Documentation
¶
Overview ¶
Package cyclonedx is responsible for generating a CycloneDX XML report for the given container image or file system.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BdComponent ¶
BdComponent represents the software/package being cataloged.
type BdTool ¶
type BdTool struct {
XMLName xml.Name `xml:"bd:tool"`
Vendor string `xml:"bd:vendor,omitempty"` // The vendor of the tool used to create the BOM.
Name string `xml:"bd:name,omitempty"` // The name of the tool used to create the BOM.
Version string `xml:"bd:version,omitempty"` // The version of the tool used to create the BOM.
}
BdTool represents the tool that created the BOM report.
type BomDescriptor ¶
type BomDescriptor struct {
XMLName xml.Name `xml:"bd:metadata"`
Timestamp string `xml:"bd:timestamp,omitempty"` // The date and time (timestamp) when the document was created
Tool *BdTool `xml:"bd:tool"` // The tool used to create the BOM.
Component *BdComponent `xml:"bd:component"` // The component that the BOM describes.
}
BomDescriptor represents all metadata surrounding the BOM report (such as when the BOM was made, with which tool, and the item being cataloged).
func NewBomDescriptor ¶
func NewBomDescriptor(name, version string, srcMetadata source.Metadata) *BomDescriptor
NewBomDescriptor returns a new BomDescriptor tailored for the current time and "syft" tool details.
type Component ¶
type Component struct {
XMLName xml.Name `xml:"component"`
Type string `xml:"type,attr"` // Required; Describes if the component is a library, framework, application, container, operating system, firmware, hardware device, or file
Supplier string `xml:"supplier,omitempty"` // The organization that supplied the component. The supplier may often be the manufacture, but may also be a distributor or repackager.
Author string `xml:"author,omitempty"` // The person(s) or organization(s) that authored the component
Publisher string `xml:"publisher,omitempty"` // The person(s) or organization(s) that published the component
Group string `xml:"group,omitempty"` // The high-level classification that a project self-describes as. This will often be a shortened, single name of the company or project that produced the component, or the source package or domain name.
Name string `xml:"name"` // Required; The name of the component as defined by the project
Version string `xml:"version"` // Required; The version of the component as defined by the project
Description string `xml:"description,omitempty"` // A description of the component
Licenses *[]License `xml:"licenses>license"` // A node describing zero or more license names, SPDX license IDs or expressions
PackageURL string `xml:"purl,omitempty"` // Specifies the package-url (PackageURL). The purl, if specified, must be valid and conform to the specification defined at: https://github.com/package-url/purl-spec
}
Component represents a single element in the CycloneDX BOM
type Document ¶
type Document struct {
XMLName xml.Name `xml:"bom"`
XMLNs string `xml:"xmlns,attr"`
XMLNsBd string `xml:"xmlns:bd,attr"`
Version int `xml:"version,attr"`
SerialNumber string `xml:"serialNumber,attr"`
Components []Component `xml:"components>component"` // The BOM contents
BomDescriptor *BomDescriptor `xml:"bd:metadata"` // The BOM descriptor extension
}
Document represents a CycloneDX BOM Document.
type License ¶
type License struct {
XMLName xml.Name `xml:"license"`
ID string `xml:"id,omitempty"` // A valid SPDX license ID
Name string `xml:"name,omitempty"` // If SPDX does not define the license used, this field may be used to provide the license name
}
License represents a single software license for a Component
type Presenter ¶
type Presenter struct {
// contains filtered or unexported fields
}
Presenter writes a CycloneDX report from the given Catalog and Locations contents
func NewPresenter ¶
NewPresenter creates a CycloneDX presenter from the given Catalog and Locations objects.
Source Files