Documentation
¶
Index ¶
- Constants
- Variables
- func AppendLicenseInfo(key string, licenseInfo LicenseInfo)
- func ClearGlobalLicenseData()
- func ClearGlobalResourceData()
- func DisplayLicenseListCSV(output io.Writer) (err error)
- func DisplayLicenseListJson(output io.Writer)
- func DisplayLicenseListMarkdown(output io.Writer)
- func DisplayLicenseListSummaryCSV(output io.Writer) (err error)
- func DisplayLicenseListSummaryMarkdown(output io.Writer)
- func DisplayLicenseListSummaryText(output io.Writer)
- func DisplayLicensePoliciesCSV(output io.Writer) (err error)
- func DisplayLicensePoliciesMarkdown(output io.Writer) (err error)
- func DisplayLicensePoliciesTabbedText(output io.Writer) (err error)
- func DisplayResourceListCSV(output io.Writer) (err error)
- func DisplayResourceListMarkdown(output io.Writer) (err error)
- func DisplayResourceListText(output io.Writer)
- func DisplaySchemasCSV(output io.Writer) (err error)
- func DisplaySchemasMarkdown(output io.Writer) (err error)
- func DisplaySchemasTabbedText(output io.Writer) (err error)
- func ErrorTypesMatch(err error, expected error) bool
- func Execute()
- func FinalizeCompoundPolicy(expression *CompoundExpression) (err error)
- func FormatSchemaErrors(errs []gojsonschema.ResultError) string
- func HasLogicalConjunctionOrPreposition(value string) bool
- func IsInvalidSBOMError(err error) bool
- func IsValidFamilyKey(key string) bool
- func IsValidPolicyEntry(policy LicensePolicy) bool
- func IsValidSpdxId(id string) bool
- func IsValidUsagePolicy(usagePolicy string) bool
- func ListLicenses(output io.Writer, format string, summary bool) (err error)
- func ListPolicies(writer io.Writer) (err error)
- func ListResources(output io.Writer, format string, resourceType string, ...) (err error)
- func ListSchemas(writer io.Writer) (err error)
- func LoadInputSbomFileAndDetectSchema() (document *schema.Sbom, err error)
- func NewCommandLicense() *cobra.Command
- func NewCommandList() *cobra.Command
- func NewCommandPolicy() *cobra.Command
- func NewCommandQuery() *cobra.Command
- func NewCommandResource() *cobra.Command
- func NewCommandSchema() *cobra.Command
- func NewCommandValidate() *cobra.Command
- func NewCommandVersion() *cobra.Command
- func RootCmdImpl(cmd *cobra.Command, args []string) error
- func Validate() (valid bool, document *schema.Sbom, schemaErrors []gojsonschema.ResultError, ...)
- func VerifyPoliciesMatch(testPolicy LicensePolicy, policies []interface{}) bool
- type BaseError
- type CompoundExpression
- type InvalidSBOMError
- type LicenseComplianceConfig
- func (config *LicenseComplianceConfig) GetFamilyNameMap() (hashmap *slicemultimap.MultiMap, err error)
- func (config *LicenseComplianceConfig) GetLicenseIdMap() (hashmap *slicemultimap.MultiMap, err error)
- func (config *LicenseComplianceConfig) HashLicensePolicies() error
- func (config *LicenseComplianceConfig) LoadLicensePolicies(filename string) (err error)
- type LicenseInfo
- type LicensePolicy
- type QueryError
- type QueryRequest
- type QueryResponse
- type ResourceInfo
- type SBOMCompositionError
- type SBOMLicenseError
- type SBOMMetadataError
- type SBOMMetadataPropertyError
- type UtilityError
- type WhereFilter
Constants ¶
View Source
const ( ERROR_APPLICATION = 1 ERROR_VALIDATION = 2 )
View Source
const ( ERR_TYPE_INVALID_JSON_MAP = "invalid JSON map" ERR_TYPE_INVALID_SBOM = "invalid SBOM" ERR_TYPE_SBOM_COMPONENT = "component error" ERR_TYPE_SBOM_LICENSE = "license error" ERR_TYPE_SBOM_COMPOSITION = "composition error" ERR_TYPE_SBOM_METADATA = "metadata error" ERR_TYPE_SBOM_METADATA_PROPERTY = "metadata property error" ERR_TYPE_UNEXPECTED_ERROR = "unexpected error" )
General error messages
View Source
const ( MSG_FORMAT_TYPE = "format: `%s`" MSG_SCHEMA_ERRORS = "schema errors found" MSG_INVALID_METADATA_PROPERTIES = "field `metadata.properties` is missing or invalid" MSG_INVALID_METADATA_COMPONENT_COMPONENTS = "field `metadata.component.components` array should be empty" MSG_INVALID_METADATA_COMPONENT = "field `metadata.component` is missing or invalid" MSG_PROPERTY_NOT_FOUND = "property not found" MSG_PROPERTY_NOT_UNIQUE = "check failed: property not unique" MSG_PROPERTY_REGEX_FAILED = "check failed: property regex mismatch" )
Validation messages
View Source
const ( MSG_LICENSE_INVALID_DATA = "invalid license data" MSG_LICENSE_INVALID_EXPRESSION = "invalid license expression" MSG_LICENSE_INVALID_POLICY = "invalid license policy" MSG_LICENSES_NOT_FOUND = "licenses not found" MSG_LICENSE_EXPRESSION_INVALID_CONJUNCTION = "invalid conjunction" )
License messages
View Source
const ( ERR_TYPE_INVALID_QUERY = "invalid query" MSG_QUERY_CLAUSE_NOT_FOUND = "required clause not found" MSG_QUERY_INVALID_DATATYPE = "invalid data type" MSG_QUERY_INVALID_FROM_CLAUSE = "invalid FROM clause" MSG_QUERY_INVALID_SELECT_CLAUSE = "invalid SELECT clause" MSG_QUERY_INVALID_WHERE_CLAUSE = "invalid WHERE clause" MSG_QUERY_INVALID_ORDER_BY_CLAUSE = "invalid ORDERBY clause" MSG_QUERY_INVALID_REQUEST = "invalid query request" MSG_QUERY_INVALID_RESPONSE = "invalid query response" )
Query error messages
View Source
const ( MSG_QUERY_ERROR_FROM_KEY_INVALID_OBJECT = "key does not reference a valid JSON object" MSG_QUERY_ERROR_FROM_KEY_NOT_FOUND = "key not found in path" MSG_QUERY_ERROR_FROM_KEY_SLICE_DEREFERENCE = "key attempts to dereference into an array" MSG_QUERY_ERROR_SELECT_WILDCARD = "wildcard cannot be used with other values" )
Query error details
View Source
const ( SUBCOMMAND_LICENSE_LIST = "list" SUBCOMMAND_LICENSE_POLICY = "policy" )
View Source
const ( LICENSE_LIST_NOT_APPLICABLE = "N/A" LICENSE_NONE = "NOASSERTION" )
License list default values
View Source
const ( LC_TYPE_INVALID = iota LC_TYPE_ID LC_TYPE_NAME LC_TYPE_EXPRESSION )
LicenseChoice - Choice type
View Source
const ( LC_LOC_UNKNOWN = iota LC_LOC_METADATA_COMPONENT LC_LOC_METADATA LC_LOC_COMPONENTS LC_LOC_SERVICES )
View Source
const ( AND string = "AND" OR string = "OR" WITH string = "WITH" CONJUNCTION_UNDEFINED string = "" )
Supported conjunctions and prepositions
View Source
const ( LEFT_PARENS string = "(" RIGHT_PARENS string = ")" LEFT_PARENS_WITH_SEPARATOR string = "( " RIGHT_PARENS_WITH_SEPARATOR string = " )" PLUS_OPERATOR string = "+" )
Tokens
View Source
const ( FLAG_LICENSE_SUMMARY = "summary" FLAG_LICENSE_POLICY = "policy" )
Subcommand flags TODO: Support a new --sort <column> flag
View Source
const ( FLAG_LICENSE_LIST_OUTPUT_FORMAT_HELP = "format output using the specified format type" FLAG_LICENSE_LIST_SUMMARY_HELP = "summarize licenses and component references in table format (see --format flag help for supported types)" FLAG_LICENSE_LIST_POLICY_HELP = "include policy evaluation in summary listing" )
License list command flag help messages
View Source
const ( MSG_OUTPUT_NO_LICENSES_FOUND = "[WARN] no licenses found in SBOM document" MSG_OUTPUT_NO_SCHEMAS_FOUND = "[WARN] no schemas found in configuration (i.e., \"config.json\")" MSG_OUTPUT_NO_RESOURCES_FOUND = "[WARN] no matching resources found for query" )
License list command informational messages
View Source
const ( POLICY_ALLOW = "allow" POLICY_DENY = "deny" POLICY_NEEDS_REVIEW = "needs-review" POLICY_UNDEFINED = "UNDEFINED" POLICY_CONFLICT = "CONFLICT" )
View Source
const ( FLAG_OUTPUT_FORMAT = "format" FLAG_QUERY_SELECT = "select" FLAG_QUERY_FROM = "from" FLAG_QUERY_WHERE = "where" FLAG_QUERY_ORDER_BY = "orderby" )
Query command flags
View Source
const ( FLAG_QUERY_OUTPUT_FORMAT_HELP = "format output using the specified type" FLAG_QUERY_SELECT_HELP = "comma-separated list of JSON key names used to select fields within the object designated by the FROM flag" + "\n- the wildcard character `*` can be used to denote inclusion of all found key-values" FLAG_QUERY_FROM_HELP = "dot-separated list of JSON key names used to dereference into the JSON document" + "\n - if not present, the query assumes document \"root\" as the `--from` object" FLAG_QUERY_WHERE_HELP = "comma-separated list of key=<regex> used to filter the SELECT result set" FLAG_QUERY_ORDER_BY_HELP = "key name that appears in the SELECT result set used to order the result records" )
Query command flag help messages
View Source
const ( QUERY_TOKEN_WILDCARD = "*" QUERY_FROM_CLAUSE_SEP = "." QUERY_SELECT_CLAUSE_SEP = "," QUERY_WHERE_EXPRESSION_SEP = "," QUERY_WHERE_OPERAND_EQUALS = "=" )
Named tokens
View Source
const ( MD_COLUMN_SEPARATOR = "|" MD_ALIGN_LEFT = ":--" MD_ALIGN_CENTER = "-:-" MD_ALIGN_RIGHT = "--:" )
Markdown report helpers
View Source
const ( FLAG_RESOURCE_TYPE = "type" FLAG_RESOURCE_TYPE_HELP = "filter output by resource type (i.e., component | service" FLAG_RESOURCE_WHERE = FLAG_QUERY_WHERE FLAG_RESOURCE_WHERE_HELP = "comma-separated list of key=<regex> used to filter result set" )
Flags. Reuse query flag values where possible
View Source
const ( RESOURCE_TYPE_DEFAULT = "" // i.e., all resource types RESOURCE_TYPE_COMPONENT = "component" RESOURCE_TYPE_SERVICE = "service" )
resource types
View Source
const ( RESOURCE_FILTER_KEY_TYPE = "type" RESOURCE_FILTER_KEY_NAME = "name" RESOURCE_FILTER_KEY_VALUE = "value" RESOURCE_FILTER_KEY_BOMREF = "bom-ref" )
filter keys
View Source
const ( CMD_VERSION = "version" CMD_VALIDATE = "validate" CMD_LICENSE = "license" CMD_QUERY = "query" CMD_RESOURCE = "resource" CMD_SCHEMA = "schema" )
top-level commands
View Source
const ( CMD_USAGE_VALIDATE = CMD_VALIDATE + " -i input_file" + " [--force schema_file]" CMD_USAGE_QUERY = CMD_QUERY + " -i input_filename [--select * | field1[,fieldN]] [--from [key1[.keyN]] [--where key=regex[,...]]" CMD_USAGE_LICENSE_LIST = SUBCOMMAND_LICENSE_LIST + " -i input_file [[--summary] [--policy]] [--format json|txt|csv|md]" CMD_USAGE_RESOURCE_LIST = CMD_RESOURCE + " -i input_file [--type component|service] [--where key=regex[,...]] [--format json|txt|csv|md]" CMD_USAGE_SCHEMA_LIST = CMD_SCHEMA + " -i input_file [--format json|txt|csv|md]" )
View Source
const ( FLAG_CONFIG_SCHEMA = "config-schema" FLAG_CONFIG_LICENSE_POLICY = "config-license" FLAG_CONFIG_CUSTOM_VALIDATION = "config-validation" FLAG_TRACE = "trace" FLAG_TRACE_SHORT = "t" FLAG_DEBUG = "debug" FLAG_DEBUG_SHORT = "d" FLAG_FILENAME_INPUT = "input-file" FLAG_FILENAME_INPUT_SHORT = "i" FLAG_FILENAME_OUTPUT = "output-file" FLAG_FILENAME_OUTPUT_SHORT = "o" FLAG_QUIET_MODE = "quiet" FLAG_QUIET_MODE_SHORT = "q" FLAG_LOG_OUTPUT_INDENT = "indent" FLAG_FILE_OUTPUT_FORMAT = "format" )
View Source
const ( MSG_APP_NAME = "Software Bill-of-Materials (SBOM) utility." MSG_APP_DESCRIPTION = "This utility serves as centralized command line interface into various Software Bill-of-Materials (SBOM) helper utilities." MSG_FLAG_TRACE = "enable trace logging" MSG_FLAG_DEBUG = "enable debug logging" MSG_FLAG_INPUT = "input filename (e.g., \"path/sbom.json\")" MSG_FLAG_OUTPUT = "output filename" MSG_FLAG_LOG_QUIET = "enable quiet logging mode (removes all information messages from console output); overrides other logging commands" MSG_FLAG_LOG_INDENT = "enable log indentation of functional callstack" MSG_FLAG_CONFIG_SCHEMA = "provide custom location and/or filename for application schema configuration (i.e., replaces default `config.json`)" MSG_FLAG_CONFIG_LICENSE = "provide custom location and/or filename for application license policy configuration (i.e., replaces default `license.json`)" )
View Source
const ( MSG_SUPPORTED_OUTPUT_FORMATS_HELP = "\n- Supported formats: " MSG_SUPPORTED_OUTPUT_FORMATS_SUMMARY_HELP = "\n- Supported formats using the --summary flag: " )
View Source
const ( DEFAULT_SCHEMA_CONFIG = "config.json" DEFAULT_CUSTOM_VALIDATION_CONFIG = "custom.json" DEFAULT_LICENSE_POLICIES = "license.json" )
View Source
const ( FORMAT_DEFAULT = "" FORMAT_TEXT = "txt" FORMAT_JSON = "json" FORMAT_CSV = "csv" FORMAT_MARKDOWN = "md" FORMAT_ANY = "<any>" // Used for test errors )
Supported output formats
View Source
const ( VALID = true INVALID = false )
View Source
const ( FLAG_SCHEMA_FORCE = "force" FLAG_SCHEMA_VARIANT = "variant" FLAG_CUSTOM_VALIDATION = "custom" MSG_SCHEMA_FORCE = "force specified schema file for validation; overrides inferred schema" MSG_SCHEMA_VARIANT = "select named schema variant (e.g., \"strict\"); variant must be declared in configuration file (i.e., \"config.json\")" MSG_FLAG_CUSTOM_VALIDATION = "perform custom validation using custom configuration settings (i.e., \"custom.json\")" )
validation flags
View Source
const (
DEFAULT_TRUNCATE_LENGTH = 128
)
limits
View Source
const (
ERR_FORMAT_DETAIL_SEP = ": "
)
formatting Error() interface
View Source
const (
FLAG_POLICY_OUTPUT_FORMAT_HELP = "format output using the specified type"
)
Subcommand flags
View Source
const (
FLAG_RESOURCE_OUTPUT_FORMAT_HELP = "format output using the specified type"
)
Command help formatting
View Source
const (
FLAG_SCHEMA_OUTPUT_FORMAT_HELP = "format output using the specified type"
)
Subcommand flags
View Source
const (
LICENSE_LIST_TITLE_ROW_SEPARATOR = "-"
)
View Source
const (
PROTOCOL_PREFIX_FILE = "file://"
)
Protocol
View Source
const (
REGEX_VALID_SPDX_ID = "^[a-zA-Z0-9.-]+$"
)
Note: the SPDX spec. does not provide regex for an SPDX ID, but provides the following in ABNF:
string = 1*(ALPHA / DIGIT / "-" / "." )
Currently, the regex below tests composition of of only alphanum, "-", and "." characters and disallows empty strings TODO:
- First and last chars are not "-" or "."
- Enforce reasonable min/.max length. In theory, we can check overall length with positive lookahead (e.g., min 3 max 128): (?=.{3,128}$) However, this does not appear to be supported in `regexp` package or perhaps it must be a compiled expression TBD
View Source
const (
SUBCOMMAND_RESOURCE_LIST = "list"
)
Variables ¶
View Source
var CDX_LICENSE_LOCATION_NAMES = map[int]string{ LC_LOC_UNKNOWN: "unknown", LC_LOC_METADATA_COMPONENT: "metadata.component", LC_LOC_METADATA: "metadata.licenses", LC_LOC_COMPONENTS: "components", LC_LOC_SERVICES: "services", }
View Source
var LC_TYPE_NAMES = [...]string{"invalid", "id", "name", "expression"}
Declare a fixed-sized array for LC type names
View Source
var LICENSE_LIST_SUMMARY_SUPPORTED_FORMATS = MSG_SUPPORTED_OUTPUT_FORMATS_SUMMARY_HELP + strings.Join([]string{FORMAT_TEXT, FORMAT_CSV, FORMAT_MARKDOWN}, ", ") + " (default: txt)"
View Source
var LICENSE_LIST_SUPPORTED_FORMATS = MSG_SUPPORTED_OUTPUT_FORMATS_HELP + strings.Join([]string{FORMAT_JSON, FORMAT_CSV, FORMAT_MARKDOWN}, ", ") + " (default: json)"
Command help formatting
View Source
var LICENSE_LIST_TITLES_LICENSE_CHOICE = []string{"License.Id", "License.Name", "License.Url", "Expression", "License.Text.ContentType", "License.Text.Encoding", "License.Text.Content"}
View Source
var LICENSE_LIST_TITLES_SUMMARY = []string{"Type", "ID/Name/Expression", "Component(s)", "BOM ref.", "Document location"}
View Source
var LICENSE_LIST_TITLE_POLICY = []string{"Policy"}
Title row names for formatted lists (reports)
View Source
var LICENSE_POLICY_SUMMARY_TITLES = []string{"Policy", "Family", "SPDX ID", "Name", "Annotations", "Notes"}
Titles for lists
View Source
var LICENSE_POLICY_SUPPORTED_FORMATS = MSG_SUPPORTED_OUTPUT_FORMATS_HELP + strings.Join([]string{FORMAT_TEXT, FORMAT_CSV, FORMAT_MARKDOWN}, ", ")
Command help formatting
View Source
var ProjectLogger *log.MiniLogger
View Source
var QUERY_SUPPORTED_FORMATS = MSG_SUPPORTED_OUTPUT_FORMATS_HELP + strings.Join([]string{FORMAT_JSON}, ", ")
View Source
var RESOURCE_LIST_SUPPORTED_FORMATS = MSG_SUPPORTED_OUTPUT_FORMATS_HELP + strings.Join([]string{FORMAT_TEXT, FORMAT_CSV, FORMAT_MARKDOWN}, ", ")
View Source
var RESOURCE_LIST_TITLES = []string{"type", "name", "version", "bom-ref"}
View Source
var SCHEMA_LIST_SUPPORTED_FORMATS = MSG_SUPPORTED_OUTPUT_FORMATS_HELP + strings.Join([]string{FORMAT_TEXT, FORMAT_CSV, FORMAT_MARKDOWN}, ", ")
Command help formatting
View Source
var SCHEMA_LIST_TITLES = []string{"Format", "Version", "Variant", "File", "Source"}
View Source
var SchemaFiles embed.FS
Globals
View Source
var VALID_FILTER_KEYS = []string{RESOURCE_FILTER_KEY_TYPE, RESOURCE_FILTER_KEY_NAME, RESOURCE_FILTER_KEY_VALUE, RESOURCE_FILTER_KEY_BOMREF}
View Source
var VALID_RESOURCE_TYPES = []string{RESOURCE_TYPE_DEFAULT, RESOURCE_TYPE_COMPONENT, RESOURCE_TYPE_SERVICE}
View Source
var VALID_RESOURCE_WHERE_FILTER_KEYS = []string{}
View Source
var VALID_SUBCOMMANDS_LICENSE = []string{SUBCOMMAND_LICENSE_LIST, SUBCOMMAND_LICENSE_POLICY}
View Source
var VALID_SUBCOMMANDS_RESOURCE = []string{SUBCOMMAND_RESOURCE_LIST}
View Source
var VALID_USAGE_POLICIES = []string{POLICY_ALLOW, POLICY_DENY, POLICY_NEEDS_REVIEW}
Functions ¶
func AppendLicenseInfo ¶
func AppendLicenseInfo(key string, licenseInfo LicenseInfo)
func ClearGlobalLicenseData ¶
func ClearGlobalLicenseData()
func ClearGlobalResourceData ¶
func ClearGlobalResourceData()
func DisplayLicenseListCSV ¶
NOTE: This list is NOT de-duplicated
func DisplayLicenseListJson ¶
NOTE: This list is NOT de-duplicated NOTE: if no license are found, the "json.Marshal" method(s) will return a value of "null" which is valid JSON (and not an empty array) TODO: Support de-duplication (flag) (which MUST be exact using deep comparison)
func DisplayLicenseListMarkdown ¶
NOTE: This list is NOT de-duplicated
func DisplayLicenseListSummaryCSV ¶
NOTE: This list is NOT de-duplicated TODO: Make policy column optional TODO: Add a --no-title flag to skip title output TODO: Support a new --sort <column> flag
func DisplayLicenseListSummaryMarkdown ¶
NOTE: This list is NOT de-duplicated TODO: Make policy column optional TODO: Add a --no-title flag to skip title output TODO: Support a new --sort <column> flag
func DisplayLicenseListSummaryText ¶
NOTE: This list is NOT de-duplicated TODO: Make policy column optional TODO: Add a --no-title flag to skip title output TODO: Support a new --sort <column> flag
func DisplayLicensePoliciesCSV ¶
TODO: Add a --no-title flag to skip title output
func DisplayLicensePoliciesMarkdown ¶
TODO: Add a --no-title flag to skip title output
func DisplayLicensePoliciesTabbedText ¶
Display all license policies including those with SPDX IDs and those only with "family" names which is reflected in the contents of the hashmap keyed on family names. NOTE: assumes all entries in the policy config file MUST have family names TODO: Allow caller to pass flag to truncate or not (perhaps with value) TODO: Add a --no-title flag to skip title output
func DisplayResourceListCSV ¶
TODO: Add a --no-title flag to skip title output
func DisplayResourceListMarkdown ¶
TODO: Add a --no-title flag to skip title output
func DisplayResourceListText ¶
NOTE: This list is NOT de-duplicated TODO: Add a --no-title flag to skip title output
func DisplaySchemasCSV ¶
TODO: Add a --no-title flag to skip title output
func DisplaySchemasMarkdown ¶
TODO: Add a --no-title flag to skip title output
func DisplaySchemasTabbedText ¶
TODO: Add a --no-title flag to skip title output
func ErrorTypesMatch ¶
NOTE: err = nil will also fail if error was expected
func FinalizeCompoundPolicy ¶
func FinalizeCompoundPolicy(expression *CompoundExpression) (err error)
func FormatSchemaErrors ¶
func FormatSchemaErrors(errs []gojsonschema.ResultError) string
func IsInvalidSBOMError ¶
func IsValidFamilyKey ¶
func IsValidPolicyEntry ¶
func IsValidPolicyEntry(policy LicensePolicy) bool
NOTE: policy.Id == "" we allow as "valid" as this indicates a potential "family" entry (i.e., group of SPDX IDs)
func IsValidSpdxId ¶
func IsValidUsagePolicy ¶
func ListPolicies ¶
func ListResources ¶
func ListResources(output io.Writer, format string, resourceType string, whereFilters []WhereFilter) (err error)
NOTE: resourceType has already been validated
func ListSchemas ¶
func NewCommandLicense ¶
func NewCommandList ¶
WARNING: Cobra will not recognize a subcommand if its `command.Use` is not a single word string that matches one of the `command.ValidArgs` set on the parent command
func NewCommandPolicy ¶
WARNING: Cobra will not recognize a subcommand if its `command.Use` is not a single word string that matches one of the `command.ValidArgs` set on the parent command
func NewCommandQuery ¶
func NewCommandResource ¶
func NewCommandSchema ¶
func NewCommandValidate ¶
func NewCommandVersion ¶
func Validate ¶
func Validate() (valid bool, document *schema.Sbom, schemaErrors []gojsonschema.ResultError, err error)
func VerifyPoliciesMatch ¶
func VerifyPoliciesMatch(testPolicy LicensePolicy, policies []interface{}) bool
given an array of policies verify their "usage" policy does not represent a conflict
Types ¶
type BaseError ¶
type BaseError struct {
Type string
Message string
InputFile string
InnerError error
Command string
Flags string
Details string
}
func (BaseError) AppendMessage ¶
type CompoundExpression ¶
type CompoundExpression struct {
SimpleLeft string
SimpleLeftHasPlus bool
LeftPolicy LicensePolicy
LeftUsagePolicy string
SimpleRight string
SimpleRightHasPlus bool
RightPolicy LicensePolicy
RightUsagePolicy string
Conjunction string
PrepRight string
PrepLeft string
CompoundLeft *CompoundExpression
CompoundRight *CompoundExpression
CompoundUsagePolicy string
}
func NewCompoundExpression ¶
func NewCompoundExpression() *CompoundExpression
type InvalidSBOMError ¶
type InvalidSBOMError struct {
BaseError
SBOM *schema.Sbom
FieldKeys []string // Keys used to dereference into JSON map where error found
SchemaErrors []gojsonschema.ResultError
}
Extend the base error type
func NewInvalidSBOMError ¶
func NewInvalidSBOMError(sbom *schema.Sbom, m string, errIn error, schemaErrors []gojsonschema.ResultError) *InvalidSBOMError
type LicenseComplianceConfig ¶
type LicenseComplianceConfig struct {
PolicyList []LicensePolicy `json:"policies"`
Annotations map[string]string `json:"annotations"`
// contains filtered or unexported fields
}
func (*LicenseComplianceConfig) GetFamilyNameMap ¶
func (config *LicenseComplianceConfig) GetFamilyNameMap() (hashmap *slicemultimap.MultiMap, err error)
func (*LicenseComplianceConfig) GetLicenseIdMap ¶
func (config *LicenseComplianceConfig) GetLicenseIdMap() (hashmap *slicemultimap.MultiMap, err error)
func (*LicenseComplianceConfig) HashLicensePolicies ¶
func (config *LicenseComplianceConfig) HashLicensePolicies() error
func (*LicenseComplianceConfig) LoadLicensePolicies ¶
func (config *LicenseComplianceConfig) LoadLicensePolicies(filename string) (err error)
type LicenseInfo ¶
type LicenseInfo struct {
LicenseLocation int
LicenseChoiceType int
LicenseKey string
LicenseChoice schema.CDXLicenseChoice
Policy LicensePolicy
EntityRef string
EntityName string
Component schema.CDXComponent
Service schema.CDXService
}
type LicensePolicy ¶
type LicensePolicy struct {
Id string `json:"id"`
Family string `json:"family"`
Name string `json:"name"`
UsagePolicy string `json:"usagePolicy"`
Children []string `json:"children"`
Notes []string `json:"notes"`
Urls []string `json:"urls"`
AnnotationRefs []string `json:"annotationRefs"`
}
func FindPolicy ¶
func FindPolicy(licenseInfo LicenseInfo) (matchedPolicy LicensePolicy, err error)
func FindPolicyByFamilyName ¶
func FindPolicyByFamilyName(name string) (policyValue string, matchedPolicy LicensePolicy)
NOTE: for now, we will look for the "family" name encoded in the License.Name field (until) we can get additional fields/properties added to the CDX LicenseChoice schema
func FindPolicyBySpdxId ¶
func FindPolicyBySpdxId(id string) (policyValue string, matchedPolicy LicensePolicy)
type QueryError ¶
type QueryError struct {
BaseError
// contains filtered or unexported fields
}
func NewQueryError ¶
func NewQueryError(qr *QueryRequest, m string, d string) *QueryError
func NewQueryFromClauseError ¶
func NewQueryFromClauseError(qr *QueryRequest, detail string) *QueryError
func NewQuerySelectClauseError ¶
func NewQuerySelectClauseError(qr *QueryRequest, detail string) *QueryError
func NewQueryWhereClauseError ¶
func NewQueryWhereClauseError(qr *QueryRequest, detail string) *QueryError
type QueryRequest ¶
type QueryRequest struct {
// contains filtered or unexported fields
}
query JSON map and return selected subset SELECT
<key.1>, <key.2>, ... // "firstname, lastname, email" || * (default)
FROM
<key path> // "product.customers"
WHERE
<key.X> == <value> // "country='Germany'"
ORDER BY
<key.N> // "lastname"
e.g.,SELECT * FROM product.customers WHERE country="Germany";
func (*QueryRequest) String ¶
func (qr *QueryRequest) String() string
Implement the Stringer interface for QueryRequest
type QueryResponse ¶
type QueryResponse struct {
// contains filtered or unexported fields
}
func NewQueryResponse ¶
func NewQueryResponse() *QueryResponse
type ResourceInfo ¶
type ResourceInfo struct {
Type string `json:"type"`
BomRef string `json:"bom-ref"`
Name string `json:"name"`
Version string `json:"version"`
SupplierProvider schema.CDXOrganizationalEntity
Properties []schema.CDXProperty
Component schema.CDXComponent
Service schema.CDXService
// contains filtered or unexported fields
}
TODO: need to strip `-` from `bom-ref` for where filter
type SBOMCompositionError ¶
type SBOMCompositionError struct {
InvalidSBOMError
}
Define more specific invalid SBOM errors
func NewSBOMCompositionError ¶
func NewSBOMCompositionError(m string, sbom *schema.Sbom, fields []string) *SBOMCompositionError
func (SBOMCompositionError) Error ¶
func (err SBOMCompositionError) Error() string
Support the error interface
type SBOMLicenseError ¶
type SBOMLicenseError struct {
SBOMCompositionError
}
NOTE: Current sub-type is "no license found"; other, more specific subtypes may be created
func IsSBOMLicenseError ¶
func IsSBOMLicenseError(err error) (*SBOMLicenseError, bool)
func NewSbomLicenseDataError ¶
func NewSbomLicenseDataError() *SBOMLicenseError
func NewSbomLicenseNotFoundError ¶
func NewSbomLicenseNotFoundError(sbom *schema.Sbom) *SBOMLicenseError
type SBOMMetadataError ¶
type SBOMMetadataError struct {
InvalidSBOMError
Metadata schema.CDXMetadata
}
Define more specific invalid SBOM errors
func NewSBOMMetadataError ¶
func NewSBOMMetadataError(sbom *schema.Sbom, m string, metadata schema.CDXMetadata) *SBOMMetadataError
TODO: create Error() (interface) method that displays CDXMetadata
type SBOMMetadataPropertyError ¶
type SBOMMetadataPropertyError struct {
SBOMMetadataError
Expected *schema.CustomValidationProperty
Actual []schema.CDXProperty
}
func NewSbomMetadataPropertyError ¶
func NewSbomMetadataPropertyError(sbom *schema.Sbom, m string, expected *schema.CustomValidationProperty, values []schema.CDXProperty) *SBOMMetadataPropertyError
TODO: create Error() (interface) method that displays CDXProperty
type UtilityError ¶
type UtilityError struct {
BaseError
}
func NewUtilityError ¶
func NewUtilityError(t string, m string, f string, errIn error) *UtilityError
type WhereFilter ¶
type WhereFilter struct {
Operand string
Value string
ValueRegEx *regexp.Regexp
// contains filtered or unexported fields
}
func (*WhereFilter) GetNormalizeKey ¶
func (filter *WhereFilter) GetNormalizeKey() (normalizedKey string)
Source Files
Click to show internal directories.
Click to hide internal directories.