softwarecomposition

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 1, 2023 License: Apache-2.0 Imports: 6 Imported by: 2

Documentation

Overview

Package softwarecomposition is the internal version of the API.

Index

Constants

View Source 
const (
	// F.2 Security types
	TypeSecurityCPE23Type string = "cpe23Type"
	TypeSecurityCPE22Type string = "cpe22Type"
	TypeSecurityAdvisory  string = "advisory"
	TypeSecurityFix       string = "fix"
	TypeSecurityUrl       string = "url"
	TypeSecuritySwid      string = "swid"

	// F.3 Package-Manager types
	TypePackageManagerMavenCentral string = "maven-central"
	TypePackageManagerNpm          string = "npm"
	TypePackageManagerNuGet        string = "nuget"
	TypePackageManagerBower        string = "bower"
	TypePackageManagerPURL         string = "purl"

	// 11.1 Relationship field types
	TypeRelationshipDescribe                  string = "DESCRIBES"
	TypeRelationshipDescribeBy                string = "DESCRIBED_BY"
	TypeRelationshipContains                  string = "CONTAINS"
	TypeRelationshipContainedBy               string = "CONTAINED_BY"
	TypeRelationshipDependsOn                 string = "DEPENDS_ON"
	TypeRelationshipDependencyOf              string = "DEPENDENCY_OF"
	TypeRelationshipBuildDependencyOf         string = "BUILD_DEPENDENCY_OF"
	TypeRelationshipDevDependencyOf           string = "DEV_DEPENDENCY_OF"
	TypeRelationshipOptionalDependencyOf      string = "OPTIONAL_DEPENDENCY_OF"
	TypeRelationshipProvidedDependencyOf      string = "PROVIDED_DEPENDENCY_OF"
	TypeRelationshipTestDependencyOf          string = "TEST_DEPENDENCY_OF"
	TypeRelationshipRuntimeDependencyOf       string = "RUNTIME_DEPENDENCY_OF"
	TypeRelationshipExampleOf                 string = "EXAMPLE_OF"
	TypeRelationshipGenerates                 string = "GENERATES"
	TypeRelationshipGeneratedFrom             string = "GENERATED_FROM"
	TypeRelationshipAncestorOf                string = "ANCESTOR_OF"
	TypeRelationshipDescendantOf              string = "DESCENDANT_OF"
	TypeRelationshipVariantOf                 string = "VARIANT_OF"
	TypeRelationshipDistributionArtifact      string = "DISTRIBUTION_ARTIFACT"
	TypeRelationshipPatchFor                  string = "PATCH_FOR"
	TypeRelationshipPatchApplied              string = "PATCH_APPLIED"
	TypeRelationshipCopyOf                    string = "COPY_OF"
	TypeRelationshipFileAdded                 string = "FILE_ADDED"
	TypeRelationshipFileDeleted               string = "FILE_DELETED"
	TypeRelationshipFileModified              string = "FILE_MODIFIED"
	TypeRelationshipExpandedFromArchive       string = "EXPANDED_FROM_ARCHIVE"
	TypeRelationshipDynamicLink               string = "DYNAMIC_LINK"
	TypeRelationshipStaticLink                string = "STATIC_LINK"
	TypeRelationshipDataFileOf                string = "DATA_FILE_OF"
	TypeRelationshipTestCaseOf                string = "TEST_CASE_OF"
	TypeRelationshipBuildToolOf               string = "BUILD_TOOL_OF"
	TypeRelationshipDevToolOf                 string = "DEV_TOOL_OF"
	TypeRelationshipTestOf                    string = "TEST_OF"
	TypeRelationshipTestToolOf                string = "TEST_TOOL_OF"
	TypeRelationshipDocumentationOf           string = "DOCUMENTATION_OF"
	TypeRelationshipOptionalComponentOf       string = "OPTIONAL_COMPONENT_OF"
	TypeRelationshipMetafileOf                string = "METAFILE_OF"
	TypeRelationshipPackageOf                 string = "PACKAGE_OF"
	TypeRelationshipAmends                    string = "AMENDS"
	TypeRelationshipPrerequisiteFor           string = "PREREQUISITE_FOR"
	TypeRelationshipHasPrerequisite           string = "HAS_PREREQUISITE"
	TypeRelationshipRequirementDescriptionFor string = "REQUIREMENT_DESCRIPTION_FOR"
	TypeRelationshipSpecificationFor          string = "SPECIFICATION_FOR"
	TypeRelationshipOther                     string = "OTHER"
)

Constants for various string types

View Source 
const GroupName = "spdx.softwarecomposition.kubescape.io"

GroupName is the group name used in this package

Variables

View Source 
var (
	// SchemeBuilder is the scheme builder with scheme init functions to run for this API package
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	// AddToScheme is a common registration function for mapping packaged scoped group & version keys to a scheme
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}

SchemeGroupVersion is group version used to register these objects

Functions

func Kind 

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func RenderDocElementID 

func RenderDocElementID(deID DocElementID) string

RenderDocElementID takes a DocElementID and returns the string equivalent, with the SPDXRef- prefix (and, if applicable, the DocumentRef- prefix) reinserted. If a SpecialID is present, it will be rendered verbatim and DocumentRefID and ElementRefID will be ignored.

func RenderElementID 

func RenderElementID(eID ElementID) string

RenderElementID takes an ElementID and returns the string equivalent, with the SPDXRef- prefix reinserted.

func Resource 

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns back a Group qualified GroupResource

Types

type Annotation 

type Annotation struct {
	// 12.1: Annotator
	// Cardinality: conditional (mandatory, one) if there is an Annotation
	Annotator Annotator

	// 12.2: Annotation Date: YYYY-MM-DDThh:mm:ssZ
	// Cardinality: conditional (mandatory, one) if there is an Annotation
	AnnotationDate string

	// 12.3: Annotation Type: "REVIEW" or "OTHER"
	// Cardinality: conditional (mandatory, one) if there is an Annotation
	AnnotationType string

	// 12.4: SPDX Identifier Reference
	// Cardinality: conditional (mandatory, one) if there is an Annotation
	// This field is not used in hierarchical data formats where the referenced element is clear, such as JSON or YAML.
	AnnotationSPDXIdentifier DocElementID

	// 12.5: Annotation Comment
	// Cardinality: conditional (mandatory, one) if there is an Annotation
	AnnotationComment string
}

Annotation is an Annotation section of an SPDX Document for version 2.3 of the spec.

func (*Annotation) DeepCopy 

func (in *Annotation) DeepCopy() *Annotation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Annotation.

func (*Annotation) DeepCopyInto 

func (in *Annotation) DeepCopyInto(out *Annotation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Annotator 

type Annotator struct {
	Annotator string
	// including AnnotatorType: one of "Person", "Organization" or "Tool"
	AnnotatorType string
}

func (*Annotator) DeepCopy 

func (in *Annotator) DeepCopy() *Annotator

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Annotator.

func (*Annotator) DeepCopyInto 

func (in *Annotator) DeepCopyInto(out *Annotator)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (Annotator) MarshalJSON 

func (a Annotator) MarshalJSON() ([]byte, error)

MarshalJSON converts the receiver into a slice of bytes representing an Annotator in string form. This function is also used when marshalling to YAML

func (*Annotator) UnmarshalJSON 

func (a *Annotator) UnmarshalJSON(data []byte) error

UnmarshalJSON takes an annotator in the typical one-line format and parses it into an Annotator struct. This function is also used when unmarshalling YAML

type ArtifactOfProject 

type ArtifactOfProject struct {

	// DEPRECATED in version 2.1 of spec
	// 8.9: Artifact of Project Name
	// Cardinality: conditional, required if present, one per AOP
	Name string

	// DEPRECATED in version 2.1 of spec
	// 8.10: Artifact of Project Homepage: URL or "UNKNOWN"
	// Cardinality: optional, one per AOP
	HomePage string

	// DEPRECATED in version 2.1 of spec
	// 8.11: Artifact of Project Uniform Resource Identifier
	// Cardinality: optional, one per AOP
	URI string
}

ArtifactOfProject is a DEPRECATED collection of data regarding a Package, as defined in sections 8.9-8.11 in version 2.3 of the spec. NOTE: the JSON schema does not define the structure of this object: https://github.com/spdx/spdx-spec/blob/development/v2.3.1/schemas/spdx-schema.json#L480

func (*ArtifactOfProject) DeepCopy 

func (in *ArtifactOfProject) DeepCopy() *ArtifactOfProject

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ArtifactOfProject.

func (*ArtifactOfProject) DeepCopyInto 

func (in *ArtifactOfProject) DeepCopyInto(out *ArtifactOfProject)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Checksum 

type Checksum struct {
	Algorithm ChecksumAlgorithm
	Value     string
}

Checksum provides a unique identifier to match analysis information on each specific file in a package. The Algorithm field describes the ChecksumAlgorithm used and the Value represents the file checksum

func (*Checksum) DeepCopy 

func (in *Checksum) DeepCopy() *Checksum

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Checksum.

func (*Checksum) DeepCopyInto 

func (in *Checksum) DeepCopyInto(out *Checksum)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ChecksumAlgorithm 

type ChecksumAlgorithm string

ChecksumAlgorithm represents the algorithm used to generate the file checksum in the Checksum struct. 

const (
	SHA224      ChecksumAlgorithm = "SHA224"
	SHA1        ChecksumAlgorithm = "SHA1"
	SHA256      ChecksumAlgorithm = "SHA256"
	SHA384      ChecksumAlgorithm = "SHA384"
	SHA512      ChecksumAlgorithm = "SHA512"
	MD2         ChecksumAlgorithm = "MD2"
	MD4         ChecksumAlgorithm = "MD4"
	MD5         ChecksumAlgorithm = "MD5"
	MD6         ChecksumAlgorithm = "MD6"
	SHA3_256    ChecksumAlgorithm = "SHA3-256"
	SHA3_384    ChecksumAlgorithm = "SHA3-384"
	SHA3_512    ChecksumAlgorithm = "SHA3-512"
	BLAKE2b_256 ChecksumAlgorithm = "BLAKE2b-256"
	BLAKE2b_384 ChecksumAlgorithm = "BLAKE2b-384"
	BLAKE2b_512 ChecksumAlgorithm = "BLAKE2b-512"
	BLAKE3      ChecksumAlgorithm = "BLAKE3"
	ADLER32     ChecksumAlgorithm = "ADLER32"
)

The checksum algorithms mentioned in the spdxv2.2.0 https://spdx.github.io/spdx-spec/4-file-information/#44-file-checksum

type CreationInfo 

type CreationInfo struct {
	// 6.7: License List Version
	// Cardinality: optional, one
	LicenseListVersion string

	// 6.8: Creators: may have multiple keys for Person, Organization
	//      and/or Tool
	// Cardinality: mandatory, one or many
	Creators []Creator

	// 6.9: Created: data format YYYY-MM-DDThh:mm:ssZ
	// Cardinality: mandatory, one
	Created string

	// 6.10: Creator Comment
	// Cardinality: optional, one
	CreatorComment string
}

CreationInfo is a Document Creation Information section of an SPDX Document for version 2.3 of the spec.

func (*CreationInfo) DeepCopy 

func (in *CreationInfo) DeepCopy() *CreationInfo

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CreationInfo.

func (*CreationInfo) DeepCopyInto 

func (in *CreationInfo) DeepCopyInto(out *CreationInfo)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Creator 

type Creator struct {
	Creator string
	// CreatorType should be one of "Person", "Organization", or "Tool"
	CreatorType string
}

Creator is a wrapper around the Creator SPDX field. The SPDX field contains two values, which requires special handling in order to marshal/unmarshal it to/from Go data types.

func (*Creator) DeepCopy 

func (in *Creator) DeepCopy() *Creator

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Creator.

func (*Creator) DeepCopyInto 

func (in *Creator) DeepCopyInto(out *Creator)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (Creator) MarshalJSON 

func (c Creator) MarshalJSON() ([]byte, error)

MarshalJSON converts the receiver into a slice of bytes representing a Creator in string form. This function is also used with marshalling to YAML

func (*Creator) UnmarshalJSON 

func (c *Creator) UnmarshalJSON(data []byte) error

UnmarshalJSON takes an annotator in the typical one-line format and parses it into a Creator struct. This function is also used when unmarshalling YAML

type DocElementID 

type DocElementID struct {
	DocumentRefID string
	ElementRefID  ElementID
	SpecialID     string
}

DocElementID represents an SPDX element identifier that could be defined in a different SPDX document, and therefore could have a "DocumentRef-" portion, such as Relationships and Annotations. ElementID is used for attributes in which a "DocumentRef-" portion cannot appear, such as a Package or File definition (since it is necessarily being defined in the present document). DocumentRefID will be the empty string for elements defined in the present document. DocElementIDs should NOT contain the mandatory 'DocumentRef-' or 'SPDXRef-' portions. SpecialID is used ONLY if the DocElementID matches a defined set of permitted special values for a particular field, e.g. "NONE" or "NOASSERTION" for the right-hand side of Relationships. If SpecialID is set, DocumentRefID and ElementRefID should be empty (and vice versa).

func MakeDocElementID 

func MakeDocElementID(docRef string, eltRef string) DocElementID

MakeDocElementID takes strings (without prefixes) for the DocumentRef- and SPDXRef- identifiers, and returns a DocElementID. An empty string should be used for the DocumentRef- portion if it is referring to the present document.

func MakeDocElementSpecial 

func MakeDocElementSpecial(specialID string) DocElementID

MakeDocElementSpecial takes a "special" string (e.g. "NONE" or "NOASSERTION" for the right side of a Relationship), nd returns a DocElementID with it in the SpecialID field. Other fields will be empty.

func (*DocElementID) DeepCopy 

func (in *DocElementID) DeepCopy() *DocElementID

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DocElementID.

func (*DocElementID) DeepCopyInto 

func (in *DocElementID) DeepCopyInto(out *DocElementID)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (DocElementID) MarshalJSON 

func (d DocElementID) MarshalJSON() ([]byte, error)

MarshalJSON converts the receiver into a slice of bytes representing a DocElementID in string form. This function is also used when marshalling to YAML

func (*DocElementID) UnmarshalJSON 

func (d *DocElementID) UnmarshalJSON(data []byte) (err error)

UnmarshalJSON takes a SPDX Identifier string parses it into a DocElementID struct. This function is also used when unmarshalling YAML

type Document 

type Document struct {
	// Added
	DocumentDescribes []string

	// 6.1: SPDX Version; should be in the format "SPDX-2.3"
	// Cardinality: mandatory, one
	SPDXVersion string

	// 6.2: Data License; should be "CC0-1.0"
	// Cardinality: mandatory, one
	DataLicense string

	// 6.3: SPDX Identifier; should be "DOCUMENT" to represent
	//      mandatory identifier of SPDXRef-DOCUMENT
	// Cardinality: mandatory, one
	SPDXIdentifier ElementID

	// 6.4: Document Name
	// Cardinality: mandatory, one
	DocumentName string

	// 6.5: Document Namespace
	// Cardinality: mandatory, one
	DocumentNamespace string

	// 6.6: External Document References
	// Cardinality: optional, one or many
	ExternalDocumentReferences []ExternalDocumentRef

	// 6.11: Document Comment
	// Cardinality: optional, one
	DocumentComment string

	CreationInfo  *CreationInfo
	Packages      []*Package
	Files         []*File
	OtherLicenses []*OtherLicense
	Relationships []*Relationship
	Annotations   []Annotation
	Snippets      []Snippet

	// DEPRECATED in version 2.0 of spec
	Reviews []*Review
}

Document is an SPDX Document for version 2.3 of the spec. See https://spdx.github.io/spdx-spec/v2.3/document-creation-information

func (*Document) DeepCopy 

func (in *Document) DeepCopy() *Document

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Document.

func (*Document) DeepCopyInto 

func (in *Document) DeepCopyInto(out *Document)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ElementID 

type ElementID string

ElementID represents the identifier string portion of an SPDX element identifier. DocElementID should be used for any attributes which can contain identifiers defined in a different SPDX document. ElementIDs should NOT contain the mandatory 'SPDXRef-' portion.

func (ElementID) MarshalJSON 

func (d ElementID) MarshalJSON() ([]byte, error)

MarshalJSON returns an SPDXRef- prefixed JSON string

func (*ElementID) UnmarshalJSON 

func (d *ElementID) UnmarshalJSON(data []byte) error

UnmarshalJSON validates SPDXRef- prefixes and removes them when processing ElementIDs

type ExternalDocumentRef 

type ExternalDocumentRef struct {
	// DocumentRefID is the ID string defined in the start of the
	// reference. It should _not_ contain the "DocumentRef-" part
	// of the mandatory ID string.
	DocumentRefID string

	// URI is the URI defined for the external document
	URI string

	// Checksum is the actual hash data
	Checksum Checksum
}

ExternalDocumentRef is a reference to an external SPDX document as defined in section 6.6 for version 2.3 of the spec.

func (*ExternalDocumentRef) DeepCopy 

func (in *ExternalDocumentRef) DeepCopy() *ExternalDocumentRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalDocumentRef.

func (*ExternalDocumentRef) DeepCopyInto 

func (in *ExternalDocumentRef) DeepCopyInto(out *ExternalDocumentRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type File 

type File struct {
	// 8.1: File Name
	// Cardinality: mandatory, one
	FileName string

	// 8.2: File SPDX Identifier: "SPDXRef-[idstring]"
	// Cardinality: mandatory, one
	FileSPDXIdentifier ElementID

	// 8.3: File Types
	// Cardinality: optional, multiple
	FileTypes []string

	// 8.4: File Checksum: may have keys for SHA1, SHA256, MD5, SHA3-256, SHA3-384, SHA3-512, BLAKE2b-256, BLAKE2b-384, BLAKE2b-512, BLAKE3, ADLER32
	// Cardinality: mandatory, one SHA1, others may be optionally provided
	Checksums []Checksum

	// 8.5: Concluded License: SPDX License Expression, "NONE" or "NOASSERTION"
	// Cardinality: optional, one
	LicenseConcluded string

	// 8.6: License Information in File: SPDX License Expression, "NONE" or "NOASSERTION"
	// Cardinality: optional, one or many
	LicenseInfoInFiles []string

	// 8.7: Comments on License
	// Cardinality: optional, one
	LicenseComments string

	// 8.8: Copyright Text: copyright notice(s) text, "NONE" or "NOASSERTION"
	// Cardinality: mandatory, one
	FileCopyrightText string

	// DEPRECATED in version 2.1 of spec
	// 8.9-8.11: Artifact of Project variables (defined below)
	// Cardinality: optional, one or many
	ArtifactOfProjects []*ArtifactOfProject

	// 8.12: File Comment
	// Cardinality: optional, one
	FileComment string

	// 8.13: File Notice
	// Cardinality: optional, one
	FileNotice string

	// 8.14: File Contributor
	// Cardinality: optional, one or many
	FileContributors []string

	// 8.15: File Attribution Text
	// Cardinality: optional, one or many
	FileAttributionTexts []string

	// DEPRECATED in version 2.0 of spec
	// 8.16: File Dependencies
	// Cardinality: optional, one or many
	FileDependencies []string

	// Snippets contained in this File
	// Note that Snippets could be defined in a different Document! However,
	// the only ones that _THIS_ document can contain are this ones that are
	// defined here -- so this should just be an ElementID.
	Snippets map[ElementID]*Snippet

	Annotations []Annotation
}

File is a File section of an SPDX Document for version 2.3 of the spec.

func (*File) DeepCopy 

func (in *File) DeepCopy() *File

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new File.

func (*File) DeepCopyInto 

func (in *File) DeepCopyInto(out *File)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Originator 

type Originator struct {
	// can be "NOASSERTION"
	Originator string
	// OriginatorType can be one of "Person", "Organization", or empty if Originator is "NOASSERTION"
	OriginatorType string
}

func (*Originator) DeepCopy 

func (in *Originator) DeepCopy() *Originator

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Originator.

func (*Originator) DeepCopyInto 

func (in *Originator) DeepCopyInto(out *Originator)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (Originator) MarshalJSON 

func (o Originator) MarshalJSON() ([]byte, error)

MarshalJSON converts the receiver into a slice of bytes representing an Originator in string form. This function is also used when marshalling to YAML

func (*Originator) UnmarshalJSON 

func (o *Originator) UnmarshalJSON(data []byte) error

UnmarshalJSON takes an originator in the typical one-line format and parses it into an Originator struct. This function is also used when unmarshalling YAML

type OtherLicense 

type OtherLicense struct {
	// 10.1: License Identifier: "LicenseRef-[idstring]"
	// Cardinality: conditional (mandatory, one) if license is not
	//              on SPDX License List
	LicenseIdentifier string

	// 10.2: Extracted Text
	// Cardinality: conditional (mandatory, one) if there is a
	//              License Identifier assigned
	ExtractedText string

	// 10.3: License Name: single line of text or "NOASSERTION"
	// Cardinality: conditional (mandatory, one) if license is not
	//              on SPDX License List
	LicenseName string

	// 10.4: License Cross Reference
	// Cardinality: conditional (optional, one or many) if license
	//              is not on SPDX License List
	LicenseCrossReferences []string

	// 10.5: License Comment
	// Cardinality: optional, one
	LicenseComment string
}

OtherLicense is an Other License Information section of an SPDX Document for version 2.3 of the spec.

func (*OtherLicense) DeepCopy 

func (in *OtherLicense) DeepCopy() *OtherLicense

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OtherLicense.

func (*OtherLicense) DeepCopyInto 

func (in *OtherLicense) DeepCopyInto(out *OtherLicense)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Package 

type Package struct {
	// Added
	HasFiles []string

	// NOT PART OF SPEC
	// flag: does this "package" contain files that were in fact "unpackaged",
	// e.g. included directly in the Document without being in a Package?
	IsUnpackaged bool

	// 7.1: Package Name
	// Cardinality: mandatory, one
	PackageName string

	// 7.2: Package SPDX Identifier: "SPDXRef-[idstring]"
	// Cardinality: mandatory, one
	PackageSPDXIdentifier ElementID

	// 7.3: Package Version
	// Cardinality: optional, one
	PackageVersion string

	// 7.4: Package File Name
	// Cardinality: optional, one
	PackageFileName string

	// 7.5: Package Supplier: may have single result for either Person or Organization,
	//                        or NOASSERTION
	// Cardinality: optional, one
	PackageSupplier *Supplier

	// 7.6: Package Originator: may have single result for either Person or Organization,
	//                          or NOASSERTION
	// Cardinality: optional, one
	PackageOriginator *Originator

	// 7.7: Package Download Location
	// Cardinality: mandatory, one
	PackageDownloadLocation string

	// 7.8: FilesAnalyzed
	// Cardinality: optional, one; default value is "true" if omitted
	FilesAnalyzed bool
	// NOT PART OF SPEC: did FilesAnalyzed tag appear?
	IsFilesAnalyzedTagPresent bool

	// 7.9: Package Verification Code
	// Cardinality: if FilesAnalyzed == true must be present, if FilesAnalyzed == false must be omitted
	PackageVerificationCode *PackageVerificationCode

	// 7.10: Package Checksum: may have keys for SHA1, SHA256, SHA512, MD5, SHA3-256, SHA3-384, SHA3-512, BLAKE2b-256, BLAKE2b-384, BLAKE2b-512, BLAKE3, ADLER32
	// Cardinality: optional, one or many
	PackageChecksums []Checksum

	// 7.11: Package Home Page
	// Cardinality: optional, one
	PackageHomePage string

	// 7.12: Source Information
	// Cardinality: optional, one
	PackageSourceInfo string

	// 7.13: Concluded License: SPDX License Expression, "NONE" or "NOASSERTION"
	// Cardinality: optional, one
	PackageLicenseConcluded string

	// 7.14: All Licenses Info from Files: SPDX License Expression, "NONE" or "NOASSERTION"
	// Cardinality: optional, one or many if filesAnalyzed is true / omitted;
	//              zero (must be omitted) if filesAnalyzed is false
	PackageLicenseInfoFromFiles []string

	// 7.15: Declared License: SPDX License Expression, "NONE" or "NOASSERTION"
	// Cardinality: optional, one
	PackageLicenseDeclared string

	// 7.16: Comments on License
	// Cardinality: optional, one
	PackageLicenseComments string

	// 7.17: Copyright Text: copyright notice(s) text, "NONE" or "NOASSERTION"
	// Cardinality: mandatory, one
	PackageCopyrightText string

	// 7.18: Package Summary Description
	// Cardinality: optional, one
	PackageSummary string

	// 7.19: Package Detailed Description
	// Cardinality: optional, one
	PackageDescription string

	// 7.20: Package Comment
	// Cardinality: optional, one
	PackageComment string

	// 7.21: Package External Reference
	// Cardinality: optional, one or many
	PackageExternalReferences []*PackageExternalReference

	// 7.23: Package Attribution Text
	// Cardinality: optional, one or many
	PackageAttributionTexts []string

	// 7.24: Primary Package Purpose
	// Cardinality: optional, one or many
	// Allowed values: APPLICATION, FRAMEWORK, LIBRARY, CONTAINER, OPERATING-SYSTEM, DEVICE, FIRMWARE, SOURCE, ARCHIVE, FILE, INSTALL, OTHER
	PrimaryPackagePurpose string

	// 7.25: Release Date: YYYY-MM-DDThh:mm:ssZ
	// Cardinality: optional, one
	ReleaseDate string

	// 7.26: Build Date: YYYY-MM-DDThh:mm:ssZ
	// Cardinality: optional, one
	BuiltDate string

	// 7.27: Valid Until Date: YYYY-MM-DDThh:mm:ssZ
	// Cardinality: optional, one
	ValidUntilDate string

	// Files contained in this Package
	Files []*File

	Annotations []Annotation
}

Package is a Package section of an SPDX Document for version 2.3 of the spec.

func (*Package) DeepCopy 

func (in *Package) DeepCopy() *Package

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Package.

func (*Package) DeepCopyInto 

func (in *Package) DeepCopyInto(out *Package)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PackageExternalReference 

type PackageExternalReference struct {
	// category is "SECURITY", "PACKAGE-MANAGER" or "OTHER"
	Category string

	// type is an [idstring] as defined in Appendix VI;
	// called RefType here due to "type" being a Golang keyword
	RefType string

	// locator is a unique string to access the package-specific
	// info, metadata or content within the target location
	Locator string

	// 7.22: Package External Reference Comment
	// Cardinality: conditional (optional, one) for each External Reference
	ExternalRefComment string
}

PackageExternalReference is an External Reference to additional info about a Package, as defined in section 7.21 in version 2.3 of the spec.

func (*PackageExternalReference) DeepCopy 

func (in *PackageExternalReference) DeepCopy() *PackageExternalReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageExternalReference.

func (*PackageExternalReference) DeepCopyInto 

func (in *PackageExternalReference) DeepCopyInto(out *PackageExternalReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PackageVerificationCode 

type PackageVerificationCode struct {
	// Cardinality: mandatory, one if filesAnalyzed is true / omitted;
	//              zero (must be omitted) if filesAnalyzed is false
	Value string
	// Spec also allows specifying files to exclude from the
	// verification code algorithm; intended to enable exclusion of
	// the SPDX document file itself.
	ExcludedFiles []string
}

func (*PackageVerificationCode) DeepCopy 

func (in *PackageVerificationCode) DeepCopy() *PackageVerificationCode

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PackageVerificationCode.

func (*PackageVerificationCode) DeepCopyInto 

func (in *PackageVerificationCode) DeepCopyInto(out *PackageVerificationCode)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Relationship 

type Relationship struct {

	// 11.1: Relationship
	// Cardinality: optional, one or more; one per Relationship
	//              one mandatory for SPDX Document with multiple packages
	// RefA and RefB are first and second item
	// Relationship is type from 11.1.1
	RefA         DocElementID
	RefB         DocElementID
	Relationship string

	// 11.2: Relationship Comment
	// Cardinality: optional, one
	RelationshipComment string
}

Relationship is a Relationship section of an SPDX Document for version 2.3 of the spec.

func (*Relationship) DeepCopy 

func (in *Relationship) DeepCopy() *Relationship

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Relationship.

func (*Relationship) DeepCopyInto 

func (in *Relationship) DeepCopyInto(out *Relationship)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Review 

type Review struct {

	// DEPRECATED in version 2.0 of spec
	// 13.1: Reviewer
	// Cardinality: optional, one
	Reviewer string
	// including AnnotatorType: one of "Person", "Organization" or "Tool"
	ReviewerType string

	// DEPRECATED in version 2.0 of spec
	// 13.2: Review Date: YYYY-MM-DDThh:mm:ssZ
	// Cardinality: conditional (mandatory, one) if there is a Reviewer
	ReviewDate string

	// DEPRECATED in version 2.0 of spec
	// 13.3: Review Comment
	// Cardinality: optional, one
	ReviewComment string
}

Review is a Review section of an SPDX Document for version 2.3 of the spec. DEPRECATED in version 2.0 of spec; retained here for compatibility.

func (*Review) DeepCopy 

func (in *Review) DeepCopy() *Review

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Review.

func (*Review) DeepCopyInto 

func (in *Review) DeepCopyInto(out *Review)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SBOMSPDXv2p3 

type SBOMSPDXv2p3 struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	Spec   SBOMSPDXv2p3Spec
	Status SBOMSPDXv2p3Status
}

SBOMSPDXv2p3 is a custom resource that describes an SBOM in the SPDX 2.3 format.

func (*SBOMSPDXv2p3) DeepCopy 

func (in *SBOMSPDXv2p3) DeepCopy() *SBOMSPDXv2p3

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SBOMSPDXv2p3.

func (*SBOMSPDXv2p3) DeepCopyInto 

func (in *SBOMSPDXv2p3) DeepCopyInto(out *SBOMSPDXv2p3)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SBOMSPDXv2p3) DeepCopyObject 

func (in *SBOMSPDXv2p3) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type SBOMSPDXv2p3List 

type SBOMSPDXv2p3List struct {
	metav1.TypeMeta
	metav1.ListMeta

	Items []SBOMSPDXv2p3
}

SBOMSPDXv2p3List is a list of Flunder objects.

func (*SBOMSPDXv2p3List) DeepCopy 

func (in *SBOMSPDXv2p3List) DeepCopy() *SBOMSPDXv2p3List

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SBOMSPDXv2p3List.

func (*SBOMSPDXv2p3List) DeepCopyInto 

func (in *SBOMSPDXv2p3List) DeepCopyInto(out *SBOMSPDXv2p3List)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SBOMSPDXv2p3List) DeepCopyObject 

func (in *SBOMSPDXv2p3List) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type SBOMSPDXv2p3Spec 

type SBOMSPDXv2p3Spec struct {
	SPDX Document
}

SBOMSPDXv2p3Spec is the specification of an SPDX SBOM.

func (*SBOMSPDXv2p3Spec) DeepCopy 

func (in *SBOMSPDXv2p3Spec) DeepCopy() *SBOMSPDXv2p3Spec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SBOMSPDXv2p3Spec.

func (*SBOMSPDXv2p3Spec) DeepCopyInto 

func (in *SBOMSPDXv2p3Spec) DeepCopyInto(out *SBOMSPDXv2p3Spec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SBOMSPDXv2p3Status 

type SBOMSPDXv2p3Status struct {
}

SBOMSPDXv2p3Status is the status of an SPDX SBOM.

func (*SBOMSPDXv2p3Status) DeepCopy 

func (in *SBOMSPDXv2p3Status) DeepCopy() *SBOMSPDXv2p3Status

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SBOMSPDXv2p3Status.

func (*SBOMSPDXv2p3Status) DeepCopyInto 

func (in *SBOMSPDXv2p3Status) DeepCopyInto(out *SBOMSPDXv2p3Status)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Snippet 

type Snippet struct {

	// 9.1: Snippet SPDX Identifier: "SPDXRef-[idstring]"
	// Cardinality: mandatory, one
	SnippetSPDXIdentifier ElementID

	// 9.2: Snippet from File SPDX Identifier
	// Cardinality: mandatory, one
	SnippetFromFileSPDXIdentifier ElementID

	// Ranges denotes the start/end byte offsets or line numbers that the snippet is relevant to
	Ranges []SnippetRange

	// 9.5: Snippet Concluded License: SPDX License Expression, "NONE" or "NOASSERTION"
	// Cardinality: optional, one
	SnippetLicenseConcluded string

	// 9.6: License Information in Snippet: SPDX License Expression, "NONE" or "NOASSERTION"
	// Cardinality: optional, one or many
	LicenseInfoInSnippet []string

	// 9.7: Snippet Comments on License
	// Cardinality: optional, one
	SnippetLicenseComments string

	// 9.8: Snippet Copyright Text: copyright notice(s) text, "NONE" or "NOASSERTION"
	// Cardinality: mandatory, one
	SnippetCopyrightText string

	// 9.9: Snippet Comment
	// Cardinality: optional, one
	SnippetComment string

	// 9.10: Snippet Name
	// Cardinality: optional, one
	SnippetName string

	// 9.11: Snippet Attribution Text
	// Cardinality: optional, one or many
	SnippetAttributionTexts []string
}

Snippet is a Snippet section of an SPDX Document for version 2.3 of the spec.

func (*Snippet) DeepCopy 

func (in *Snippet) DeepCopy() *Snippet

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Snippet.

func (*Snippet) DeepCopyInto 

func (in *Snippet) DeepCopyInto(out *Snippet)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SnippetRange 

type SnippetRange struct {
	StartPointer SnippetRangePointer
	EndPointer   SnippetRangePointer
}

func (*SnippetRange) DeepCopy 

func (in *SnippetRange) DeepCopy() *SnippetRange

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SnippetRange.

func (*SnippetRange) DeepCopyInto 

func (in *SnippetRange) DeepCopyInto(out *SnippetRange)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SnippetRangePointer 

type SnippetRangePointer struct {
	// 5.3: Snippet Byte Range: [start byte]:[end byte]
	// Cardinality: mandatory, one
	Offset int

	// 5.4: Snippet Line Range: [start line]:[end line]
	// Cardinality: optional, one
	LineNumber int

	FileSPDXIdentifier ElementID
}

func (*SnippetRangePointer) DeepCopy 

func (in *SnippetRangePointer) DeepCopy() *SnippetRangePointer

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SnippetRangePointer.

func (*SnippetRangePointer) DeepCopyInto 

func (in *SnippetRangePointer) DeepCopyInto(out *SnippetRangePointer)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Supplier 

type Supplier struct {
	// can be "NOASSERTION"
	Supplier string
	// SupplierType can be one of "Person", "Organization", or empty if Supplier is "NOASSERTION"
	SupplierType string
}

func (*Supplier) DeepCopy 

func (in *Supplier) DeepCopy() *Supplier

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Supplier.

func (*Supplier) DeepCopyInto 

func (in *Supplier) DeepCopyInto(out *Supplier)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (Supplier) MarshalJSON 

func (s Supplier) MarshalJSON() ([]byte, error)

MarshalJSON converts the receiver into a slice of bytes representing a Supplier in string form. This function is also used when marshalling to YAML

func (*Supplier) UnmarshalJSON 

func (s *Supplier) UnmarshalJSON(data []byte) error

UnmarshalJSON takes a supplier in the typical one-line format and parses it into a Supplier struct. This function is also used when unmarshalling YAML

Source Files

View all Source files

Directories

Path Synopsis
Package v1beta1 is the v1beta1 version of the API.
 Package v1beta1 is the v1beta1 version of the API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.