sbom

package
v0.52.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 29, 2022 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrEncodingNotSupported   = errors.New("encoding not supported")
	ErrDecodingNotSupported   = errors.New("decoding not supported")
	ErrValidationNotSupported = errors.New("validation not supported")
)

Functions

This section is empty.

Types

type Artifacts 

type Artifacts struct {
	PackageCatalog      *pkg.Catalog
	FileMetadata        map[source.Coordinates]source.FileMetadata
	FileDigests         map[source.Coordinates][]file.Digest
	FileClassifications map[source.Coordinates][]file.Classification
	FileContents        map[source.Coordinates]string
	Secrets             map[source.Coordinates][]file.SearchResult
	LinuxDistribution   *linux.Release
}

type Decoder 

type Decoder func(reader io.Reader) (*SBOM, error)

Decoder is a function that can convert an SBOM document of a specific format from a reader into Syft native objects.

type Descriptor 

type Descriptor struct {
	Name          string
	Version       string
	Configuration interface{}
}

type Encoder 

type Encoder func(io.Writer, SBOM) error

Encoder is a function that can transform Syft native objects into an SBOM document of a specific format written to the given writer.

type Format 

type Format interface {
	ID() FormatID
	Encode(io.Writer, SBOM) error
	Decode(io.Reader) (*SBOM, error)
	Validate(io.Reader) error
}

func NewFormat 

func NewFormat(id FormatID, encoder Encoder, decoder Decoder, validator Validator) Format

type FormatID 

type FormatID string

func (FormatID) String 

func (f FormatID) String() string

String returns a string representation of the FormatID.

type SBOM 

type SBOM struct {
	Artifacts     Artifacts
	Relationships []artifact.Relationship
	Source        source.Metadata
	Descriptor    Descriptor
}

func (SBOM) AllCoordinates 

func (s SBOM) AllCoordinates() []source.Coordinates

func (SBOM) RelationshipsSorted 

func (s SBOM) RelationshipsSorted() []artifact.Relationship

type Validator 

type Validator func(reader io.Reader) error

Validator reads the SBOM from the given reader and assesses whether the document conforms to the specific SBOM format. The validator should positively confirm if the SBOM is not only the format but also has the minimal set of values that the format requires. For example, all syftjson formatted documents have a schema section which should have "anchore/syft" within the version --if this isn't found then the validator should raise an error. These active assertions protect against "simple" format decoding validations that may lead to false positives (e.g. I decoded json successfully therefore this must be the target format, however, all values are their default zero-value and really represent a different format that also uses json)

type Writer 

type Writer interface {
	// Write writes the provided SBOM
	Write(SBOM) error

	// Closer a resource cleanup hook which will be called after SBOM
	// is written or if an error occurs before Write is called
	io.Closer
}

Writer an interface to write SBOMs

func NewWriter 

func NewWriter(options ...WriterOption) (_ Writer, err error)

NewWriter create all report writers from input options; if a file is not specified, os.Stdout is used

type WriterOption 

type WriterOption struct {
	Format Format
	Path   string
}

WriterOption Format and path strings used to create sbom.Writer

func NewWriterOption 

func NewWriterOption(f Format, p string) WriterOption

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.