sbom

package

v0.15.4 Latest Latest Go to latest Published: May 21, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/google/ko

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GenerateImageCycloneDX(mod []byte) ([]byte, error)
func GenerateImageSPDX(koVersion string, mod []byte, img oci.SignedImage) ([]byte, error)
func GenerateIndexCycloneDX(oci.SignedImageIndex) ([]byte, error)
func GenerateIndexSPDX(koVersion string, sii oci.SignedImageIndex) ([]byte, error)
type Checksum
type CreationInfo
type Document
type ExternalDocumentRef
type ExternalRef
type File
type Package
type PackageVerificationCode
type Relationship

Constants ¶

View Source

const (
	NOASSERTION = "NOASSERTION"
	Version     = "SPDX-2.3"
)

Variables ¶

This section is empty.

Functions ¶

func GenerateImageCycloneDX ¶ added in v0.12.0

func GenerateImageCycloneDX(mod []byte) ([]byte, error)

func GenerateImageSPDX ¶ added in v0.12.0

func GenerateImageSPDX(koVersion string, mod []byte, img oci.SignedImage) ([]byte, error)

func GenerateIndexCycloneDX ¶ added in v0.12.0

func GenerateIndexCycloneDX(oci.SignedImageIndex) ([]byte, error)

func GenerateIndexSPDX ¶ added in v0.12.0

func GenerateIndexSPDX(koVersion string, sii oci.SignedImageIndex) ([]byte, error)

Types ¶

type Checksum ¶ added in v0.12.0

type Checksum struct {
	Algorithm string `json:"algorithm"`
	Value     string `json:"checksumValue"`
}

type CreationInfo ¶ added in v0.12.0

type CreationInfo struct {
	Created            string   `json:"created"` // Date
	Creators           []string `json:"creators,omitempty"`
	LicenseListVersion string   `json:"licenseListVersion,omitempty"`
}

type Document ¶ added in v0.12.0

type Document struct {
	ID                   string                `json:"SPDXID"`
	Name                 string                `json:"name"`
	Version              string                `json:"spdxVersion"`
	CreationInfo         CreationInfo          `json:"creationInfo"`
	DataLicense          string                `json:"dataLicense"`
	Namespace            string                `json:"documentNamespace"`
	DocumentDescribes    []string              `json:"documentDescribes,omitempty"`
	Files                []File                `json:"files,omitempty"`
	Packages             []Package             `json:"packages,omitempty"`
	Relationships        []Relationship        `json:"relationships,omitempty"`
	ExternalDocumentRefs []ExternalDocumentRef `json:"externalDocumentRefs,omitempty"`
}

type ExternalDocumentRef ¶ added in v0.12.0

type ExternalDocumentRef struct {
	Checksum           Checksum `json:"checksum"`
	ExternalDocumentID string   `json:"externalDocumentId"`
	SPDXDocument       string   `json:"spdxDocument"`
}

type ExternalRef ¶ added in v0.12.0

type ExternalRef struct {
	Category string `json:"referenceCategory"`
	Locator  string `json:"referenceLocator"`
	Type     string `json:"referenceType"`
}

type File ¶ added in v0.12.0

type File struct {
	ID                string     `json:"SPDXID"`
	Name              string     `json:"fileName"`
	CopyrightText     string     `json:"copyrightText"`
	NoticeText        string     `json:"noticeText,omitempty"`
	LicenseConcluded  string     `json:"licenseConcluded"`
	Description       string     `json:"description,omitempty"`
	FileTypes         []string   `json:"fileTypes,omitempty"`
	LicenseInfoInFile []string   `json:"licenseInfoInFiles"` // List of licenses
	Checksums         []Checksum `json:"checksums"`
}

type Package ¶ added in v0.12.0

type Package struct {
	ID                   string                   `json:"SPDXID"`
	Name                 string                   `json:"name"`
	Version              string                   `json:"versionInfo,omitempty"`
	FilesAnalyzed        bool                     `json:"filesAnalyzed"`
	LicenseDeclared      string                   `json:"licenseDeclared"`
	LicenseConcluded     string                   `json:"licenseConcluded"`
	Description          string                   `json:"description,omitempty"`
	DownloadLocation     string                   `json:"downloadLocation"`
	Originator           string                   `json:"originator,omitempty"`
	SourceInfo           string                   `json:"sourceInfo,omitempty"`
	CopyrightText        string                   `json:"copyrightText"`
	PrimaryPurpose       string                   `json:"primaryPackagePurpose,omitempty"`
	HasFiles             []string                 `json:"hasFiles,omitempty"`
	LicenseInfoFromFiles []string                 `json:"licenseInfoFromFiles,omitempty"`
	Checksums            []Checksum               `json:"checksums,omitempty"`
	ExternalRefs         []ExternalRef            `json:"externalRefs,omitempty"`
	VerificationCode     *PackageVerificationCode `json:"packageVerificationCode,omitempty"`
}

type PackageVerificationCode ¶ added in v0.12.0

type PackageVerificationCode struct {
	Value         string   `json:"packageVerificationCodeValue"`
	ExcludedFiles []string `json:"packageVerificationCodeExcludedFiles,omitempty"`
}

type Relationship ¶ added in v0.12.0

type Relationship struct {
	Element string `json:"spdxElementId"`
	Type    string `json:"relationshipType"`
	Related string `json:"relatedSpdxElement"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL