pkg

package

v0.0.0-...-63db9e9 Latest Latest Go to latest Published: Dec 8, 2023 License: Apache-2.0 Imports: 26 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nextlinux/govulners

Links

Open Source Insights

Documentation ¶

Index ¶

func Provide(userInput string, config ProviderConfig) ([]Package, Context, *sbom.SBOM, error)
type Context
type Digest
type GolangBinMetadata
type GolangModMetadata
type ID
type JavaMetadata
type MetadataType
type Package
- func (p Package) String() string
type ProviderConfig
type RpmMetadata
type SyftProviderConfig
type SynthesisConfig
type UpstreamPackage

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Provide ¶

func Provide(userInput string, config ProviderConfig) ([]Package, Context, *sbom.SBOM, error)

Provide a set of packages and context metadata describing where they were sourced from.

Types ¶

type Context ¶

type Context struct {
	Source *source.Metadata
	Distro *linux.Release
}

type Digest ¶

type Digest struct {
	Algorithm string `json:"algorithm"`
	Value     string `json:"value"`
}

type GolangBinMetadata ¶

type GolangBinMetadata struct {
	BuildSettings     map[string]string `json:"goBuildSettings,omitempty"`
	GoCompiledVersion string            `json:"goCompiledVersion"`
	Architecture      string            `json:"architecture"`
	H1Digest          string            `json:"h1Digest,omitempty"`
	MainModule        string            `json:"mainModule,omitempty"`
}

type GolangModMetadata ¶

type GolangModMetadata struct {
	H1Digest string `json:"h1Digest,omitempty"`
}

type ID ¶

type ID string

ID represents a unique value for each package added to a package collection.

type JavaMetadata ¶

type JavaMetadata struct {
	VirtualPath    string   `json:"virtualPath"`
	PomArtifactID  string   `json:"pomArtifactID"`
	PomGroupID     string   `json:"pomGroupID"`
	ManifestName   string   `json:"manifestName"`
	ArchiveDigests []Digest `json:"archiveDigests"`
}

type MetadataType ¶

type MetadataType string

MetadataType represents the data shape stored within pkg.Package.Metadata.

const (
	UnknownMetadataType   MetadataType = "UnknownMetadata"
	JavaMetadataType      MetadataType = "JavaMetadata"
	RpmMetadataType       MetadataType = "RpmMetadata"
	GolangBinMetadataType MetadataType = "GolangBinMetadata"
	GolangModMetadataType MetadataType = "GolangModMetadata"
)

type Package ¶

type Package struct {
	ID           ID
	Name         string             // the package name
	Version      string             // the version of the package
	Locations    source.LocationSet // the locations that lead to the discovery of this package (note: this is not necessarily the locations that make up this package)
	Language     pkg.Language       // the language ecosystem this package belongs to (e.g. JavaScript, Python, etc)
	Licenses     []string
	Type         pkg.Type  // the package type (e.g. Npm, Yarn, Python, Rpm, Deb, etc)
	CPEs         []cpe.CPE // all possible Common Platform Enumerators
	PURL         string    // the Package URL (see https://github.com/package-url/purl-spec)
	Upstreams    []UpstreamPackage
	MetadataType MetadataType
	Metadata     interface{} // This is NOT 1-for-1 the syft metadata! Only the select data needed for vulnerability matching
}

Package represents an application or library that has been bundled into a distributable format.

func ByID ¶

func ByID(id ID, pkgs []Package) *Package

func FromCollection ¶

func FromCollection(catalog *pkg.Collection, config SynthesisConfig) []Package

func FromPackages ¶

func FromPackages(syftpkgs []pkg.Package, config SynthesisConfig) []Package

func New ¶

func New(p pkg.Package) Package

func UpstreamPackages ¶

func UpstreamPackages(p Package) (pkgs []Package)

func (Package) String ¶

func (p Package) String() string

Stringer to represent a package.

type ProviderConfig ¶

type ProviderConfig struct {
	SyftProviderConfig
	SynthesisConfig
}

type RpmMetadata ¶

type RpmMetadata struct {
	Epoch           *int   `json:"epoch"`
	ModularityLabel string `json:"modularityLabel"`
}

type SyftProviderConfig ¶

type SyftProviderConfig struct {
	CatalogingOptions      cataloger.Config
	RegistryOptions        *image.RegistryOptions
	Platform               string
	Exclusions             []string
	Name                   string
	DefaultImagePullSource string
}

type SynthesisConfig ¶

type SynthesisConfig struct {
	GenerateMissingCPEs bool
}

type UpstreamPackage ¶

type UpstreamPackage struct {
	Name    string // the package name
	Version string // the version of the package
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
qualifier
rpmmodularity

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL