cpe

package

v0.101.1 Latest Latest Go to latest Published: Jan 19, 2024 License: Apache-2.0 Imports: 18 Imported by: 7

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/anchore/syft

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func DictionaryFind(p pkg.Package) (cpe.CPE, bool)
func Generate(p pkg.Package) []cpe.CPE
func GetIndexedDictionary() (_ *dictionary.Indexed, err error)
func GetManifestFieldGroupIDs(manifest *pkg.JavaManifest, fields []string) (groupIDs []string)
func GroupIDsFromJavaMetadata(pkgName string, metadata pkg.JavaArchive) (groupIDs []string)
func GroupIDsFromJavaPackage(p pkg.Package) (groupIDs []string)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	PrimaryJavaManifestGroupIDFields = []string{
		"Bundle-SymbolicName",
		"Extension-Name",
		"Specification-Vendor",
		"Implementation-Vendor",
		"Implementation-Vendor-Id",
		"Implementation-Title",
		"Bundle-Activator",
	}
	SecondaryJavaManifestGroupIDFields = []string{
		"Automatic-Module-Name",
		"Main-Class",
		"Package",
	}
)

View Source

var DefaultArtifactIDToGroupID = map[string]string{}/* 1854 elements not displayed */

Functions ¶

func DictionaryFind ¶ added in v0.86.0

func DictionaryFind(p pkg.Package) (cpe.CPE, bool)

func Generate ¶

func Generate(p pkg.Package) []cpe.CPE

Generate Create a list of CPEs for a given package, trying to guess the vendor, product tuple. We should be trying to generate the minimal set of representative CPEs, which implies that optional fields should not be included (such as target SW).

func GetIndexedDictionary ¶ added in v0.86.0

func GetIndexedDictionary() (_ *dictionary.Indexed, err error)

func GetManifestFieldGroupIDs ¶ added in v0.88.0

func GetManifestFieldGroupIDs(manifest *pkg.JavaManifest, fields []string) (groupIDs []string)

func GroupIDsFromJavaMetadata ¶ added in v0.61.0

func GroupIDsFromJavaMetadata(pkgName string, metadata pkg.JavaArchive) (groupIDs []string)

GroupIDsFromJavaMetadata returns the possible group IDs for a Java package This function is similar to GroupIDFromJavaPackage, but returns all possible group IDs and is less strict It is used as a way to generate possible candidates for CPE matching.

func GroupIDsFromJavaPackage ¶ added in v0.38.0

func GroupIDsFromJavaPackage(p pkg.Package) (groupIDs []string)

Types ¶

This section is empty.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
dictionary
index-generator This program downloads the latest CPE dictionary from NIST and processes it into a JSON file that can be embedded into Syft for more accurate CPE results.	This program downloads the latest CPE dictionary from NIST and processes it into a JSON file that can be embedded into Syft for more accurate CPE results.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL