool
}

type RpmdbMetadata

type RpmdbMetadata struct {
	Epoch *int `json:"epoch"`
}

type UpstreamPackage added in v0.33.0

type UpstreamPackage struct {
	Name    string // the package name
	Version string // the version of the package
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL