Documentation
¶
Index ¶
- Constants
- func GetAnnotations(sbom *v2_3.Document) (map[string]string, error)
- func GetFiles(sbom *v2_3.Document) ([]string, error)
- func GetPackageManager(externalReferences []*v2_3.PackageExternalReference) (string, error)
- func GetPackages(sbom *v2_3.Document) ([]string, error)
- func LoadSBOMFromFile(filename string) (*v2_3.Document, *oci.Descriptor, []byte, error)
- func LoadSBOMFromReader(reader io.ReadCloser, size int64) (*v2_3.Document, *oci.Descriptor, []byte, error)
- func PushSBOM(sbomDoc *v2_3.Document, sbomDescriptor *v1.Descriptor, sbomBytes []byte, ...) error
- type CredentialsResolver
- type PackageSummary
- type SBOMSummary
Constants ¶
const ( MEDIATYPE_SPDX = "application/spdx+json" OCI_ANNOTATION_DOCUMENT_NAME = "org.spdx.name" OCI_ANNOTATION_DOCUMENT_NAMESPACE = "org.spdx.namespace" OCI_ANNOTATION_SPDX_VERSION = "org.spdx.version" OCI_ANNOTATION_CREATION_DATE = "org.spdx.created" OCI_ANNOTATION_CREATORS = "org.spdx.creator" )
const (
APPLICATION_USERAGENT = "obom"
)
Variables ¶
This section is empty.
Functions ¶
func GetAnnotations ¶
GetAnnotations returns the annotations from the SBOM
func GetPackageManager ¶ added in v0.0.4
func GetPackageManager(externalReferences []*v2_3.PackageExternalReference) (string, error)
func GetPackages ¶
GetPackages returns the packages from the SBOM
func LoadSBOMFromFile ¶
LoadSBOMFromFile opens a file given by filename, reads its contents, and loads it into an SPDX document. It also calculates the file size and generates an OCI descriptor for the file. It returns the loaded SPDX document, the OCI descriptor, and any error encountered.
func LoadSBOMFromReader ¶
func LoadSBOMFromReader(reader io.ReadCloser, size int64) (*v2_3.Document, *oci.Descriptor, []byte, error)
LoadSBOMFromReader reads an SPDX document from an io.ReadCloser, generates an OCI descriptor for the document, and returns the loaded SPDX document and the OCI descriptor. The size parameter is the size of the document in bytes. If an error occurs during reading the document or generating the descriptor, the error will be returned.
func PushSBOM ¶ added in v0.0.2
func PushSBOM(sbomDoc *v2_3.Document, sbomDescriptor *v1.Descriptor, sbomBytes []byte, reference string, spdx_annotations map[string]string, credsResolver CredentialsResolver, pushSummary bool) error
PushSBOM pushes the SPDX SBOM bytes to the registry as an OCI artifact. It takes in a pointer to an SPDX document, a pointer to a descriptor, a byte slice of the SBOM, a reference string, a map of SPDX annotations, and a credentials resolver function. It returns an error if there was an issue pushing the SBOM to the registry.
Types ¶
type CredentialsResolver ¶ added in v0.0.2
type PackageSummary ¶ added in v0.0.4
type PackageSummary struct {
Name string `json:"name"`
Version string `json:"version"`
License string `json:"license"`
PackageManager string `json:"packageManager"`
}
func GetPackageSummaries ¶ added in v0.0.4
func GetPackageSummaries(sbom *v2_3.Document) ([]PackageSummary, error)
func GetPackageSummary ¶ added in v0.0.4
func GetPackageSummary(pkg *v2_3.Package) (*PackageSummary, error)
type SBOMSummary ¶ added in v0.0.4
type SBOMSummary struct {
SbomSummary struct {
Files []string `json:"files"`
Packages []PackageSummary `json:"packages"`
} `json:"sbomSummary"`
}
func GetSBOMSummary ¶ added in v0.0.4
func GetSBOMSummary(sbom *v2_3.Document) (*SBOMSummary, error)
Source Files