sbom

package
v1.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 24, 2025 License: Apache-2.0 Imports: 35 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CleanKey added in v0.2.2 

func CleanKey(key string) string

Helper function to clean up keys

func SupportedPrimaryPurpose 

func SupportedPrimaryPurpose(f string) []string

func SupportedSBOMFileFormats 

func SupportedSBOMFileFormats(f string) []string

func SupportedSBOMSpecVersions 

func SupportedSBOMSpecVersions(f string) []string

func SupportedSBOMSpecs 

func SupportedSBOMSpecs() []string

Types

type Author 

type Author struct {
	Name       string
	Email      string
	AuthorType string // person or org
	Phone      string
}

func (Author) GetEmail added in v0.2.0 

func (a Author) GetEmail() string

func (Author) GetName added in v0.2.0 

func (a Author) GetName() string

func (Author) GetPhone added in v0.2.2 

func (a Author) GetPhone() string

func (Author) GetType added in v0.2.0 

func (a Author) GetType() string

type CdxDoc added in v0.2.0 

type CdxDoc struct {
	CdxSpec    *Specs
	Comps      []GetComponent
	CdxAuthors []GetAuthor
	CdxTools   []GetTool

	Lifecycle       []string
	CdxSupplier     GetSupplier
	CdxManufacturer GetManufacturer

	PrimaryComponent PrimaryComp
	Dependencies     map[string][]string

	Vuln            []GetVulnerabilities
	SignatureDetail GetSignature
	// contains filtered or unexported fields
}

func (CdxDoc) Authors added in v0.2.0 

func (c CdxDoc) Authors() []GetAuthor

func (CdxDoc) Components added in v0.2.0 

func (c CdxDoc) Components() []GetComponent

func (CdxDoc) GetComposition added in v0.2.0 

func (c CdxDoc) GetComposition(componentID string) string

func (CdxDoc) GetRelationships added in v0.2.0 

func (c CdxDoc) GetRelationships(componentID string) []string

func (CdxDoc) Lifecycles added in v0.2.0 

func (c CdxDoc) Lifecycles() []string

func (CdxDoc) Logs added in v0.2.0 

func (c CdxDoc) Logs() []string

func (CdxDoc) Manufacturer added in v0.2.0 

func (c CdxDoc) Manufacturer() GetManufacturer

func (CdxDoc) PrimaryComp added in v0.2.0 

func (c CdxDoc) PrimaryComp() GetPrimaryComp

func (CdxDoc) Relations added in v0.2.0 

func (c CdxDoc) Relations() []GetRelation

func (CdxDoc) Signature added in v1.0.0 

func (c CdxDoc) Signature() GetSignature

func (CdxDoc) Spec added in v0.2.0 

func (c CdxDoc) Spec() Spec

func (CdxDoc) Supplier added in v0.2.0 

func (c CdxDoc) Supplier() GetSupplier

func (CdxDoc) Tools added in v0.2.0 

func (c CdxDoc) Tools() []GetTool

func (CdxDoc) Vulnerabilities added in v1.0.0 

func (c CdxDoc) Vulnerabilities() []GetVulnerabilities

type Checksum 

type Checksum struct {
	Alg     string
	Content string
}

func (Checksum) GetAlgo added in v0.1.5 

func (c Checksum) GetAlgo() string

func (Checksum) GetContent added in v0.1.5 

func (c Checksum) GetContent() string

type Component 

type Component struct {
	Name    string
	Version string
	Cpes    []cpe.CPE
	Purls   []purl.PURL
	Swhid   []swhid.SWHID
	OmniID  []omniborid.OMNIBORID
	Swid    []swid.SWID

	Checksums []GetChecksum

	ID       string
	Athrs    []GetAuthor
	Supplier Supplier

	DownloadLocation string

	PrimaryCompt PrimaryComp

	RelationshipState       string
	Spdxid                  string
	FileAnalyzed            bool
	CopyRight               string
	PackageLicenseConcluded string
	PackageLicenseDeclared  string
	ExternalRefs            []GetExternalReference
	// contains filtered or unexported fields
}

func NewComponent added in v0.1.5 

func NewComponent() *Component

func (Component) Authors added in v1.2.0 

func (c Component) Authors() []GetAuthor

func (Component) ConcludedLicenses added in v1.0.0 

func (c Component) ConcludedLicenses() []licenses.License

func (Component) CountOfDependencies added in v0.1.0 

func (c Component) CountOfDependencies() int

func (Component) DeclaredLicenses added in v1.0.0 

func (c Component) DeclaredLicenses() []licenses.License

func (Component) ExternalReferences added in v0.1.5 

func (c Component) ExternalReferences() []GetExternalReference

func (Component) GetChecksums added in v0.1.5 

func (c Component) GetChecksums() []GetChecksum

func (Component) GetComposition added in v0.2.0 

func (c Component) GetComposition(componentID string) string

func (Component) GetCopyRight added in v0.1.5 

func (c Component) GetCopyRight() string

func (Component) GetCpes added in v0.2.0 

func (c Component) GetCpes() []cpe.CPE

func (Component) GetDownloadLocationURL added in v0.1.8 

func (c Component) GetDownloadLocationURL() string

func (Component) GetFileAnalyzed added in v0.1.5 

func (c Component) GetFileAnalyzed() bool

func (Component) GetID added in v0.1.5 

func (c Component) GetID() string

func (Component) GetName added in v0.1.5 

func (c Component) GetName() string

func (Component) GetPackageLicenseConcluded added in v0.1.5 

func (c Component) GetPackageLicenseConcluded() string

func (Component) GetPackageLicenseDeclared added in v0.1.5 

func (c Component) GetPackageLicenseDeclared() string

func (Component) GetPrimaryCompInfo added in v0.2.2 

func (c Component) GetPrimaryCompInfo() GetPrimaryComp

func (Component) GetPurls added in v0.2.0 

func (c Component) GetPurls() []purl.PURL

func (Component) GetSpdxID added in v0.1.5 

func (c Component) GetSpdxID() string

func (Component) GetVersion added in v0.1.5 

func (c Component) GetVersion() string

func (Component) HasRelationShips added in v0.1.0 

func (c Component) HasRelationShips() bool

func (Component) IsPrimaryComponent added in v0.1.0 

func (c Component) IsPrimaryComponent() bool

func (Component) Licenses 

func (c Component) Licenses() []licenses.License

func (Component) Manufacturer added in v0.1.0 

func (c Component) Manufacturer() GetManufacturer

func (Component) OmniborIDs added in v0.2.2 

func (c Component) OmniborIDs() []omniborid.OMNIBORID

func (Component) PrimaryPurpose 

func (c Component) PrimaryPurpose() string

func (Component) RelationShipState added in v0.1.0 

func (c Component) RelationShipState() string

func (Component) RequiredFields 

func (c Component) RequiredFields() bool

func (Component) SourceCodeHash added in v0.1.0 

func (c Component) SourceCodeHash() string

func (Component) SourceCodeURL added in v0.1.8 

func (c Component) SourceCodeURL() string

func (Component) Suppliers added in v0.1.5 

func (c Component) Suppliers() GetSupplier

func (Component) Swhids added in v0.2.2 

func (c Component) Swhids() []swhid.SWHID

func (Component) Swids added in v0.2.2 

func (c Component) Swids() []swid.SWID

type Contact added in v0.1.0 

type Contact struct {
	Name  string
	Email string
	Phone string
}

func (Contact) GetEmail added in v0.2.2 

func (c Contact) GetEmail() string

func (Contact) GetName added in v0.2.2 

func (c Contact) GetName() string

func (Contact) GetPhone added in v0.2.2 

func (c Contact) GetPhone() string

type Document 

type Document interface {
	Spec() Spec
	Components() []GetComponent
	Relations() []GetRelation
	Authors() []GetAuthor
	Tools() []GetTool
	Logs() []string

	Lifecycles() []string
	Manufacturer() GetManufacturer
	Supplier() GetSupplier

	PrimaryComp() GetPrimaryComp
	GetRelationships(string) []string

	Vulnerabilities() []GetVulnerabilities
	Signature() GetSignature
}

func NewSBOMDocument 

func NewSBOMDocument(ctx context.Context, f io.ReadSeeker, sig Signature) (Document, error)

type ExternalReference added in v0.1.5 

type ExternalReference struct {
	RefType    string
	RefLocator string
}

func (ExternalReference) GetRefLocator added in v0.2.2 

func (e ExternalReference) GetRefLocator() string

func (ExternalReference) GetRefType added in v0.1.5 

func (e ExternalReference) GetRefType() string

type FileFormat 

type FileFormat string
const (
	FileFormatJSON     FileFormat = "json"
	FileFormatRDF      FileFormat = "rdf"
	FileFormatYAML     FileFormat = "yaml"
	FileFormatTagValue FileFormat = "tag-value"
	FileFormatXML      FileFormat = "xml"
	FileFormatUnknown  FileFormat = "unknown"
)

type FormatVersion added in v0.2.3 

type FormatVersion string

type GetAuthor added in v0.2.0 

type GetAuthor interface {
	GetName() string
	GetType() string
	GetEmail() string
	GetPhone() string
}

type GetChecksum added in v0.1.5 

type GetChecksum interface {
	GetAlgo() string
	GetContent() string
}

type GetComponent added in v0.1.5 

type GetComponent interface {
	GetID() string
	GetName() string
	GetVersion() string
	GetCpes() []cpe.CPE
	GetPurls() []purl.PURL
	Swhids() []swhid.SWHID
	OmniborIDs() []omniborid.OMNIBORID
	Swids() []swid.SWID
	Licenses() []licenses.License
	DeclaredLicenses() []licenses.License
	ConcludedLicenses() []licenses.License
	GetChecksums() []GetChecksum
	PrimaryPurpose() string
	RequiredFields() bool
	Suppliers() GetSupplier
	Authors() []GetAuthor
	Manufacturer() GetManufacturer
	CountOfDependencies() int
	SourceCodeURL() string
	GetDownloadLocationURL() string
	SourceCodeHash() string
	IsPrimaryComponent() bool
	HasRelationShips() bool
	RelationShipState() string
	GetSpdxID() string
	GetFileAnalyzed() bool
	GetCopyRight() string
	GetPackageLicenseDeclared() string
	GetPackageLicenseConcluded() string
	ExternalReferences() []GetExternalReference
	GetComposition(string) string
	GetPrimaryCompInfo() GetPrimaryComp
}

type GetContact added in v0.2.2 

type GetContact interface {
	GetName() string
	GetEmail() string
	GetPhone() string
}

type GetExternalReference added in v0.1.5 

type GetExternalReference interface {
	GetRefType() string
	GetRefLocator() string
}

type GetManufacturer added in v1.0.0 

type GetManufacturer interface {
	GetName() string
	GetURL() string
	GetEmail() string
	GetContacts() []Contact
}

type GetPrimaryComp added in v0.2.0 

type GetPrimaryComp interface {
	IsPresent() bool
	GetID() string
	GetName() string
	GetVersion() string
	GetTotalNoOfDependencies() int
	HasDependencies() bool
	GetDependencies() []string
}

type GetRelation added in v0.2.0 

type GetRelation interface {
	GetFrom() string
	GetTo() string
}

type GetSignature added in v1.0.0 

type GetSignature interface {
	GetSigValue() string
	GetPublicKey() string
	GetBlob() string
}

type GetSupplier added in v0.1.5 

type GetSupplier interface {
	GetName() string
	GetEmail() string
	GetURL() string
	GetContacts() []Contact
	IsPresent() bool
}

type GetTool added in v0.1.5 

type GetTool interface {
	GetName() string
	GetVersion() string
}

type GetVulnerabilities added in v1.0.0 

type GetVulnerabilities interface {
	GetID() string
}

type Manufacturer added in v0.1.0 

type Manufacturer struct {
	Name     string
	URL      string
	Email    string
	Contacts []Contact
}

func (Manufacturer) GetContacts added in v0.1.8 

func (m Manufacturer) GetContacts() []Contact

func (Manufacturer) GetEmail added in v0.1.8 

func (m Manufacturer) GetEmail() string

func (Manufacturer) GetName added in v0.1.8 

func (m Manufacturer) GetName() string

func (Manufacturer) GetURL added in v0.1.8 

func (m Manufacturer) GetURL() string

type PrimaryComp added in v0.2.0 

type PrimaryComp struct {
	Present         bool
	ID              string
	Dependecies     int
	HasDependency   bool
	Name            string
	Version         string
	AllDependencies []string
}

func (PrimaryComp) GetDependencies added in v0.2.2 

func (pc PrimaryComp) GetDependencies() []string

func (PrimaryComp) GetID added in v0.2.0 

func (pc PrimaryComp) GetID() string

func (PrimaryComp) GetName added in v0.2.2 

func (pc PrimaryComp) GetName() string

func (PrimaryComp) GetTotalNoOfDependencies added in v0.2.0 

func (pc PrimaryComp) GetTotalNoOfDependencies() int

func (PrimaryComp) GetVersion added in v1.0.7 

func (pc PrimaryComp) GetVersion() string

func (PrimaryComp) HasDependencies added in v0.2.0 

func (pc PrimaryComp) HasDependencies() bool

func (PrimaryComp) IsPresent added in v0.2.0 

func (pc PrimaryComp) IsPresent() bool

type Relation 

type Relation struct {
	From string
	To   string
}

func (Relation) GetFrom added in v0.2.0 

func (r Relation) GetFrom() string

func (Relation) GetTo added in v0.2.0 

func (r Relation) GetTo() string

type Signature added in v1.0.0 

type Signature struct {
	SigValue  string
	PublicKey string
	Blob      string
}

func (*Signature) GetBlob added in v1.0.0 

func (s *Signature) GetBlob() string

func (*Signature) GetPublicKey added in v1.0.0 

func (s *Signature) GetPublicKey() string

func (*Signature) GetSigValue added in v1.0.0 

func (s *Signature) GetSigValue() string

type SpdxDoc added in v0.1.5 

type SpdxDoc struct {
	SpdxSpec  *Specs
	Comps     []GetComponent
	Auths     []GetAuthor
	SpdxTools []GetTool
	Rels      []GetRelation

	PrimaryComponent PrimaryComp
	Lifecycle        string
	Dependencies     map[string][]string

	Vuln            []GetVulnerabilities
	SignatureDetail GetSignature
	// contains filtered or unexported fields
}

func (SpdxDoc) Authors added in v0.1.5 

func (s SpdxDoc) Authors() []GetAuthor

func (SpdxDoc) Components added in v0.1.5 

func (s SpdxDoc) Components() []GetComponent

func (SpdxDoc) GetComposition added in v0.2.0 

func (s SpdxDoc) GetComposition(componentID string) string

func (SpdxDoc) GetRelationships added in v0.2.0 

func (s SpdxDoc) GetRelationships(componentID string) []string

func (SpdxDoc) Lifecycles added in v0.1.5 

func (s SpdxDoc) Lifecycles() []string

func (SpdxDoc) Logs added in v0.1.5 

func (s SpdxDoc) Logs() []string

func (SpdxDoc) Manufacturer added in v0.1.5 

func (s SpdxDoc) Manufacturer() GetManufacturer

func (SpdxDoc) PrimaryComp added in v0.2.0 

func (s SpdxDoc) PrimaryComp() GetPrimaryComp

func (SpdxDoc) Relations added in v0.1.5 

func (s SpdxDoc) Relations() []GetRelation

func (SpdxDoc) Signature added in v1.0.0 

func (s SpdxDoc) Signature() GetSignature

func (SpdxDoc) Spec added in v0.1.5 

func (s SpdxDoc) Spec() Spec

func (SpdxDoc) Supplier added in v0.1.5 

func (s SpdxDoc) Supplier() GetSupplier

func (SpdxDoc) Tools added in v0.1.5 

func (s SpdxDoc) Tools() []GetTool

func (SpdxDoc) Vulnerabilities added in v1.0.0 

func (s SpdxDoc) Vulnerabilities() []GetVulnerabilities

type Spec 

type Spec interface {
	GetVersion() string
	FileFormat() string
	Parsable() bool
	GetName() string
	GetSpecType() string
	RequiredFields() bool
	GetCreationTimestamp() string
	GetLicenses() []licenses.License
	GetNamespace() string
	GetURI() string
	GetOrganization() string
	GetComment() string
	GetSpdxID() string
	GetExtDocRef() []string
}

type SpecFormat added in v0.1.8 

type SpecFormat string
const (
	SBOMSpecSPDX    SpecFormat = "spdx"
	SBOMSpecCDX     SpecFormat = "cyclonedx"
	SBOMSpecUnknown SpecFormat = "unknown"
)

type Specs added in v0.1.5 

type Specs struct {
	Version  string
	Format   string
	SpecType string
	Name     string

	Licenses             []licenses.License
	CreationTimestamp    string
	Namespace            string
	URI                  string
	Organization         string
	Comment              string
	Spdxid               string
	ExternalDocReference []string
	// contains filtered or unexported fields
}

func NewSpec added in v0.1.5 

func NewSpec() *Specs

func (Specs) FileFormat added in v0.1.5 

func (s Specs) FileFormat() string

func (Specs) GetComment added in v0.1.5 

func (s Specs) GetComment() string

func (Specs) GetCreationTimestamp added in v0.1.5 

func (s Specs) GetCreationTimestamp() string

func (Specs) GetExtDocRef added in v1.0.0 

func (s Specs) GetExtDocRef() []string

func (Specs) GetLicenses added in v0.1.5 

func (s Specs) GetLicenses() []licenses.License

func (Specs) GetName added in v0.1.5 

func (s Specs) GetName() string

func (Specs) GetNamespace added in v0.1.5 

func (s Specs) GetNamespace() string

func (Specs) GetOrganization added in v0.1.5 

func (s Specs) GetOrganization() string

func (Specs) GetSpdxID added in v0.1.5 

func (s Specs) GetSpdxID() string

func (Specs) GetSpecType added in v0.1.5 

func (s Specs) GetSpecType() string

func (Specs) GetURI added in v1.0.0 

func (s Specs) GetURI() string

func (Specs) GetVersion added in v0.1.5 

func (s Specs) GetVersion() string

func (Specs) Parsable added in v0.1.5 

func (s Specs) Parsable() bool

func (Specs) RequiredFields added in v0.1.5 

func (s Specs) RequiredFields() bool

type Supplier added in v0.1.0 

type Supplier struct {
	Name     string
	Email    string
	URL      string
	Contacts []Contact
}

func (Supplier) GetContacts added in v0.1.5 

func (s Supplier) GetContacts() []Contact

func (Supplier) GetEmail added in v0.1.5 

func (s Supplier) GetEmail() string

func (Supplier) GetName added in v0.1.5 

func (s Supplier) GetName() string

func (Supplier) GetURL added in v0.1.8 

func (s Supplier) GetURL() string

func (Supplier) IsPresent added in v0.1.8 

func (s Supplier) IsPresent() bool

type Tool 

type Tool struct {
	Name    string
	Version string
}

func (Tool) GetName added in v0.1.5 

func (t Tool) GetName() string

func (Tool) GetVersion added in v0.1.5 

func (t Tool) GetVersion() string

type Vulnerability added in v1.0.0 

type Vulnerability struct {
	ID string
}

func (Vulnerability) GetID added in v1.0.0 

func (v Vulnerability) GetID() string

Source Files

View all Source files

Directories

Path Synopsis
Code generated by counterfeiter.
 Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.