Documentation
¶
Overview ¶
Package extractor provides the common interface for standalone and filesystem extractors.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Annotation ¶ added in v0.1.3
type Annotation int64
Annotation are additional information about the inventory.
const ( // Unknown is the default value for the annotation. Unknown Annotation = iota // Transitional packages just point to other packages without having actual code in them. This // happens for example when packages are renamed. Transitional // InsideOSPackage is set for packages that are found inside an OS package. // TODO(b/364536788): Annotation for language packages inside OS packages. InsideOSPackage // InsideCacheDir is set for packages that are found inside a cache directory. // TODO(b/364539671): Annotation for packages inside cache directories. InsideCacheDir )
type Extractor ¶ added in v0.1.1
type Extractor interface {
plugin.Plugin
// ToPURL converts an inventory created by this extractor into a PURL.
ToPURL(i *Inventory) *purl.PackageURL
// ToCPEs converts an inventory created by this extractor into CPEs, if supported.
ToCPEs(i *Inventory) []string
// Ecosystem returns the Ecosystem of the given inventory created by this extractor.
// For software packages this corresponds to an OSV ecosystem value, e.g. PyPI.
Ecosystem(i *Inventory) string
}
Extractor is the common interface of inventory extraction plugins..
type Inventory ¶
type Inventory struct {
// A human-readable name representation of the package. Note that this field
// should only be used for things like logging as different packages can have
// multiple different types of names (e.g. .deb packages have a source name
// and a binary name), in which case we arbitrarily pick one of them to use here.
// In cases when the exact name type used is important (e.g. when matching
// against vuln feeds) you should use the specific name field from the Metadata.
Name string
// The version of this package.
Version string
// Source code level package identifiers.
SourceCode *SourceCodeIdentifier
// Paths or source of files related to the package.
Locations []string
// The Extractor that found this software instance. Set by the core library.
Extractor Extractor
// The additional data found in the package.
Metadata any
Annotations []Annotation
}
Inventory is an instance of a software package or library found by the extractor.
type SourceCodeIdentifier ¶ added in v0.1.3
SourceCodeIdentifier lists additional identifiers for source code software packages (e.g. NPM).
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package filesystem provides the interface for inventory extraction plugins.
|
Package filesystem provides the interface for inventory extraction plugins. |
|
containers/containerd
Package containerd extracts container inventory from containerd metadb database.
|
Package containerd extracts container inventory from containerd metadb database. |
|
internal
Package internal contains miscellaneous functions and objects useful within Scalibr
|
Package internal contains miscellaneous functions and objects useful within Scalibr |
|
internal/units
Package units provides constants for common units.
|
Package units provides constants for common units. |
|
language/cpp/conanlock
Package conanlock extracts conan.lock files.
|
Package conanlock extracts conan.lock files. |
|
language/dart/pubspec
Package pubspec extracts Dart pubspec.lock files.
|
Package pubspec extracts Dart pubspec.lock files. |
|
language/dotnet/packageslockjson
Package packageslockjson extracts packages.lock.json files.
|
Package packageslockjson extracts packages.lock.json files. |
|
language/erlang/mixlock
Package mixlock extracts erlang mix.lock files.
|
Package mixlock extracts erlang mix.lock files. |
|
language/golang/gobinary
Package gobinary extracts packages from buildinfo inside go binaries files.
|
Package gobinary extracts packages from buildinfo inside go binaries files. |
|
language/golang/gomod
Package gomod extracts go.mod files.
|
Package gomod extracts go.mod files. |
|
language/java/archive
Package archive extracts Java archive files.
|
Package archive extracts Java archive files. |
|
language/java/gradlelockfile
Package gradlelockfile extracts pom.xml files.
|
Package gradlelockfile extracts pom.xml files. |
|
language/java/gradleverificationmetadataxml
Package gradleverificationmetadataxml extracts Gradle files.
|
Package gradleverificationmetadataxml extracts Gradle files. |
|
language/java/groupid
Package groupid provides functionality for retrieving the group ID of a Java package.
|
Package groupid provides functionality for retrieving the group ID of a Java package. |
|
language/java/javalockfile
Package javalockfile provides shared structures for Java extractors.
|
Package javalockfile provides shared structures for Java extractors. |
|
language/java/pomxml
Package pomxml extracts pom.xml files.
|
Package pomxml extracts pom.xml files. |
|
language/javascript/internal/commitextractor
Package commitextractor provides a function to extract commit hash from the full git URL
|
Package commitextractor provides a function to extract commit hash from the full git URL |
|
language/javascript/packagejson
Package packagejson extracts package.json files.
|
Package packagejson extracts package.json files. |
|
language/javascript/packagelockjson
Package packagelockjson extracts package-lock.json files.
|
Package packagelockjson extracts package-lock.json files. |
|
language/javascript/pnpmlock
Package pnpmlock extracts pnpm-lock.yaml files.
|
Package pnpmlock extracts pnpm-lock.yaml files. |
|
language/javascript/yarnlock
Package yarnlock extracts NPC yarn.lock files.
|
Package yarnlock extracts NPC yarn.lock files. |
|
language/php/composerlock
Package composerlock extracts composer.lock files.
|
Package composerlock extracts composer.lock files. |
|
language/python/internal/pypipurl
Package pypipurl converts an inventory to a PyPI type PackageURL.
|
Package pypipurl converts an inventory to a PyPI type PackageURL. |
|
language/python/pdmlock
Package pdmlock extracts pdm.lock files.
|
Package pdmlock extracts pdm.lock files. |
|
language/python/pipfilelock
Package pipfilelock extracts Pipfile.lock files.
|
Package pipfilelock extracts Pipfile.lock files. |
|
language/python/poetrylock
Package poetrylock extracts poetry.lock files.
|
Package poetrylock extracts poetry.lock files. |
|
language/python/requirements
Package requirements extracts requirements files.
|
Package requirements extracts requirements files. |
|
language/python/wheelegg
Package wheelegg extracts wheel and egg files.
|
Package wheelegg extracts wheel and egg files. |
|
language/r/renvlock
Package renvlock extracts renv.lock files.
|
Package renvlock extracts renv.lock files. |
|
language/ruby/gemfilelock
Package gemfilelock extracts Gemfile.lock files.
|
Package gemfilelock extracts Gemfile.lock files. |
|
language/ruby/gemspec
Package gemspec extracts *.gemspec files.
|
Package gemspec extracts *.gemspec files. |
|
language/rust/cargolock
Package cargolock extracts Cargo.lock files for rust projects
|
Package cargolock extracts Cargo.lock files for rust projects |
|
list
Package list provides a public list of SCALIBR-internal extraction plugins.
|
Package list provides a public list of SCALIBR-internal extraction plugins. |
|
os/apk
Package apk extracts packages from the APK database.
|
Package apk extracts packages from the APK database. |
|
os/cos
Package cos extracts OS packages from Container Optimized OSes (go/cos).
|
Package cos extracts OS packages from Container Optimized OSes (go/cos). |
|
os/dpkg
Package dpkg extracts packages from dpkg database.
|
Package dpkg extracts packages from dpkg database. |
|
os/flatpak
Package flatpak extracts packages from flatpak metainfo files.
|
Package flatpak extracts packages from flatpak metainfo files. |
|
os/homebrew
Package homebrew extracts package information from OSX homebrew INSTALL_RECEIPT.json files.
|
Package homebrew extracts package information from OSX homebrew INSTALL_RECEIPT.json files. |
|
os/osrelease
Package osrelease parses the os-release file.
|
Package osrelease parses the os-release file. |
|
os/rpm
Package rpm extracts packages from rpm database.
|
Package rpm extracts packages from rpm database. |
|
os/snap
Package snap extracts snap packages
|
Package snap extracts snap packages |
|
osv
Package osv provides a Wrapper for osv plugins.
|
Package osv provides a Wrapper for osv plugins. |
|
sbom/cdx
Package cdx extracts software dependencies from an CycloneDX SBOM.
|
Package cdx extracts software dependencies from an CycloneDX SBOM. |
|
sbom/spdx
Package spdx extracts software dependencies from an SPDX SBOM.
|
Package spdx extracts software dependencies from an SPDX SBOM. |
|
Package standalone provides a way to extract in a standalone mode (e.g.
|
Package standalone provides a way to extract in a standalone mode (e.g. |
|
containers/containerd
Package containerd extracts container inventory from containerd API.
|
Package containerd extracts container inventory from containerd API. |
|
containers/containerd/fakeclient
Package fakeclient contains a fake implementation of the containerd client for testing purposes.
|
Package fakeclient contains a fake implementation of the containerd client for testing purposes. |
|
list
Package list contains the list of all standalone extractors.
|
Package list contains the list of all standalone extractors. |
|
windows/common/winproducts
Package winproducts contains information about Windows products.
|
Package winproducts contains information about Windows products. |
|
windows/dismpatch/dismparser
Package dismparser has methods that can be used to parse DISM output
|
Package dismparser has methods that can be used to parse DISM output |
Click to show internal directories.
Click to hide internal directories.