github

package

v0.41.6 Latest Latest Go to latest Published: Mar 16, 2022 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/anchore/syft

Links

Open Source Insights

Documentation ¶

Constants ¶

View Source

const ID sbom.FormatID = "github-0-json"

Variables ¶

This section is empty.

Functions ¶

func Format ¶

func Format() sbom.Format

Types ¶

type DependencyGraph ¶

type DependencyGraph map[string]DependencyNode

type DependencyNode ¶

type DependencyNode struct {
	Purl         string                 `json:"purl,omitempty"`
	Metadata     Metadata               `json:"metadata,omitempty"`
	Relationship DependencyRelationship `json:"relationship,omitempty"`
	Scope        DependencyScope        `json:"scope,omitempty"`
	Dependencies []string               `json:"dependencies,omitempty"`
}

type DependencyRelationship ¶

type DependencyRelationship string

DependencyRelationship A notation of whether a dependency is requested directly by this manifest, or is a dependency of another dependency.

const (
	DependencyRelationshipDirect   DependencyRelationship = "direct"
	DependencyRelationshipIndirect DependencyRelationship = "indirect"
)

type DependencyScope ¶

type DependencyScope string

DependencyScope A notation of whether the dependency is required for the primary build artifact (runtime), or is only used for development. Future versions of this specification may allow for more granular scopes, like `runtimeserver`, `runtimeshipped`, `developmenttest`, `developmentbenchmark`.

const (
	DependencyScopeRuntime     DependencyScope = "runtime"
	DependencyScopeDevelopment DependencyScope = "development"
)

type DependencySnapshot ¶

type DependencySnapshot struct {
	Version   int              `json:"version"`
	Job       Job              `json:"job,omitempty"` // !omitempty
	Sha       string           `json:"sha,omitempty"` // !omitempty sha of the Git commit
	Ref       string           `json:"ref,omitempty"` // !omitempty ref of the Git commit example "refs/heads/main"
	Detector  DetectorMetadata `json:"detector,omitempty"`
	Metadata  Metadata         `json:"metadata,omitempty"`
	Manifests Manifests        `json:"manifests,omitempty"`
	Scanned   ISO8601Date      `json:"scanned,omitempty"`
}

type DetectorMetadata ¶

type DetectorMetadata struct {
	Name    string `json:"name,omitempty"`
	URL     string `json:"url,omitempty"`
	Version string `json:"version,omitempty"`
}

type FileInfo ¶

type FileInfo struct {
	SourceLocation string `json:"source_location,omitempty"`
}

type ISO8601Date ¶

type ISO8601Date = string

type Job ¶

type Job struct {
	Name    string `json:"name,omitempty"` // !omitempty
	ID      string `json:"id,omitempty"`   // !omitempty
	HTMLURL string `json:"html_url,omitempty"`
}

type Manifest ¶

type Manifest struct {
	Name     string          `json:"name"`
	File     FileInfo        `json:"file"`
	Metadata Metadata        `json:"metadata,omitempty"`
	Resolved DependencyGraph `json:"resolved,omitempty"`
}

Manifest A collection of related dependencies, either declared in a file, or representing a logical group of dependencies.

type Manifests ¶

type Manifests map[string]Manifest

type Metadata ¶

type Metadata map[string]Scalar

type Scalar ¶

type Scalar interface{} // should be: null | boolean | string | number

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL