Documentation ¶
Index ¶
- Constants
- Variables
- func DisplayLicenseListJson(output io.Writer)
- func DisplayLicenseListSummary(output io.Writer)
- func DisplayLicenseListSummaryCSV(output io.Writer) error
- func DisplayLicensePolicies(output io.Writer) error
- func DisplayLicensePoliciesCSV(output io.Writer) error
- func Execute()
- func FinalizeCompoundPolicy(expression *CompoundExpression)
- func FindPolicy(licenseInfo LicenseInfo) (matchedPolicy schema.LicensePolicy)
- func FindPolicyByFamilyName(name string) (policyValue string, matchedPolicy schema.LicensePolicy)
- func FindPolicyBySpdxId(id string) (policyValue string, matchedPolicy schema.LicensePolicy)
- func IsValidFamilyKey(key string) bool
- func IsValidPolicyEntry(policy schema.LicensePolicy) bool
- func IsValidSpdxId(id string) bool
- func ListErrors(errs []gojsonschema.ResultError)
- func ListLicenses(output io.Writer, format string, summary bool) error
- func LoadInputFileAndUnmarshal() (*schema.Sbom, error)
- func NewCommandLicense() *cobra.Command
- func NewCommandList() *cobra.Command
- func NewCommandPolicy() *cobra.Command
- func NewCommandQuery() *cobra.Command
- func NewCommandSchema() *cobra.Command
- func NewCommandValidate() *cobra.Command
- func NewCommandVersion() *cobra.Command
- func RootCmdImpl(cmd *cobra.Command, args []string) error
- func Validate() (valid bool, err error)
- func ValidateProperties() (valid bool, err error)
- type CDXAttachment
- type CDXBom
- type CDXComponent
- type CDXComposition
- type CDXDependency
- type CDXExternalReference
- type CDXHash
- type CDXLicense
- type CDXLicenseChoice
- type CDXMetadata
- type CDXOrganizationalContact
- type CDXOrganizationalEntity
- type CDXProperty
- type CDXService
- type CDXTool
- type CompoundExpression
- type LicenseInfo
- type QueryRequest
- type QueryResponse
Constants ¶
const ( KEY_METADATA = "metadata" KEY_COMPONENTS = "components" KEY_LICENSES = "licenses" )
const ( SUBCOMMAND_LIST = "list" SUBCOMMAND_POLICY = "policy" )
const ( LC_TYPE_INVALID = 0 LC_TYPE_ID = 1 LC_TYPE_NAME = 2 LC_TYPE_EXPRESSION = 3 )
LicenseChoice - Choice type
const ( AND string = "AND" OR string = "OR" WITH string = "WITH" )
Supported conjunctions and prepositions
const ( LEFT_PARENS string = "(" RIGHT_PARENS string = ")" PLUS_OPERATOR string = "+" )
Tokens
const ( FLAG_LICENSE_SUMMARY_HELP = "Summarize licenses and component references in table format" FLAG_LIST_OUTPUT_FORMAT_HELP = "Format output using the specific type. Valid values: \"json\"" )
Query command flag help messages
const ( POLICY_ALLOW = "allow" POLICY_DENY = "deny" POLICY_UNMATCHED = "UNMATCHED" )
const ( FLAG_OUTPUT_FORMAT = "format" FLAG_QUERY_SELECT = "select" FLAG_QUERY_FROM = "from" FLAG_QUERY_WHERE = "where" FLAG_QUERY_ORDER_BY = "orderby" )
Query command flags
const ( FLAG_OUTPUT_FORMAT_HELP = "Format output using the specific type. Valid values: \"json\"" FLAG_QUERY_SELECT_HELP = "comma-separated list of JSON keynames used to select fields within the object designated by the FROM flag." FLAG_QUERY_FROM_HELP = "dot-separated list of JSON keynames used to dereference into the JSON document." FLAG_QUERY_WHERE_HELP = "TODO" FLAG_QUERY_ORDER_BY_HELP = "TODO" )
Query command flag help messages
const ( MSG_INVALID_JSON_MAP = "invalid JSON map" MSG_INVALID_QUERY_REQUEST = "invalid query request" MSG_INVALID_QUERY_RESPONSE = "invalid query response" MSG_INVALID_QUERY_REQUEST_OBJ = "invalid query request object" MSG_INVALID_QUERY_RESPONSE_OBJ = "invalid query response object" MSG_QUERY_INVALID_SELECT_CLAUSE = "invalid SELECT clause" MSG_QUERY_INVALID_FROM_CLAUSE = "invalid FROM clause" MSG_QUERY_INVALID_WHERE_CLAUSE = "invalid WHERE clause" MSG_QUERY_INVALID_ORDER_BY_CLAUSE = "invalid ORDERBY clause" MSG_QUERY_MISSING_FROM_SELECTORS = "missing `--from` selectors" )
Query error types
const ( MSG_ERROR_FROM_KEY_NOT_FOUND = "key not found in path" MSG_ERROR_FROM_KEY_INVALID_OBJECT = "key does not reference a valid JSON object" MSG_ERROR_SELECT_WILDARD = "wildcard cannot be used with other values" )
Query error details
const ( ERROR_APPLICATION = 1 ERROR_VALIDATION = 2 )
const ( FLAG_TRACE = "trace" FLAG_TRACE_SHORT = "t" FLAG_DEBUG = "debug" FLAG_DEBUG_SHORT = "d" FLAG_FILENAME_INPUT = "input-file" FLAG_FILENAME_INPUT_SHORT = "i" FLAG_FILENAME_OUTPUT = "output-file" FLAG_FILENAME_OUTPUT_SHORT = "o" FLAG_QUIET_MODE = "quiet" FLAG_QUIET_MODE_SHORT = "q" FLAG_LOG_OUTPUT_INDENT = "indent" FLAG_FILE_OUTPUT_FORMAT = "format" )
const ( DEFAULT_CONFIG = "config.json" DEFAULT_LICENSE_POLICIES = "license.json" )
const ( VALID = true INVALID = false )
const (
FLAG_LICENSE_SUMMARY = "summary"
)
Subcommand flags
const (
FLAG_POLICY_OUTPUT_FORMAT_HELP = "Format output using the specific type. Valid values: \"txt\", \"csv\""
)
Subcommand flags
const (
FLAG_VALUE_OUTPUT_JSON = "json"
)
Valid `--format` formats
const (
REGEX_VALID_SPDX_ID = "^[a-zA-Z0-9.-]+$"
)
Note: the SPDX spec. does not provide regex for an SPDX ID, but provides the following in ABNF:
dstring = 1*(ALPHA / DIGIT / "-" / "." )
Currently, the regex below tests composition of of only alphanum, "-", and "." characters and disallows empty strings TODO:
- First and last chars are not "-" or "."
- Enforce reasonable min/.max length. In theory, we can check overall length with positive lookahead (e.g., min 3 max 128): (?=.{3,128}$) However, this does not appear to be supported in `regexp` package or perhaps it must be a compiled expression TBD
Variables ¶
var ComponentLicenses []LicenseInfo
var EMPTY_CDXLicense = CDXLicense{}
For convenience, we provide named vars. for testing for zero-length (empty) structs
var LC_TYPE_NAMES = [...]string{"invalid", "id", "name", "exp"}
Declare a fixed-sized array for LC type names
var ProjectLogger *log.MiniLogger
var TestInfraInitialized bool = false
var TestLogLevelError = flag.Bool("error", false, "")
var TestLogLevelTrace = flag.Bool("trace", false, "")
!!! SECRET SAUCE !!! NOTE: Go test framework uses the "flags" package and all we need do is declare a new global for it to be recognized. USAGE: to set on command line and have it parsed, simply append it as follows: '--args -trace'
var TestLogQuiet = flag.Bool("quiet", false, "")
var VALID_SUBCOMMANDS = []string{SUBCOMMAND_LIST, SUBCOMMAND_POLICY}
var VALID_USAGE_POLICIES = []string{POLICY_ALLOW, POLICY_DENY}
Functions ¶
func DisplayLicenseListJson ¶
TODO: Support de-duplication of license records (MUST be exact using deep comparison)
func DisplayLicensePolicies ¶
TODO: Allow caller to pass flag to truncate or not (perhaps with value)
func FinalizeCompoundPolicy ¶
func FinalizeCompoundPolicy(expression *CompoundExpression)
func FindPolicy ¶
func FindPolicy(licenseInfo LicenseInfo) (matchedPolicy schema.LicensePolicy)
func FindPolicyByFamilyName ¶
func FindPolicyByFamilyName(name string) (policyValue string, matchedPolicy schema.LicensePolicy)
NOTE: for now, we will look for the "family" name encoded in the License.Name field (until) we can get additional fields/properties added to the CDX LicenseChoice schema
func FindPolicyBySpdxId ¶
func FindPolicyBySpdxId(id string) (policyValue string, matchedPolicy schema.LicensePolicy)
func IsValidFamilyKey ¶
func IsValidPolicyEntry ¶
func IsValidPolicyEntry(policy schema.LicensePolicy) bool
NOTE: policy.Id == "" we allow as "valid" as this indicates a potential "family" entry (i.e., group of SPDX IDs)
func IsValidSpdxId ¶
func ListErrors ¶
func ListErrors(errs []gojsonschema.ResultError)
func NewCommandLicense ¶
func NewCommandList ¶
WARNING: Cobra will not recognize a subcommand if its `command.Use` is not a single word string that matches one of the `command.ValidArgs` set on the parent command
func NewCommandPolicy ¶
WARNING: Cobra will not recognize a subcommand if its `command.Use` is not a single word string that matches one of the `command.ValidArgs` set on the parent command
func NewCommandQuery ¶
func NewCommandSchema ¶
func NewCommandValidate ¶
func NewCommandVersion ¶
func ValidateProperties ¶
This function is used to validate required or optional prescriptive properties and if present, their values also adhere to specified requirements
Types ¶
type CDXAttachment ¶
type CDXBom ¶
type CDXBom struct { BomFormat string `json:"bomFormat"` SpecVersion string `json:"specVersion"` SerialNumber string `json:"serialNumber"` Version string `json:"version"` Metadata CDXMetadata `json:"metadata"` Components []CDXComponent `json:"components"` Services []CDXService `json:"services"` Dependencies []CDXDependency `json:"dependencies"` ExternalReferences []CDXExternalReference `json:"externalReferences"` Compositions []CDXComposition `json:"compositions"` }
NOTE: These structure are coded to the 1.3 schema, 1.4 field are ignored for now
type CDXComponent ¶
type CDXComponent struct { Purl string `json:"purl"` BomRef string `json:"bom-ref"` Type string `json:"type"` MimeType string `json:"mime-type"` Name string `json:"name"` Version string `json:"version"` Description string `json:"description"` Copyright string `json:"copyright"` Publisher string `json:"publisher"` Group string `json:"group"` Scope string `json:"scope"` Modified bool `json:"modified"` Manufacturer CDXOrganizationalEntity `json:"manufacturer"` Supplier CDXOrganizationalEntity `json:"supplier"` Licenses []CDXLicenseChoice `json:"licenses"` Hashes []CDXHash `json:"hashes"` Author []CDXOrganizationalContact `json:"author"` ExternalReferences []CDXExternalReference `json:"externalReferences"` Properties []CDXProperty `json:"properties"` Components []CDXComponent `json:"components"` // TODO: pedigree // TODO: evidence // Deprecated Cpe string `json:"cpe"` Swid string `json:"swid"` }
func UnMarshalComponent ¶
func UnMarshalComponent(data interface{}) (CDXComponent, error)
TODO return pointer
type CDXComposition ¶
type CDXDependency ¶
type CDXExternalReference ¶
type CDXLicense ¶
type CDXLicense struct { Id string `json:"id"` Name string `json:"name"` Text CDXAttachment `json:"text"` Url string `json:"url"` }
NOTE: "oneOf": ["id", "name"] is required
type CDXLicenseChoice ¶
type CDXLicenseChoice struct { License CDXLicense `json:"license"` Expression string `json:"expression"` }
NOTE: "oneOf": ["license", "expression"] is required
func UnMarshalLicenseChoice ¶
func UnMarshalLicenseChoice(data interface{}) (CDXLicenseChoice, error)
TODO return pointer
type CDXMetadata ¶
type CDXMetadata struct { Timestamp string `json:"timestamp"` Tools []CDXTool `json:"tools"` Authors []CDXOrganizationalContact `json:"authors"` Manufacturer CDXOrganizationalEntity `json:"manufacturer"` Supplier CDXOrganizationalEntity `json:"supplier"` Component CDXComponent `json:"component"` Hashes []CDXHash `json:"hashes"` Licenses []CDXLicenseChoice `json:"licenses"` Properties []CDXProperty `json:"properties"` }
type CDXOrganizationalEntity ¶
type CDXOrganizationalEntity struct { Name string `json:"name"` Url []string `json:"url"` Contact []CDXOrganizationalContact `json:"contact"` }
type CDXProperty ¶
type CDXService ¶
type CompoundExpression ¶
type CompoundExpression struct { SimpleLeft string SimpleLeftHasPlus bool LeftPolicy schema.LicensePolicy LeftUsagePolicy string SimpleRight string SimpleRightHasPlus bool RightPolicy schema.LicensePolicy RightUsagePolicy string Conjunction string PrepRight string PrepLeft string CompoundLeft *CompoundExpression CompoundRight *CompoundExpression CompoundUsagePolicy string }
func NewCompoundExpression ¶
func NewCompoundExpression() *CompoundExpression
type LicenseInfo ¶
type LicenseInfo struct { LicenseChoiceType int LicenseChoice CDXLicenseChoice Component CDXComponent }
type QueryRequest ¶
type QueryRequest struct {
// contains filtered or unexported fields
}
query JSON map and return selected subset SELECT
<key.1>, <key.2>, ... // "firstname, lastname, email" || * (default)
FROM
<key path> // "product.customers"
WHERE
<key.X> == <value> // "country='Germany'"
ORDER BY
<key.N> // "lastname"
e.g.,SELECT * FROM product.customers WHERE country="Germany"; TODO: design abbreviated WHERE syntax for command line TODO: design abbreviated ORDERBY syntax for command line
func (*QueryRequest) String ¶
func (qr *QueryRequest) String() string
Implement the Stringer interface for QueryRequest
type QueryResponse ¶
type QueryResponse struct {
// contains filtered or unexported fields
}
func NewQueryResponse ¶
func NewQueryResponse() *QueryResponse