pkg

package
v0.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 17, 2020 License: Apache-2.0 Imports: 9 Imported by: 241

Documentation

Overview

Package pkg provides the data structures for a package, a package catalog, package types, and domain-specific metadata.

Index

Constants

This section is empty.

Variables

View Source 
var AllLanguages = []Language{
	Java,
	JavaScript,
	Python,
	Ruby,
	Go,
}

AllLanguages is a set of all programming languages detected by syft.

View Source 
var AllPkgs = []Type{
	ApkPkg,
	GemPkg,
	DebPkg,
	RpmPkg,
	NpmPkg,
	PythonPkg,
	JavaPkg,
	JenkinsPluginPkg,
	GoModulePkg,
}

AllPkgs represents all supported package types

Functions

This section is empty.

Types

type ApkFileRecord 

type ApkFileRecord struct {
	Path        string `json:"path"`
	OwnerUID    string `json:"ownerUid,omitempty"`
	OwnerGID    string `json:"ownerGid,omitempty"`
	Permissions string `json:"permissions,omitempty"`
	Checksum    string `json:"checksum,omitempty"`
}

ApkFileRecord represents a single file listing and metadata from a APK DB entry (which may have many of these file records).

type ApkMetadata 

type ApkMetadata struct {
	Package          string          `mapstructure:"P" json:"package"`
	OriginPackage    string          `mapstructure:"o" json:"originPackage"`
	Maintainer       string          `mapstructure:"m" json:"maintainer"`
	Version          string          `mapstructure:"V" json:"version"`
	License          string          `mapstructure:"L" json:"license"`
	Architecture     string          `mapstructure:"A" json:"architecture"`
	URL              string          `mapstructure:"U" json:"url"`
	Description      string          `mapstructure:"T" json:"description"`
	Size             int             `mapstructure:"S" json:"size"`
	InstalledSize    int             `mapstructure:"I" json:"installedSize"`
	PullDependencies string          `mapstructure:"D" json:"pullDependencies"`
	PullChecksum     string          `mapstructure:"C" json:"pullChecksum"`
	GitCommitOfAport string          `mapstructure:"c" json:"gitCommitOfApkPort"`
	Files            []ApkFileRecord `json:"files"`
}

ApkMetadata represents all captured data for a Alpine DB package entry. See the following sources for more information: - https://wiki.alpinelinux.org/wiki/Apk_spec - https://git.alpinelinux.org/apk-tools/tree/src/package.c - https://git.alpinelinux.org/apk-tools/tree/src/database.c

func (ApkMetadata) PackageURL 

func (m ApkMetadata) PackageURL() string

PackageURL returns the PURL for the specific Alpine package (see https://github.com/package-url/purl-spec)

type Catalog 

type Catalog struct {
	// contains filtered or unexported fields
}

Catalog represents a collection of Packages.

func NewCatalog 

func NewCatalog(pkgs ...Package) *Catalog

NewCatalog returns a new empty Catalog

func (*Catalog) Add 

func (c *Catalog) Add(p Package)

Add a package to the Catalog.

func (*Catalog) Enumerate 

func (c *Catalog) Enumerate(types ...Type) <-chan *Package

Enumerate all packages for the given type(s), enumerating all packages if no type is specified.

func (*Catalog) Package 

func (c *Catalog) Package(id ID) *Package

Package returns the package with the given ID.

func (*Catalog) PackageCount 

func (c *Catalog) PackageCount() int

PackageCount returns the total number of packages that have been added.

func (*Catalog) PackagesByFile 

func (c *Catalog) PackagesByFile(location source.Location) []*Package

PackagesByFile returns all packages that were discovered from the given source file reference.

func (*Catalog) Sorted 

func (c *Catalog) Sorted(types ...Type) []*Package

Sorted enumerates all packages for the given types sorted by package name. Enumerates all packages if no type is specified.

type DpkgFileRecord added in v0.7.0 

type DpkgFileRecord struct {
	Path string `json:"path"`
	MD5  string `json:"md5"`
}

DpkgFileRecord represents a single file attributed to a debian package.

type DpkgMetadata 

type DpkgMetadata struct {
	Package       string           `mapstructure:"Package" json:"package"`
	Source        string           `mapstructure:"Source" json:"source"`
	Version       string           `mapstructure:"Version" json:"version"`
	Architecture  string           `mapstructure:"Architecture" json:"architecture"`
	Maintainer    string           `mapstructure:"Maintainer" json:"maintainer"`
	InstalledSize int              `mapstructure:"InstalledSize" json:"installedSize"`
	Files         []DpkgFileRecord `json:"files"`
}

DpkgMetadata represents all captured data for a Debian package DB entry; available fields are described at http://manpages.ubuntu.com/manpages/xenial/man1/dpkg-query.1.html in the --showformat section.

func (DpkgMetadata) PackageURL 

func (m DpkgMetadata) PackageURL(d distro.Distro) string

PackageURL returns the PURL for the specific Debian package (see https://github.com/package-url/purl-spec)

type GemMetadata added in v0.2.0 

type GemMetadata struct {
	Name     string   `mapstructure:"name" json:"name"`
	Version  string   `mapstructure:"version" json:"version"`
	Files    []string `mapstructure:"files" json:"files,omitempty"`
	Authors  []string `mapstructure:"authors" json:"authors,omitempty"`
	Licenses []string `mapstructure:"licenses" json:"licenses,omitempty"`
	Homepage string   `mapstructure:"homepage" json:"homepage,omitempty"`
}

GemMetadata represents all metadata parsed from the gemspec file

type ID 

type ID int64

ID represents a unique value for each package added to a package catalog.

type JavaManifest 

type JavaManifest struct {
	Main          map[string]string            `json:"main,omitempty"`
	NamedSections map[string]map[string]string `json:"namedSections,omitempty"`
}

JavaManifest represents the fields of interest extracted from a Java archive's META-INF/MANIFEST.MF file.

type JavaMetadata 

type JavaMetadata struct {
	VirtualPath   string         `json:"virtualPath"`
	Manifest      *JavaManifest  `mapstructure:"Manifest" json:"manifest,omitempty"`
	PomProperties *PomProperties `mapstructure:"PomProperties" json:"pomProperties,omitempty"`
	Parent        *Package       `json:"-"`
}

JavaMetadata encapsulates all Java ecosystem metadata for a package as well as an (optional) parent relationship.

func (JavaMetadata) PackageURL 

func (m JavaMetadata) PackageURL() string

PackageURL returns the PURL for the specific Alpine package (see https://github.com/package-url/purl-spec)

type Language 

type Language string

Language represents a single programming language. 

const (
	// the full set of supported programming languages
	UnknownLanguage Language = "UnknownLanguage"
	Java            Language = "java"
	JavaScript      Language = "javascript"
	Python          Language = "python"
	Ruby            Language = "ruby"
	Go              Language = "go"
)

func (Language) String 

func (l Language) String() string

String returns the string representation of the language.

type MetadataType added in v0.4.0 

type MetadataType string

MetadataType represents the data shape stored within pkg.Package.Metadata. 

const (
	// this is the full set of data shapes that can be represented within the pkg.Package.Metadata field
	UnknownMetadataType        MetadataType = "UnknownMetadata"
	ApkMetadataType            MetadataType = "ApkMetadata"
	DpkgMetadataType           MetadataType = "DpkgMetadata"
	GemMetadataType            MetadataType = "GemMetadata"
	JavaMetadataType           MetadataType = "JavaMetadata"
	NpmPackageJSONMetadataType MetadataType = "NpmPackageJsonMetadata"
	RpmdbMetadataType          MetadataType = "RpmdbMetadata"
	PythonPackageMetadataType  MetadataType = "PythonPackageMetadata"
)

type NpmPackageJSONMetadata added in v0.4.0 

type NpmPackageJSONMetadata struct {
	Files       []string `mapstructure:"files" json:"files,omitempty"`
	Author      string   `mapstructure:"author" json:"author"`
	Licenses    []string `mapstructure:"licenses" json:"licenses"`
	Homepage    string   `mapstructure:"homepage" json:"homepage"`
	Description string   `mapstructure:"description" json:"description"`
	URL         string   `mapstructure:"url" json:"url"`
}

NpmPackageJSONMetadata holds extra information that is used in pkg.Package

type Package 

type Package struct {
	Name      string            // the package name
	Version   string            // the version of the package
	FoundBy   string            // the specific cataloger that discovered this package
	Locations []source.Location // the locations that lead to the discovery of this package (note: this is not necessarily the locations that make up this package)
	// TODO: should we move licenses into metadata?
	Licenses     []string     // licenses discovered with the package metadata
	Language     Language     // the language ecosystem this package belongs to (e.g. JavaScript, Python, etc)
	Type         Type         // the package type (e.g. Npm, Yarn, Python, Rpm, Deb, etc)
	MetadataType MetadataType // the shape of the additional data in the "metadata" field
	Metadata     interface{}  // additional data found while parsing the package source
	// contains filtered or unexported fields
}

Package represents an application or library that has been bundled into a distributable format.

func (Package) ID 

func (p Package) ID() ID

ID returns the package ID, which is unique relative to a package catalog.

func (Package) PackageURL 

func (p Package) PackageURL(d distro.Distro) string

PackageURL returns a package-URL representation of the given package (see https://github.com/package-url/purl-spec)

func (Package) String 

func (p Package) String() string

Stringer to represent a package.

type PomProperties 

type PomProperties struct {
	Path       string            `mapstructure:"path" json:"path"`
	Name       string            `mapstructure:"name" json:"name"`
	GroupID    string            `mapstructure:"groupId" json:"groupId"`
	ArtifactID string            `mapstructure:"artifactId" json:"artifactId"`
	Version    string            `mapstructure:"version" json:"version"`
	Extra      map[string]string `mapstructure:",remain" json:"extraFields"`
}

PomProperties represents the fields of interest extracted from a Java archive's pom.xml file.

type PythonFileDigest added in v0.8.0 

type PythonFileDigest struct {
	Algorithm string `json:"algorithm"`
	Value     string `json:"value"`
}

PythonFileDigest represents the file metadata for a single file attributed to a python package.

type PythonFileRecord added in v0.4.0 

type PythonFileRecord struct {
	Path   string            `json:"path"`
	Digest *PythonFileDigest `json:"digest,omitempty"`
	Size   string            `json:"size,omitempty"`
}

PythonFileRecord represents a single entry within a RECORD file for a python wheel or egg package

type PythonPackageMetadata added in v0.4.0 

type PythonPackageMetadata struct {
	Name                 string             `json:"name" mapstruct:"Name"`
	Version              string             `json:"version" mapstruct:"Version"`
	License              string             `json:"license" mapstruct:"License"`
	Author               string             `json:"author" mapstruct:"Author"`
	AuthorEmail          string             `json:"authorEmail" mapstruct:"Authoremail"`
	Platform             string             `json:"platform" mapstruct:"Platform"`
	Files                []PythonFileRecord `json:"files,omitempty"`
	SitePackagesRootPath string             `json:"sitePackagesRootPath"`
	TopLevelPackages     []string           `json:"topLevelPackages,omitempty"`
}

PythonPackageMetadata represents all captured data for a python egg or wheel package.

type RpmdbFileMode added in v0.6.0 

type RpmdbFileMode uint16

RpmdbFileMode is the raw file mode for a single file. This can be interpreted as the linux stat.h mode (see https://pubs.opengroup.org/onlinepubs/007908799/xsh/sysstat.h.html)

type RpmdbFileRecord added in v0.6.0 

type RpmdbFileRecord struct {
	Path   string        `json:"path"`
	Mode   RpmdbFileMode `json:"mode"`
	Size   int           `json:"size"`
	SHA256 string        `json:"sha256"`
}

RpmdbFileRecord represents the file metadata for a single file attributed to a RPM package.

type RpmdbMetadata added in v0.4.0 

type RpmdbMetadata struct {
	Name      string            `json:"name"`
	Version   string            `json:"version"`
	Epoch     int               `json:"epoch"`
	Arch      string            `json:"architecture"`
	Release   string            `json:"release"`
	SourceRpm string            `json:"sourceRpm"`
	Size      int               `json:"size"`
	License   string            `json:"license"`
	Vendor    string            `json:"vendor"`
	Files     []RpmdbFileRecord `json:"files"`
}

RpmdbMetadata represents all captured data for a RPM DB package entry.

func (RpmdbMetadata) PackageURL added in v0.4.0 

func (m RpmdbMetadata) PackageURL(d distro.Distro) string

PackageURL returns the PURL for the specific RHEL package (see https://github.com/package-url/purl-spec)

type Type 

type Type string

Type represents a Package Type for or within a language ecosystem (there may be multiple package types within a language ecosystem) 

const (
	// the full set of supported packages
	UnknownPkg       Type = "UnknownPackage"
	ApkPkg           Type = "apk"
	GemPkg           Type = "gem"
	DebPkg           Type = "deb"
	RpmPkg           Type = "rpm"
	NpmPkg           Type = "npm"
	PythonPkg        Type = "python"
	JavaPkg          Type = "java-archive"
	JenkinsPluginPkg Type = "jenkins-plugin"
	GoModulePkg      Type = "go-module"
)

func (Type) PackageURLType 

func (t Type) PackageURLType() string

PackageURLType returns the PURL package type for the current package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.