Documentation
¶
Index ¶
- func DetectDockerfiles(dir string) (dockerfiles, composeFiles []string)
- func DetectSBOMFormat(filePath string) (string, error)
- func HasContainerFiles(dir string) bool
- type CargoParser
- type ComposerParser
- type Dependency
- type DependencyList
- type Detector
- type GemfileParser
- type GoModParser
- type MavenParser
- type NPMParser
- type NuGetParser
- type Parser
- type PipParser
- type SBOMParser
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DetectDockerfiles ¶
DetectDockerfiles finds Dockerfiles and docker-compose files in a directory. Returns true if any container-related files are found.
func DetectSBOMFormat ¶
DetectSBOMFormat reads a JSON file and returns "cyclonedx", "spdx", or "" if unknown.
func HasContainerFiles ¶
HasContainerFiles returns true if Dockerfiles or compose files exist in the directory.
Types ¶
type CargoParser ¶
type CargoParser struct{}
func (*CargoParser) Ecosystem ¶
func (p *CargoParser) Ecosystem() string
func (*CargoParser) Parse ¶
func (p *CargoParser) Parse(filePath string) ([]Dependency, error)
type ComposerParser ¶
type ComposerParser struct{}
func (*ComposerParser) Ecosystem ¶
func (p *ComposerParser) Ecosystem() string
func (*ComposerParser) Parse ¶
func (p *ComposerParser) Parse(filePath string) ([]Dependency, error)
type Dependency ¶
type Dependency struct {
Name string `json:"name"`
Version string `json:"version"`
Ecosystem string `json:"ecosystem"` // "npm", "PyPI", "Go", "Maven", "crates.io", "RubyGems", "Packagist", "NuGet"
SourceFile string `json:"source_file"` // Lock file it was parsed from
Direct bool `json:"direct"` // true if direct dep, false if transitive
Parent string `json:"parent,omitempty"` // Parent package if transitive
}
Dependency represents a single project dependency.
func ParseSBOM ¶
func ParseSBOM(filePath string) ([]Dependency, error)
ParseSBOM auto-detects format and parses the SBOM file.
type DependencyList ¶
type DependencyList struct {
Dependencies []Dependency `json:"dependencies"`
}
DependencyList holds all dependencies found in a project.
func (*DependencyList) Ecosystems ¶
func (dl *DependencyList) Ecosystems() []string
Ecosystems returns the unique ecosystems found.
type Detector ¶
type Detector struct{}
Detector finds and parses all dependency files in a project directory.
func NewDetector ¶
func NewDetector() *Detector
type GemfileParser ¶
type GemfileParser struct{}
func (*GemfileParser) Ecosystem ¶
func (p *GemfileParser) Ecosystem() string
func (*GemfileParser) Parse ¶
func (p *GemfileParser) Parse(filePath string) ([]Dependency, error)
type GoModParser ¶
type GoModParser struct{}
func (*GoModParser) Ecosystem ¶
func (p *GoModParser) Ecosystem() string
func (*GoModParser) Parse ¶
func (p *GoModParser) Parse(filePath string) ([]Dependency, error)
type MavenParser ¶
type MavenParser struct{}
func (*MavenParser) Ecosystem ¶
func (p *MavenParser) Ecosystem() string
func (*MavenParser) Parse ¶
func (p *MavenParser) Parse(filePath string) ([]Dependency, error)
type NuGetParser ¶
type NuGetParser struct{}
func (*NuGetParser) Ecosystem ¶
func (p *NuGetParser) Ecosystem() string
func (*NuGetParser) Parse ¶
func (p *NuGetParser) Parse(filePath string) ([]Dependency, error)
type Parser ¶
type Parser interface {
// Parse reads a dependency file and returns the dependencies found.
Parse(filePath string) ([]Dependency, error)
// Ecosystem returns the ecosystem name this parser handles.
Ecosystem() string
}
Parser is the interface all dependency file parsers implement.
type SBOMParser ¶
type SBOMParser struct{}
SBOMParser parses existing CycloneDX and SPDX SBOMs to extract dependencies.
func (*SBOMParser) ParseCycloneDX ¶
func (p *SBOMParser) ParseCycloneDX(filePath string) ([]Dependency, error)
ParseCycloneDX parses a CycloneDX JSON SBOM and extracts dependencies.
func (*SBOMParser) ParseSPDX ¶
func (p *SBOMParser) ParseSPDX(filePath string) ([]Dependency, error)
ParseSPDX parses an SPDX JSON SBOM and extracts dependencies.
Source Files