Documentation
¶
Index ¶
- func AddMetadata(predicates *assembler.IngestPredicates, foundIdentities []TrustInformation, ...)
- func CombineLicense(licenses []string) string
- func CreateTopLevelHasSBOMFromArtifact(topLevelArt *model.ArtifactInputSpec, sbomDoc *processor.Document, uri string, ...) assembler.HasSBOMIngest
- func CreateTopLevelHasSBOMFromPkg(topLevelPkg *model.PkgInputSpec, sbomDoc *processor.Document, uri string, ...) assembler.HasSBOMIngest
- func CreateTopLevelIsDeps(topLevel *model.PkgInputSpec, packages map[string][]*model.PkgInputSpec, ...) []assembler.IsDependencyIngest
- func FixSPDXLicenseExpression(licenseExpression string, inLineMap map[string]string) string
- func GetIsDep(foundNode *model.PkgInputSpec, relatedPackNodes []*model.PkgInputSpec, ...) (*assembler.IsDependencyIngest, error)
- func HashLicense(inline string) string
- func ParseLicenses(exp string, lv *string, inLineMap map[string]string) []model.LicenseInputSpec
- func RemoveDuplicateIdentifiers(identifierStrings *IdentifierStrings)
- type DocumentParser
- type GraphBuilder
- type IdentifierStrings
- type TrustInformation
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AddMetadata ¶ added in v0.8.0
func AddMetadata(predicates *assembler.IngestPredicates, foundIdentities []TrustInformation, srcInfo processor.SourceInformation)
addMetadata adds trust and source collector metadata
func CombineLicense ¶ added in v0.8.0
func CreateTopLevelHasSBOMFromArtifact ¶ added in v0.7.0
func CreateTopLevelHasSBOMFromArtifact(topLevelArt *model.ArtifactInputSpec, sbomDoc *processor.Document, uri string, timestamp time.Time) assembler.HasSBOMIngest
func CreateTopLevelHasSBOMFromPkg ¶ added in v0.7.0
func CreateTopLevelHasSBOMFromPkg(topLevelPkg *model.PkgInputSpec, sbomDoc *processor.Document, uri string, timestamp time.Time) assembler.HasSBOMIngest
func CreateTopLevelIsDeps ¶ added in v0.1.0
func CreateTopLevelIsDeps(topLevel *model.PkgInputSpec, packages map[string][]*model.PkgInputSpec, files map[string][]*model.PkgInputSpec, justification string) []assembler.IsDependencyIngest
TODO: change the DependencyType based on the relationship, currently set to unknown
func FixSPDXLicenseExpression ¶ added in v0.8.9
func GetIsDep ¶ added in v0.1.0
func GetIsDep(foundNode *model.PkgInputSpec, relatedPackNodes []*model.PkgInputSpec, relatedFileNodes []*model.PkgInputSpec, justification string, dependency model.DependencyType) (*assembler.IsDependencyIngest, error)
TODO: change the DependencyType based on the relationship, currently set to unknown
func HashLicense ¶ added in v0.2.0
func ParseLicenses ¶ added in v0.2.0
func RemoveDuplicateIdentifiers ¶ added in v0.8.1
func RemoveDuplicateIdentifiers(identifierStrings *IdentifierStrings)
Types ¶
type DocumentParser ¶
type DocumentParser interface {
// Parse breaks out the document into the graph components
Parse(ctx context.Context, doc *processor.Document) error
// GetIdentities gets the identity node from the document if they exist
GetIdentities(ctx context.Context) []TrustInformation
// CreatePredicates returns the predicates of the GUAC ontology to be created
GetPredicates(ctx context.Context) *assembler.IngestPredicates
// GetIdentifiers returns a set of identifiers that the parser has found to help provide context
// for collectors to gather more information around found software identifiers.
// This is an optional function to implement, and it should return an error if not implemented.
//
// Ref: https://github.com/guacsec/guac/issues/244
GetIdentifiers(ctx context.Context) (*IdentifierStrings, error)
}
type GraphBuilder ¶
type GraphBuilder struct {
// contains filtered or unexported fields
}
GraphBuilder creates the assembler inputs based on the documents being parsed
func NewGenericGraphBuilder ¶
func NewGenericGraphBuilder(docParser DocumentParser, foundIdentities []TrustInformation) *GraphBuilder
NewGenericGraphBuilder initializes the graphbulder
func (*GraphBuilder) CreateAssemblerInput ¶
func (b *GraphBuilder) CreateAssemblerInput(ctx context.Context, foundIdentities []TrustInformation, srcInfo processor.SourceInformation) *assembler.AssemblerInput
CreateAssemblerInput creates the GuacNodes and GuacEdges that are needed by the assembler
func (*GraphBuilder) GetIdentifiers ¶ added in v0.1.0
func (b *GraphBuilder) GetIdentifiers(ctx context.Context) (*IdentifierStrings, error)
func (*GraphBuilder) GetIdentities ¶
func (b *GraphBuilder) GetIdentities() []TrustInformation
GetIdentities returns the identity that is found when parsing a document
type IdentifierStrings ¶ added in v0.1.0
type IdentifierStrings struct {
// OciStrings should contain pointers to OCI packages
OciStrings []string
// VcsStrings should contain VCS strings for source control
VcsStrings []string
// PurlStrings should contain package url to specific packages
PurlStrings []string
// GithubReleaseStrings should contain url to specific GitHub releases
GithubReleaseStrings []string
// UnclassifiedStrings contains other strings that have identifiers that
// parsers may not be sure what category they fall under.
UnclassifiedStrings []string
}
IdentifierStrings represent a set of strings that can be used to a set of identifiers that the parser has found to help provide context for collectors to gather more information around found software identifiers.
type TrustInformation ¶ added in v0.1.0
type TrustInformation struct{}
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.