pkg

package
v0.74.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 7, 2024 License: Apache-2.0 Imports: 28 Imported by: 18

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Provide

func Provide(userInput string, config ProviderConfig) ([]Package, Context, *sbom.SBOM, error)

Provide a set of packages and context metadata describing where they were sourced from.

Types

type ApkFileRecord added in v0.74.0

type ApkFileRecord struct {
	Path string `json:"path"`
}

ApkFileRecord represents a single file listing and metadata from a APK DB entry (which may have many of these file records).

type ApkMetadata added in v0.17.1

type ApkMetadata struct {
	Files []ApkFileRecord `json:"files"`
}

type Context

type Context struct {
	Source *source.Description
	Distro *linux.Release
}

type Digest added in v0.35.0

type Digest struct {
	Algorithm string `json:"algorithm"`
	Value     string `json:"value"`
}

type GolangBinMetadata added in v0.43.0

type GolangBinMetadata struct {
	BuildSettings     pkg.KeyValues `json:"goBuildSettings,omitempty" cyclonedx:"goBuildSettings"`
	GoCompiledVersion string        `json:"goCompiledVersion" cyclonedx:"goCompiledVersion"`
	Architecture      string        `json:"architecture" cyclonedx:"architecture"`
	H1Digest          string        `json:"h1Digest,omitempty" cyclonedx:"h1Digest"`
	MainModule        string        `json:"mainModule,omitempty" cyclonedx:"mainModule"`
	GoCryptoSettings  []string      `json:"goCryptoSettings,omitempty" cyclonedx:"goCryptoSettings"`
}

type GolangModMetadata added in v0.56.0

type GolangModMetadata struct {
	H1Digest string `json:"h1Digest,omitempty"`
}

type ID

type ID string

ID represents a unique value for each package added to a package collection.

type JavaMetadata

type JavaMetadata struct {
	VirtualPath    string   `json:"virtualPath"`
	PomArtifactID  string   `json:"pomArtifactID"`
	PomGroupID     string   `json:"pomGroupID"`
	ManifestName   string   `json:"manifestName"`
	ArchiveDigests []Digest `json:"archiveDigests"`
}

type Package

type Package struct {
	ID        ID
	Name      string           // the package name
	Version   string           // the version of the package
	Locations file.LocationSet // the locations that lead to the discovery of this package (note: this is not necessarily the locations that make up this package)
	Language  pkg.Language     // the language ecosystem this package belongs to (e.g. JavaScript, Python, etc)
	Licenses  []string
	Type      pkg.Type  // the package type (e.g. Npm, Yarn, Python, Rpm, Deb, etc)
	CPEs      []cpe.CPE // all possible Common Platform Enumerators
	PURL      string    // the Package URL (see https://github.com/package-url/purl-spec)
	Upstreams []UpstreamPackage
	Metadata  interface{} // This is NOT 1-for-1 the syft metadata! Only the select data needed for vulnerability matching
}

Package represents an application or library that has been bundled into a distributable format.

func ByID

func ByID(id ID, pkgs []Package) *Package

func FromCollection added in v0.62.0

func FromCollection(catalog *pkg.Collection, config SynthesisConfig) []Package

func FromPackages added in v0.54.0

func FromPackages(syftpkgs []pkg.Package, config SynthesisConfig) []Package

func New

func New(p pkg.Package) Package

func UpstreamPackages added in v0.33.0

func UpstreamPackages(p Package) (pkgs []Package)

func (Package) String

func (p Package) String() string

Stringer to represent a package.

type ProviderConfig added in v0.30.0

type ProviderConfig struct {
	SyftProviderConfig
	SynthesisConfig
}

type RpmMetadata added in v0.50.0

type RpmMetadata struct {
	Epoch           *int    `json:"epoch"`
	ModularityLabel *string `json:"modularityLabel"`
}

type SyftProviderConfig added in v0.54.0

type SyftProviderConfig struct {
	SBOMOptions            *syft.CreateSBOMConfig
	RegistryOptions        *image.RegistryOptions
	Platform               string
	Exclusions             []string
	Name                   string
	DefaultImagePullSource string
}

type SynthesisConfig added in v0.54.0

type SynthesisConfig struct {
	GenerateMissingCPEs bool
}

type UpstreamPackage added in v0.33.0

type UpstreamPackage struct {
	Name    string // the package name
	Version string // the version of the package
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL