cpegenerate

package

v1.19.0 Latest Latest Go to latest Published: Jan 22, 2025 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/anchore/syft

Documentation ¶

Index ¶

Variables
func FromDictionaryFind(p pkg.Package) ([]cpe.CPE, bool)
func FromPackageAttributes(p pkg.Package) []cpe.CPE
func GetIndexedDictionary() (_ *dictionary.Indexed, err error)
func GetManifestFieldGroupIDs(manifest *pkg.JavaManifest, fields []string) (groupIDs []string)
func GroupIDsFromJavaMetadata(pkgName string, metadata pkg.JavaArchive) (groupIDs []string)
func GroupIDsFromJavaPackage(p pkg.Package) (groupIDs []string)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	PrimaryJavaManifestGroupIDFields = []string{
		"Group-Id",
		"Bundle-SymbolicName",
		"Extension-Name",
		"Specification-Vendor",
		"Implementation-Vendor",
		"Implementation-Vendor-Id",
		"Implementation-Title",
		"Bundle-Activator",
	}
	SecondaryJavaManifestGroupIDFields = []string{
		"Automatic-Module-Name",
		"Main-Class",
		"Package",
	}
)

View Source

var DefaultArtifactIDToGroupID = map[string]string{}/* 1909 elements not displayed */

Functions ¶

func FromDictionaryFind ¶

func FromDictionaryFind(p pkg.Package) ([]cpe.CPE, bool)

func FromPackageAttributes ¶

func FromPackageAttributes(p pkg.Package) []cpe.CPE

FromPackageAttributes Create a list of CPEs for a given package, trying to guess the vendor, product tuple. We should be trying to generate the minimal set of representative CPEs, which implies that optional fields should not be included (such as target SW).

func GetIndexedDictionary ¶

func GetIndexedDictionary() (_ *dictionary.Indexed, err error)

func GetManifestFieldGroupIDs ¶

func GetManifestFieldGroupIDs(manifest *pkg.JavaManifest, fields []string) (groupIDs []string)

func GroupIDsFromJavaMetadata ¶

func GroupIDsFromJavaMetadata(pkgName string, metadata pkg.JavaArchive) (groupIDs []string)

GroupIDsFromJavaMetadata returns the possible group IDs for a Java package This function is similar to GroupIDFromJavaPackage, but returns all possible group IDs and is less strict It is used as a way to generate possible candidates for CPE matching.

func GroupIDsFromJavaPackage ¶

func GroupIDsFromJavaPackage(p pkg.Package) (groupIDs []string)

Types ¶

This section is empty.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
dictionary
index-generator This program downloads the latest CPE dictionary from NIST and processes it into a JSON file that can be embedded into Syft for more accurate CPE results.	This program downloads the latest CPE dictionary from NIST and processes it into a JSON file that can be embedded into Syft for more accurate CPE results.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL