syft

package

v0.98.1 Latest Latest Go to latest Published: Dec 1, 2023 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/gsoc2/syft

Links

Open Source Insights

Documentation ¶

Overview ¶

Package syft is a "one-stop-shop" for helper utilities for all major functionality provided by child packages of the syft library.

Here is what the main execution path for syft does:

Parse a user image string to get a stereoscope image.Source object
Invoke all catalogers to catalog the image, adding discovered packages to a single catalog object
Invoke one or more encoders to output contents of the catalog

A Source object encapsulates the image object to be cataloged and the user options (catalog all layers vs. squashed layer), providing a way to inspect paths and file content within the image. The Source object, not the image object, is used throughout the main execution path. This abstraction allows for decoupling of what is cataloged (a docker image, an OCI image, a filesystem, etc) and how it is cataloged (the individual catalogers).

Similar to the cataloging process, Linux distribution identification is also performed based on what is discovered within the image.

Index ¶

func CatalogPackages(src source.Source, cfg cataloger.Config) (*pkg.Collection, []artifact.Relationship, *linux.Release, error)
func SetBus(b *partybus.Bus)
func SetLogger(logger logger.Logger)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CatalogPackages ¶

func CatalogPackages(src source.Source, cfg cataloger.Config) (*pkg.Collection, []artifact.Relationship, *linux.Release, error)

CatalogPackages takes an inventory of packages from the given image from a particular perspective (e.g. squashed source, all-layers source). Returns the discovered set of packages, the identified Linux distribution, and the source object used to wrap the data source.

func SetBus ¶

func SetBus(b *partybus.Bus)

SetBus sets the event bus for all syft library bus publish events onto (in-library subscriptions are not allowed).

func SetLogger ¶

func SetLogger(logger logger.Logger)

SetLogger sets the logger object used for all syft logging calls.

Types ¶

This section is empty.

Source Files ¶

View all Source files

lib.go

Directories ¶

Path	Synopsis
artifact
cataloging
cpe
event Package event provides event types for all events that the syft library published onto the event bus.	Package event provides event types for all events that the syft library published onto the event bus.
monitor
parsers Package parsers provides parser helpers to extract payloads for each event type that the syft library publishes onto the event bus.	Package parsers provides parser helpers to extract payloads for each event type that the syft library publishes onto the event bus.
file
cataloger/filecontent
cataloger/filedigest
cataloger/filemetadata
cataloger/internal
format
common
common/cyclonedxhelpers
common/spdxhelpers
common/util
cyclonedxjson
cyclonedxxml
github
github/internal/model
internal/cyclonedxutil
internal/spdxutil
internal/testutil
spdxjson
spdxtagvalue
syftjson
syftjson/model
table
template
text
internal
fileresolver
jsonschema
packagemetadata
packagemetadata/generate
sourcemetadata
sourcemetadata/generate
windows
license package license provides common methods for working with SPDX license data	package license provides common methods for working with SPDX license data
linux
pkg Package pkg provides the data structures for a package, a package catalog, package types, and domain-specific metadata.	Package pkg provides the data structures for a package, a package catalog, package types, and domain-specific metadata.
cataloger Package cataloger provides the ability to process files from a container image or file system and discover packages (gems, wheels, jars, rpms, debs, etc).	Package cataloger provides the ability to process files from a container image or file system and discover packages (gems, wheels, jars, rpms, debs, etc).
cataloger/alpine Package alpine provides a concrete Cataloger implementations for packages relating to the Alpine linux distribution.	Package alpine provides a concrete Cataloger implementations for packages relating to the Alpine linux distribution.
cataloger/arch Package arch provides a concrete Cataloger implementations for packages relating to the Arch linux distribution.	Package arch provides a concrete Cataloger implementations for packages relating to the Arch linux distribution.
cataloger/binary Package binary provides a concrete Cataloger implementations for surfacing possible packages based on signatures found within binary files.	Package binary provides a concrete Cataloger implementations for surfacing possible packages based on signatures found within binary files.
cataloger/common/cpe
cataloger/common/cpe/dictionary
cataloger/common/cpe/dictionary/index-generator This program downloads the latest CPE dictionary from NIST and processes it into a JSON file that can be embedded into Syft for more accurate CPE results.	This program downloads the latest CPE dictionary from NIST and processes it into a JSON file that can be embedded into Syft for more accurate CPE results.
cataloger/cpp Package cpp provides a concrete Cataloger implementations for the C/C++ language ecosystem.	Package cpp provides a concrete Cataloger implementations for the C/C++ language ecosystem.
cataloger/dart Package dart provides a concrete Cataloger implementations for the Dart language ecosystem.	Package dart provides a concrete Cataloger implementations for the Dart language ecosystem.
cataloger/debian Package debian provides a concrete Cataloger implementation relating to packages within the Debian linux distribution.	Package debian provides a concrete Cataloger implementation relating to packages within the Debian linux distribution.
cataloger/dotnet Package dotnet provides a concrete Cataloger implementation relating to packages within the C#/.NET language/runtime ecosystem.	Package dotnet provides a concrete Cataloger implementation relating to packages within the C#/.NET language/runtime ecosystem.
cataloger/elixir Package elixir provides a concrete Cataloger implementation relating to packages within the Elixir language ecosystem.	Package elixir provides a concrete Cataloger implementation relating to packages within the Elixir language ecosystem.
cataloger/erlang Package erlang provides a concrete Cataloger implementation relating to packages within the Erlang language ecosystem.	Package erlang provides a concrete Cataloger implementation relating to packages within the Erlang language ecosystem.
cataloger/generic
cataloger/gentoo Package gentoo provides a concrete Cataloger implementation related to packages within the Gentoo linux ecosystem.	Package gentoo provides a concrete Cataloger implementation related to packages within the Gentoo linux ecosystem.
cataloger/githubactions Package githubactions provides a concrete Cataloger implementation for GitHub Actions packages (both actions and workflows).	Package githubactions provides a concrete Cataloger implementation for GitHub Actions packages (both actions and workflows).
cataloger/golang Package golang provides a concrete Cataloger implementation relating to packages within the Go language ecosystem.	Package golang provides a concrete Cataloger implementation relating to packages within the Go language ecosystem.
cataloger/golang/internal/xcoff
cataloger/haskell Package haskell provides a concrete Cataloger implementation relating to packages within the Haskell language ecosystem.	Package haskell provides a concrete Cataloger implementation relating to packages within the Haskell language ecosystem.
cataloger/internal/pkgtest
cataloger/internal/unionreader
cataloger/java Package java provides a concrete Cataloger implementation for packages relating to the Java language ecosystem.	Package java provides a concrete Cataloger implementation for packages relating to the Java language ecosystem.
cataloger/javascript Package javascript provides a concrete Cataloger implementation for packages relating to the JavaScript language ecosystem.	Package javascript provides a concrete Cataloger implementation for packages relating to the JavaScript language ecosystem.
cataloger/kernel Package kernel provides a concrete Cataloger implementation for linux kernel and module files.	Package kernel provides a concrete Cataloger implementation for linux kernel and module files.
cataloger/nix Package nix provides a concrete Cataloger implementation for packages within the Nix packaging ecosystem.	Package nix provides a concrete Cataloger implementation for packages within the Nix packaging ecosystem.
cataloger/php Package php provides a concrete Cataloger implementation relating to packages within the PHP language ecosystem.	Package php provides a concrete Cataloger implementation relating to packages within the PHP language ecosystem.
cataloger/python Package python provides a concrete Cataloger implementation relating to packages within the Python language ecosystem.	Package python provides a concrete Cataloger implementation relating to packages within the Python language ecosystem.
cataloger/r Package r provides a concrete Cataloger implementation relating to packages within the R language ecosystem.	Package r provides a concrete Cataloger implementation relating to packages within the R language ecosystem.
cataloger/redhat Package redhat provides a concrete DBCataloger implementation relating to packages within the RedHat linux distribution.	Package redhat provides a concrete DBCataloger implementation relating to packages within the RedHat linux distribution.
cataloger/ruby Package ruby provides a concrete Cataloger implementation relating to packages within the Ruby language ecosystem.	Package ruby provides a concrete Cataloger implementation relating to packages within the Ruby language ecosystem.
cataloger/rust Package rust provides a concrete Cataloger implementation relating to packages within the Rust language ecosystem.	Package rust provides a concrete Cataloger implementation relating to packages within the Rust language ecosystem.
cataloger/sbom Package sbom provides a concrete Cataloger implementation for capturing packages embedded within SBOM files.	Package sbom provides a concrete Cataloger implementation for capturing packages embedded within SBOM files.
cataloger/swift Package swift provides a concrete Cataloger implementation relating to packages within the swift language ecosystem.	Package swift provides a concrete Cataloger implementation relating to packages within the swift language ecosystem.
sbom
source Package source provides an abstraction to allow a user to loosely define a data source to catalog and expose a common interface that catalogers and use explore and analyze data from the data source.	Package source provides an abstraction to allow a user to loosely define a data source to catalog and expose a common interface that catalogers and use explore and analyze data from the data source.
testutil

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL