Documentation
¶
Overview ¶
Package spdxextract provides parsing and extraction functionality for SPDX SBOMs.
It uses the official spdx/tools-golang library for parsing SPDX SBOMs.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExtractPackages ¶
func ExtractPackages(doc *Document) []attribution.Attribution
ExtractPackages extracts a simplified list of packages from an SPDX document. It returns a slice of Attribution structs containing name, version, purl, and license information.
Types ¶
type Document ¶
type Document struct {
SPDXVersion string `json:"spdxVersion"`
SPDXID string `json:"SPDXID"`
Packages []Package `json:"packages"`
}
Document represents a minimal SPDX document with only the fields we need.
type ExternalRef ¶
type ExternalRef struct {
ReferenceCategory string `json:"referenceCategory"`
ReferenceType string `json:"referenceType"`
ReferenceLocator string `json:"referenceLocator"`
}
ExternalRef represents an external reference (like purl).
type Package ¶
type Package struct {
Name string `json:"name"`
VersionInfo string `json:"versionInfo"`
Homepage string `json:"homepage"`
LicenseConcluded string `json:"licenseConcluded"`
LicenseDeclared string `json:"licenseDeclared"`
ExternalRefs []ExternalRef `json:"externalRefs"`
}
Package represents a minimal SPDX package with only the fields we need.
Source Files
Click to show internal directories.
Click to hide internal directories.