Documentation ¶
Index ¶
- Constants
- type BOM
- func (b *BOM) AddComponent(c *Component)
- func (b *BOM) AddRelationship(parent, child *Component, relationshipType RelationshipType)
- func (b *BOM) AddVulnerabilities(c *Component, vulns []Vulnerability)
- func (b *BOM) Components() map[uuid.UUID]*Component
- func (b *BOM) NumComponents() int
- func (b *BOM) Relationships() map[uuid.UUID][]Relationship
- func (b *BOM) Root() *Component
- func (b *BOM) Vulnerabilities() map[uuid.UUID][]Vulnerability
- type Component
- type ComponentType
- type File
- type Options
- type PkgID
- type Properties
- type Property
- type Relationship
- type RelationshipType
- type Vulnerability
Constants ¶
View Source
const ( TypeFilesystem ComponentType = "filesystem" TypeRepository ComponentType = "repository" TypeContainerImage ComponentType = "container_image" TypeVM ComponentType = "vm" TypeApplication ComponentType = "application" TypeLibrary ComponentType = "library" TypeOS ComponentType = "os" TypePlatform ComponentType = "platform" // Metadata properties PropertySchemaVersion = "SchemaVersion" PropertyType = "Type" PropertyClass = "Class" // Image properties PropertySize = "Size" PropertyImageID = "ImageID" PropertyRepoDigest = "RepoDigest" PropertyDiffID = "DiffID" PropertyRepoTag = "RepoTag" // Package properties PropertyPkgID = "PkgID" PropertyPkgType = "PkgType" PropertySrcName = "SrcName" PropertySrcVersion = "SrcVersion" PropertySrcRelease = "SrcRelease" PropertySrcEpoch = "SrcEpoch" PropertyModularitylabel = "Modularitylabel" PropertyFilePath = "FilePath" PropertyLayerDigest = "LayerDigest" PropertyLayerDiffID = "LayerDiffID" // Relationships RelationshipDescribes RelationshipType = "describes" RelationshipContains RelationshipType = "contains" RelationshipDependsOn RelationshipType = "depends_on" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BOM ¶
BOM represents an intermediate representation of a component for SBOM.
func (*BOM) AddComponent ¶
func (*BOM) AddRelationship ¶
func (b *BOM) AddRelationship(parent, child *Component, relationshipType RelationshipType)
func (*BOM) AddVulnerabilities ¶
func (b *BOM) AddVulnerabilities(c *Component, vulns []Vulnerability)
func (*BOM) NumComponents ¶
func (*BOM) Relationships ¶
func (b *BOM) Relationships() map[uuid.UUID][]Relationship
func (*BOM) Vulnerabilities ¶
func (b *BOM) Vulnerabilities() map[uuid.UUID][]Vulnerability
type Component ¶
type Component struct { // Type is the type of the component // CycloneDX: component.type Type ComponentType // Root represents the root of the BOM // Only one root is allowed in a BOM. // CycloneDX: metadata.component Root bool // Name is the name of the component // CycloneDX: component.name // SPDX: package.name Name string // Group is the group of the component // CycloneDX: component.group // SPDX: N/A Group string // Version is the version of the component // CycloneDX: component.version // SPDX: package.versionInfo Version string // SrcName is the name of the source component // CycloneDX: N/A // SPDX: package.sourceInfo SrcName string // SrcVersion is the version of the source component // CycloneDX: N/A // SPDX: package.sourceInfo SrcVersion string // SrcFile is the file path where the component is found. // CycloneDX: N/A // SPDX: package.sourceInfo SrcFile string // Licenses is a list of licenses that apply to the component // CycloneDX: component.licenses // SPDX: package.licenseConcluded, package.licenseDeclared Licenses []string // PkgID has PURL and BOMRef for the component // PURL: // CycloneDX: component.purl // SPDX: package.externalRefs.referenceLocator // BOMRef: // CycloneDX: component.bom-ref // SPDX: N/A PkgID PkgID // Supplier is the name of the supplier of the component // CycloneDX: component.supplier // SPDX: package.supplier Supplier string // Files is a list of files that are part of the component. // CycloneDX: component.properties // SPDX: files Files []File // Properties is a list of key-value pairs that provide additional information about the component // CycloneDX: component.properties // SPDX: package.attributionTexts Properties Properties `hash:"set"` // contains filtered or unexported fields }
type ComponentType ¶
type ComponentType string
type File ¶
type File struct { // Path is a path of the file. // CycloneDX: N/A // SPDX: package.files[].fileName Path string // Hash is a hash that uniquely identify the component. // A file can have several digests with different algorithms, like SHA1, SHA256, etc. // CycloneDX: component.hashes // SPDX: package.files[].checksums Digests []digest.Digest }
type Properties ¶
type Properties []Property
func (Properties) Len ¶
func (p Properties) Len() int
func (Properties) Less ¶
func (p Properties) Less(i, j int) bool
func (Properties) Swap ¶
func (p Properties) Swap(i, j int)
type Relationship ¶
type Relationship struct { Dependency uuid.UUID Type RelationshipType }
type RelationshipType ¶
type RelationshipType string
type Vulnerability ¶
type Vulnerability struct { dtypes.Vulnerability ID string PkgID string PkgName string InstalledVersion string FixedVersion string PrimaryURL string DataSource *dtypes.DataSource }
Click to show internal directories.
Click to hide internal directories.