sbom

package
v0.51.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 11, 2022 License: Apache-2.0 Imports: 13 Imported by: 98

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrEncodingNotSupported   = errors.New("encoding not supported")
	ErrDecodingNotSupported   = errors.New("decoding not supported")
	ErrValidationNotSupported = errors.New("validation not supported")
)

Functions

func AllCoordinates added in v0.31.0 

func AllCoordinates(sbom SBOM) []source.Coordinates

Types

type Artifacts 

type Artifacts struct {
	PackageCatalog      *pkg.Catalog
	FileMetadata        map[source.Coordinates]source.FileMetadata
	FileDigests         map[source.Coordinates][]file.Digest
	FileClassifications map[source.Coordinates][]file.Classification
	FileContents        map[source.Coordinates]string
	Secrets             map[source.Coordinates][]file.SearchResult
	LinuxDistribution   *linux.Release
}

type Decoder added in v0.41.0 

type Decoder func(reader io.Reader) (*SBOM, error)

Decoder is a function that can convert an SBOM document of a specific format from a reader into Syft native objects.

type Descriptor added in v0.31.0 

type Descriptor struct {
	Name          string
	Version       string
	Configuration interface{}
}

type Encoder added in v0.41.0 

type Encoder func(io.Writer, SBOM) error

Encoder is a function that can transform Syft native objects into an SBOM document of a specific format written to the given writer.

type Format added in v0.41.0 

type Format interface {
	ID() FormatID
	Encode(io.Writer, SBOM) error
	Decode(io.Reader) (*SBOM, error)
	Validate(io.Reader) error
}

func NewFormat added in v0.41.0 

func NewFormat(id FormatID, encoder Encoder, decoder Decoder, validator Validator) Format

type FormatID added in v0.41.0 

type FormatID string

func (FormatID) String added in v0.42.4 

func (f FormatID) String() string

String returns a string representation of the FormatID.

type SBOM 

type SBOM struct {
	Artifacts     Artifacts
	Relationships []artifact.Relationship
	Source        source.Metadata
	Descriptor    Descriptor
}

type Validator added in v0.41.0 

type Validator func(reader io.Reader) error

Validator reads the SBOM from the given reader and assesses whether the document conforms to the specific SBOM format. The validator should positively confirm if the SBOM is not only the format but also has the minimal set of values that the format requires. For example, all syftjson formatted documents have a schema section which should have "anchore/syft" within the version --if this isn't found then the validator should raise an error. These active assertions protect against "simple" format decoding validations that may lead to false positives (e.g. I decoded json successfully therefore this must be the target format, however, all values are their default zero-value and really represent a different format that also uses json)

type Writer added in v0.35.0 

type Writer interface {
	// Write writes the provided SBOM
	Write(SBOM) error

	// Closer a resource cleanup hook which will be called after SBOM
	// is written or if an error occurs before Write is called
	io.Closer
}

Writer an interface to write SBOMs

func NewWriter added in v0.41.0 

func NewWriter(options ...WriterOption) (_ Writer, err error)

NewWriter create all report writers from input options; if a file is not specified, os.Stdout is used

type WriterOption added in v0.41.0 

type WriterOption struct {
	Format Format
	Path   string
}

WriterOption Format and path strings used to create sbom.Writer

func NewWriterOption added in v0.41.1 

func NewWriterOption(f Format, p string) WriterOption

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.