normalize

package
v0.17.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 26, 2025 License: AGPL-3.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidVersion = fmt.Errorf("invalid version")
)
View Source 
var PURLEcosystems = map[string]string{
	"Alpine":    "apk",
	"crates.io": "cargo",
	"Debian":    "deb",
	"Go":        "golang",
	"Hackage":   "hackage",
	"Hex":       "hex",
	"Maven":     "maven",
	"npm":       "npm",
	"NuGet":     "nuget",
	"OSS-Fuzz":  "generic",
	"Packagist": "composer",
	"Pub":       "pub",
	"PyPI":      "pypi",
	"RubyGems":  "gem",
}
View Source 
var ValidSemverRegex = regexp.MustCompile(`^(?P<major>0|[1-9]\d*)\.(?P<minor>0|[1-9]\d*)\.(?P<patch>0|[1-9]\d*)(?:-(?P<prerelease>(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+(?P<buildmetadata>[0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$`)

Regex for validating a correct semver.

Functions

func ArtifactPurl added in v0.17.2 

func ArtifactPurl(scanner string, assetName string) string

func ConvertToSemver 

func ConvertToSemver(originalVersion string) string

ConvertToSemver converts any versioning scheme to a semver-like versioning scheme

func FixFixedVersion added in v0.17.2 

func FixFixedVersion(purl string, fixedVersion *string) *string

func FromCdxBom 

func FromCdxBom(bom *cdx.BOM, convertComponentType bool) *cdxBom

if the second parameter is set to true, the component type will be converted to the correct type THIS SHOULD ONLY be done, if the component type wasnt set by us. if the component type was set by us, we shouldnt change it

func MapCDXToStatus added in v0.17.2 

func MapCDXToStatus(a *cdx.VulnerabilityAnalysis) string

map CycloneDX Analysis State / Response to internal status strings used by UpdateDependencyVulnState

func MergeCdxBoms added in v0.17.2 

func MergeCdxBoms(metadata *cdx.Metadata, boms ...*cdx.BOM) *cdx.BOM

func PackageToPurl 

func PackageToPurl(ecosystem, packageName string) string

func Purl 

func Purl(component cdx.Component) string

func PurlToEcosystem 

func PurlToEcosystem(purlType string) string

func SemverFix 

func SemverFix(version string) (string, error)

func SemverSort added in v0.5.14 

func SemverSort(versions []string)

Types

type SBOM 

type SBOM interface {
	GetComponents() *[]cdx.Component
	GetDependencies() *[]cdx.Dependency
	GetMetadata() *cdx.Metadata
	GetCdxBom() *cdx.BOM
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.