github

package
v0.51.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 11, 2022 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source
const ID sbom.FormatID = "github-0-json"

Variables

This section is empty.

Functions

func Format

func Format() sbom.Format

Types

type DependencyGraph

type DependencyGraph map[string]DependencyNode

type DependencyNode

type DependencyNode struct {
	PackageURL   string                 `json:"package_url,omitempty"`
	Metadata     Metadata               `json:"metadata,omitempty"`
	Relationship DependencyRelationship `json:"relationship,omitempty"`
	Scope        DependencyScope        `json:"scope,omitempty"`
	Dependencies []string               `json:"dependencies,omitempty"`
}

type DependencyRelationship

type DependencyRelationship string

DependencyRelationship A notation of whether a dependency is requested directly by this manifest, or is a dependency of another dependency.

const (
	DependencyRelationshipDirect   DependencyRelationship = "direct"
	DependencyRelationshipIndirect DependencyRelationship = "indirect"
)

type DependencyScope

type DependencyScope string

DependencyScope A notation of whether the dependency is required for the primary build artifact (runtime), or is only used for development. Future versions of this specification may allow for more granular scopes, like `runtimeserver`, `runtimeshipped`, `developmenttest`, `developmentbenchmark`.

const (
	DependencyScopeRuntime     DependencyScope = "runtime"
	DependencyScopeDevelopment DependencyScope = "development"
)

type DependencySnapshot

type DependencySnapshot struct {
	Version   int              `json:"version"`
	Job       Job              `json:"job,omitempty"` // !omitempty
	Sha       string           `json:"sha,omitempty"` // !omitempty sha of the Git commit
	Ref       string           `json:"ref,omitempty"` // !omitempty ref of the Git commit example "refs/heads/main"
	Detector  DetectorMetadata `json:"detector,omitempty"`
	Metadata  Metadata         `json:"metadata,omitempty"`
	Manifests Manifests        `json:"manifests,omitempty"`
	Scanned   ISO8601Date      `json:"scanned,omitempty"`
}

type DetectorMetadata

type DetectorMetadata struct {
	Name    string `json:"name,omitempty"`
	URL     string `json:"url,omitempty"`
	Version string `json:"version,omitempty"`
}

type FileInfo

type FileInfo struct {
	SourceLocation string `json:"source_location,omitempty"`
}

type ISO8601Date

type ISO8601Date = string

type Job

type Job struct {
	Correlator string `json:"correlator,omitempty"` // !omitempty
	ID         string `json:"id,omitempty"`         // !omitempty
	HTMLURL    string `json:"html_url,omitempty"`
}

type Manifest

type Manifest struct {
	Name     string          `json:"name"`
	File     FileInfo        `json:"file"`
	Metadata Metadata        `json:"metadata,omitempty"`
	Resolved DependencyGraph `json:"resolved,omitempty"`
}

Manifest A collection of related dependencies, either declared in a file, or representing a logical group of dependencies.

type Manifests

type Manifests map[string]Manifest

type Metadata

type Metadata map[string]Scalar

type Scalar

type Scalar interface{} // should be: null | boolean | string | number

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL