sbom

package
v0.48.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 26, 2023 License: Apache-2.0 Imports: 11 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ErrUnknownFormat = xerrors.New("Unknown SBOM format")

Functions

func Decode added in v0.33.0

func Decode(f io.Reader, format Format) (types.SBOM, error)

func IsCycloneDXJSON added in v0.41.0

func IsCycloneDXJSON(r io.ReadSeeker) (bool, error)

func IsCycloneDXXML added in v0.41.0

func IsCycloneDXXML(r io.ReadSeeker) (bool, error)

func IsSPDXJSON added in v0.41.0

func IsSPDXJSON(r io.ReadSeeker) (bool, error)

func IsSPDXTV added in v0.41.0

func IsSPDXTV(r io.ReadSeeker) (bool, error)

Types

type Format

type Format string
const (
	FormatCycloneDXJSON       Format = "cyclonedx-json"
	FormatCycloneDXXML        Format = "cyclonedx-xml"
	FormatSPDXJSON            Format = "spdx-json"
	FormatSPDXTV              Format = "spdx-tv"
	FormatSPDXXML             Format = "spdx-xml"
	FormatAttestCycloneDXJSON Format = "attest-cyclonedx-json"
	FormatUnknown             Format = "unknown"

	// FormatLegacyCosignAttestCycloneDXJSON is used to support the older format of CycloneDX JSON Attestation
	// produced by the Cosign V1.
	// ref. https://github.com/sigstore/cosign/pull/2718
	FormatLegacyCosignAttestCycloneDXJSON Format = "legacy-cosign-attest-cyclonedx-json"

	// PredicateCycloneDXBeforeV05 is the PredicateCycloneDX value defined in in-toto-golang before v0.5.0.
	// This is necessary for backward-compatible SBOM detection.
	// ref. https://github.com/in-toto/in-toto-golang/pull/188
	PredicateCycloneDXBeforeV05 = "https://cyclonedx.org/schema"
)

func DetectFormat

func DetectFormat(r io.ReadSeeker) (Format, error)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL