Documentation
¶
Overview ¶
Package pkg provides the data structures for a package, a package catalog, package types, and domain-specific metadata.
Index ¶
- Constants
- Variables
- type ApkFileRecord
- type ApkMetadata
- type CPE
- type Catalog
- func (c *Catalog) Add(p Package)
- func (c *Catalog) Enumerate(types ...Type) <-chan *Package
- func (c *Catalog) Package(id ID) *Package
- func (c *Catalog) PackageCount() int
- func (c *Catalog) Packages(ids []ID) (result []*Package)
- func (c *Catalog) PackagesByPath(path string) []*Package
- func (c *Catalog) Remove(id ID)
- func (c *Catalog) Sorted(types ...Type) []*Package
- type DpkgFileRecord
- type DpkgMetadata
- type GemMetadata
- type ID
- type JavaManifest
- type JavaMetadata
- type Language
- type MetadataType
- type NpmPackageJSONMetadata
- type Package
- type PomProperties
- type PythonFileDigest
- type PythonFileRecord
- type PythonPackageMetadata
- type Relationship
- type RelationshipType
- type RpmdbFileMode
- type RpmdbFileRecord
- type RpmdbMetadata
- type Type
Constants ¶
const ApkDbGlob = "**/lib/apk/db/installed"
const DpkgDbGlob = "**/var/lib/dpkg/status"
const RpmDbGlob = "**/var/lib/rpm/Packages"
Variables ¶
var AllLanguages = []Language{ Java, JavaScript, Python, Ruby, Go, }
AllLanguages is a set of all programming languages detected by syft.
var AllPkgs = []Type{ ApkPkg, GemPkg, DebPkg, RpmPkg, NpmPkg, PythonPkg, JavaPkg, JenkinsPluginPkg, GoModulePkg, }
AllPkgs represents all supported package types
Functions ¶
This section is empty.
Types ¶
type ApkFileRecord ¶
type ApkFileRecord struct {
Path string `json:"path"`
OwnerUID string `json:"ownerUid,omitempty"`
OwnerGID string `json:"ownerGid,omitempty"`
Permissions string `json:"permissions,omitempty"`
Checksum string `json:"checksum,omitempty"`
}
ApkFileRecord represents a single file listing and metadata from a APK DB entry (which may have many of these file records).
type ApkMetadata ¶
type ApkMetadata struct {
Package string `mapstructure:"P" json:"package"`
OriginPackage string `mapstructure:"o" json:"originPackage"`
Maintainer string `mapstructure:"m" json:"maintainer"`
Version string `mapstructure:"V" json:"version"`
License string `mapstructure:"L" json:"license"`
Architecture string `mapstructure:"A" json:"architecture"`
URL string `mapstructure:"U" json:"url"`
Description string `mapstructure:"T" json:"description"`
Size int `mapstructure:"S" json:"size"`
InstalledSize int `mapstructure:"I" json:"installedSize"`
PullDependencies string `mapstructure:"D" json:"pullDependencies"`
PullChecksum string `mapstructure:"C" json:"pullChecksum"`
GitCommitOfAport string `mapstructure:"c" json:"gitCommitOfApkPort"`
Files []ApkFileRecord `json:"files"`
}
ApkMetadata represents all captured data for a Alpine DB package entry. See the following sources for more information: - https://wiki.alpinelinux.org/wiki/Apk_spec - https://git.alpinelinux.org/apk-tools/tree/src/package.c - https://git.alpinelinux.org/apk-tools/tree/src/database.c
func (ApkMetadata) PackageURL ¶
func (m ApkMetadata) PackageURL() string
PackageURL returns the PURL for the specific Alpine package (see https://github.com/package-url/purl-spec)
type CPE ¶ added in v0.9.0
type CPE = wfn.Attributes
type Catalog ¶
type Catalog struct {
// contains filtered or unexported fields
}
Catalog represents a collection of Packages.
func (*Catalog) Enumerate ¶
Enumerate all packages for the given type(s), enumerating all packages if no type is specified.
func (*Catalog) PackageCount ¶
PackageCount returns the total number of packages that have been added.
func (*Catalog) PackagesByPath ¶ added in v0.13.0
PackagesByPath returns all packages that were discovered from the given path.
type DpkgFileRecord ¶ added in v0.7.0
DpkgFileRecord represents a single file attributed to a debian package.
type DpkgMetadata ¶
type DpkgMetadata struct {
Package string `mapstructure:"Package" json:"package"`
Source string `mapstructure:"Source" json:"source"`
Version string `mapstructure:"Version" json:"version"`
SourceVersion string `mapstructure:"SourceVersion" json:"sourceVersion"`
Architecture string `mapstructure:"Architecture" json:"architecture"`
Maintainer string `mapstructure:"Maintainer" json:"maintainer"`
InstalledSize int `mapstructure:"InstalledSize" json:"installedSize"`
Files []DpkgFileRecord `json:"files"`
}
DpkgMetadata represents all captured data for a Debian package DB entry; available fields are described at http://manpages.ubuntu.com/manpages/xenial/man1/dpkg-query.1.html in the --showformat section.
func (DpkgMetadata) PackageURL ¶
func (m DpkgMetadata) PackageURL(d *distro.Distro) string
PackageURL returns the PURL for the specific Debian package (see https://github.com/package-url/purl-spec)
type GemMetadata ¶ added in v0.2.0
type GemMetadata struct {
Name string `mapstructure:"name" json:"name"`
Version string `mapstructure:"version" json:"version"`
Files []string `mapstructure:"files" json:"files,omitempty"`
Authors []string `mapstructure:"authors" json:"authors,omitempty"`
Licenses []string `mapstructure:"licenses" json:"licenses,omitempty"`
Homepage string `mapstructure:"homepage" json:"homepage,omitempty"`
}
GemMetadata represents all metadata parsed from the gemspec file
type JavaManifest ¶
type JavaManifest struct {
Main map[string]string `json:"main,omitempty"`
NamedSections map[string]map[string]string `json:"namedSections,omitempty"`
}
JavaManifest represents the fields of interest extracted from a Java archive's META-INF/MANIFEST.MF file.
type JavaMetadata ¶
type JavaMetadata struct {
VirtualPath string `json:"virtualPath"`
Manifest *JavaManifest `mapstructure:"Manifest" json:"manifest,omitempty"`
PomProperties *PomProperties `mapstructure:"PomProperties" json:"pomProperties,omitempty"`
Parent *Package `json:"-"`
}
JavaMetadata encapsulates all Java ecosystem metadata for a package as well as an (optional) parent relationship.
func (JavaMetadata) PackageURL ¶
func (m JavaMetadata) PackageURL() string
PackageURL returns the PURL for the specific Alpine package (see https://github.com/package-url/purl-spec)
type MetadataType ¶ added in v0.4.0
type MetadataType string
MetadataType represents the data shape stored within pkg.Package.Metadata.
const ( // this is the full set of data shapes that can be represented within the pkg.Package.Metadata field UnknownMetadataType MetadataType = "UnknownMetadata" ApkMetadataType MetadataType = "ApkMetadata" DpkgMetadataType MetadataType = "DpkgMetadata" GemMetadataType MetadataType = "GemMetadata" JavaMetadataType MetadataType = "JavaMetadata" NpmPackageJSONMetadataType MetadataType = "NpmPackageJsonMetadata" RpmdbMetadataType MetadataType = "RpmdbMetadata" PythonPackageMetadataType MetadataType = "PythonPackageMetadata" )
type NpmPackageJSONMetadata ¶ added in v0.4.0
type NpmPackageJSONMetadata struct {
Files []string `mapstructure:"files" json:"files,omitempty"`
Author string `mapstructure:"author" json:"author"`
Licenses []string `mapstructure:"licenses" json:"licenses"`
Homepage string `mapstructure:"homepage" json:"homepage"`
Description string `mapstructure:"description" json:"description"`
URL string `mapstructure:"url" json:"url"`
}
NpmPackageJSONMetadata holds extra information that is used in pkg.Package
type Package ¶
type Package struct {
ID ID // uniquely identifies a package, set by the cataloger
Name string // the package name
Version string // the version of the package
FoundBy string // the specific cataloger that discovered this package
Locations []source.Location // the locations that lead to the discovery of this package (note: this is not necessarily the locations that make up this package)
// TODO: should we move licenses into metadata?
Licenses []string // licenses discovered with the package metadata
Language Language // the language ecosystem this package belongs to (e.g. JavaScript, Python, etc)
Type Type // the package type (e.g. Npm, Yarn, Python, Rpm, Deb, etc)
CPEs []CPE // all possible Common Platform Enumerators
PURL string // the Package URL (see https://github.com/package-url/purl-spec)
MetadataType MetadataType // the shape of the additional data in the "metadata" field
Metadata interface{} // additional data found while parsing the package source
}
Package represents an application or library that has been bundled into a distributable format.
type PomProperties ¶
type PomProperties struct {
Path string `mapstructure:"path" json:"path"`
Name string `mapstructure:"name" json:"name"`
GroupID string `mapstructure:"groupId" json:"groupId"`
ArtifactID string `mapstructure:"artifactId" json:"artifactId"`
Version string `mapstructure:"version" json:"version"`
Extra map[string]string `mapstructure:",remain" json:"extraFields"`
}
PomProperties represents the fields of interest extracted from a Java archive's pom.xml file.
type PythonFileDigest ¶ added in v0.8.0
PythonFileDigest represents the file metadata for a single file attributed to a python package.
type PythonFileRecord ¶ added in v0.4.0
type PythonFileRecord struct {
Path string `json:"path"`
Digest *PythonFileDigest `json:"digest,omitempty"`
Size string `json:"size,omitempty"`
}
PythonFileRecord represents a single entry within a RECORD file for a python wheel or egg package
type PythonPackageMetadata ¶ added in v0.4.0
type PythonPackageMetadata struct {
Name string `json:"name" mapstruct:"Name"`
Version string `json:"version" mapstruct:"Version"`
License string `json:"license" mapstruct:"License"`
Author string `json:"author" mapstruct:"Author"`
AuthorEmail string `json:"authorEmail" mapstruct:"Authoremail"`
Platform string `json:"platform" mapstruct:"Platform"`
Files []PythonFileRecord `json:"files,omitempty"`
SitePackagesRootPath string `json:"sitePackagesRootPath"`
TopLevelPackages []string `json:"topLevelPackages,omitempty"`
}
PythonPackageMetadata represents all captured data for a python egg or wheel package.
type Relationship ¶ added in v0.13.0
type Relationship struct {
Parent ID
Child ID
Type RelationshipType
Metadata interface{}
}
func NewRelationships ¶ added in v0.13.0
func NewRelationships(catalog *Catalog) []Relationship
TODO: as more relationships are added, this function signature will probably accommodate selection
type RelationshipType ¶ added in v0.13.0
type RelationshipType string
const ( // OwnershipByFileOverlapRelationship indicates that the parent package owns the child package made evident by the set of provided files OwnershipByFileOverlapRelationship RelationshipType = "ownership-by-file-overlap" )
type RpmdbFileMode ¶ added in v0.6.0
type RpmdbFileMode uint16
RpmdbFileMode is the raw file mode for a single file. This can be interpreted as the linux stat.h mode (see https://pubs.opengroup.org/onlinepubs/007908799/xsh/sysstat.h.html)
type RpmdbFileRecord ¶ added in v0.6.0
type RpmdbFileRecord struct {
Path string `json:"path"`
Mode RpmdbFileMode `json:"mode"`
Size int `json:"size"`
SHA256 string `json:"sha256"`
}
RpmdbFileRecord represents the file metadata for a single file attributed to a RPM package.
type RpmdbMetadata ¶ added in v0.4.0
type RpmdbMetadata struct {
Name string `json:"name"`
Version string `json:"version"`
Epoch int `json:"epoch"`
Arch string `json:"architecture"`
Release string `json:"release"`
SourceRpm string `json:"sourceRpm"`
Size int `json:"size"`
License string `json:"license"`
Vendor string `json:"vendor"`
Files []RpmdbFileRecord `json:"files"`
}
RpmdbMetadata represents all captured data for a RPM DB package entry.
func (RpmdbMetadata) PackageURL ¶ added in v0.4.0
func (m RpmdbMetadata) PackageURL(d *distro.Distro) string
PackageURL returns the PURL for the specific RHEL package (see https://github.com/package-url/purl-spec)
type Type ¶
type Type string
Type represents a Package Type for or within a language ecosystem (there may be multiple package types within a language ecosystem)
const ( // the full set of supported packages UnknownPkg Type = "UnknownPackage" ApkPkg Type = "apk" GemPkg Type = "gem" DebPkg Type = "deb" RpmPkg Type = "rpm" NpmPkg Type = "npm" PythonPkg Type = "python" JavaPkg Type = "java-archive" JenkinsPluginPkg Type = "jenkins-plugin" GoModulePkg Type = "go-module" )
func (Type) PackageURLType ¶
PackageURLType returns the PURL package type for the current package.
Source Files