sbom

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 4, 2024 License: Apache-2.0 Imports: 14 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ErrUnknownFormat = xerrors.New("Unknown SBOM format")

Functions

func Decode

func Decode(ctx context.Context, f io.Reader, format Format) (types.SBOM, error)

func IsCycloneDXJSON

func IsCycloneDXJSON(r io.ReadSeeker) (bool, error)

func IsCycloneDXXML

func IsCycloneDXXML(r io.ReadSeeker) (bool, error)

func IsSPDXJSON

func IsSPDXJSON(r io.ReadSeeker) (bool, error)

func IsSPDXTV

func IsSPDXTV(r io.ReadSeeker) (bool, error)

Types

type Format

type Format string
const (
	FormatCycloneDXJSON       Format = "cyclonedx-json"
	FormatCycloneDXXML        Format = "cyclonedx-xml"
	FormatSPDXJSON            Format = "spdx-json"
	FormatSPDXTV              Format = "spdx-tv"
	FormatSPDXXML             Format = "spdx-xml"
	FormatAttestCycloneDXJSON Format = "attest-cyclonedx-json"
	FormatUnknown             Format = "unknown"

	// FormatLegacyCosignAttestCycloneDXJSON is used to support the older format of CycloneDX JSON Attestation
	// produced by the Cosign V1.
	// ref. https://github.com/sigstore/cosign/pull/2718
	FormatLegacyCosignAttestCycloneDXJSON Format = "legacy-cosign-attest-cyclonedx-json"

	// PredicateCycloneDXBeforeV05 is the PredicateCycloneDX value defined in in-toto-golang before v0.5.0.
	// This is necessary for backward-compatible SBOM detection.
	// ref. https://github.com/in-toto/in-toto-golang/pull/188
	PredicateCycloneDXBeforeV05 = "https://cyclonedx.org/schema"
)

func DetectFormat

func DetectFormat(r io.ReadSeeker) (Format, error)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL