The highest tagged major version is
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ManifestFiles = map[string]ManifestInfo{ "package-lock.json": {Type: "package-lock.json", Ecosystem: "npm", Language: "javascript", IsLock: true}, "package.json": {Type: "package.json", Ecosystem: "npm", Language: "javascript", IsLock: false}, "yarn.lock": {Type: "yarn.lock", Ecosystem: "npm", Language: "javascript", IsLock: true}, "pnpm-lock.yaml": {Type: "pnpm-lock.yaml", Ecosystem: "npm", Language: "javascript", IsLock: true}, "requirements.txt": {Type: "requirements.txt", Ecosystem: "pypi", Language: "python", IsLock: false}, "Pipfile.lock": {Type: "Pipfile.lock", Ecosystem: "pypi", Language: "python", IsLock: true}, "poetry.lock": {Type: "poetry.lock", Ecosystem: "pypi", Language: "python", IsLock: true}, "uv.lock": {Type: "uv.lock", Ecosystem: "pypi", Language: "python", IsLock: true}, "go.sum": {Type: "go.sum", Ecosystem: "golang", Language: "go", IsLock: true}, "go.mod": {Type: "go.mod", Ecosystem: "golang", Language: "go", IsLock: false}, "Gemfile.lock": {Type: "Gemfile.lock", Ecosystem: "rubygems", Language: "ruby", IsLock: true}, "Cargo.lock": {Type: "Cargo.lock", Ecosystem: "cargo", Language: "rust", IsLock: true}, "pom.xml": {Type: "pom.xml", Ecosystem: "maven", Language: "java", IsLock: false}, "gradle.lockfile": {Type: "gradle.lockfile", Ecosystem: "maven", Language: "java", IsLock: true}, "composer.lock": {Type: "composer.lock", Ecosystem: "composer", Language: "php", IsLock: true}, "packages.lock.json": {Type: "packages.lock.json", Ecosystem: "nuget", Language: "c#", IsLock: true}, "Package.resolved": {Type: "Package.resolved", Ecosystem: "swift", Language: "swift", IsLock: true}, "pubspec.lock": {Type: "pubspec.lock", Ecosystem: "pub", Language: "dart", IsLock: true}, "mix.lock": {Type: "mix.lock", Ecosystem: "hex", Language: "elixir", IsLock: true}, "build.lock": {Type: "build.lock", Ecosystem: "maven", Language: "scala", IsLock: true}, "build.gradle.kts": {Type: "build.gradle.kts", Ecosystem: "maven", Language: "kotlin", IsLock: false}, }
ManifestFiles maps known manifest filenames to their metadata.
View Source
var SupportedManifestTypes = map[string]bool{ "package.json": true, "package-lock.json": true, "requirements.txt": true, "Pipfile.lock": true, "go.sum": true, "go.mod": true, "Cargo.lock": true, "Gemfile.lock": true, "pom.xml": true, "composer.lock": true, "yarn.lock": true, "pnpm-lock.yaml": true, }
SupportedManifestTypes lists manifest types accepted by the V2 scan endpoint.
Functions ¶
This section is empty.
Types ¶
type DetectedFile ¶
type DetectedFile struct {
Path string
RelPath string // relative to scan root
FileType FileType
ManifestInfo *ManifestInfo // non-nil for manifest files
SBOMVersion string // e.g. "SPDX-2.3", "1.5" for CycloneDX
Supported bool // whether the backend accepts this file type
}
DetectedFile represents a detected scannable file
func WalkForScanFiles ¶
func WalkForScanFiles(opts WalkOptions) ([]DetectedFile, error)
WalkForScanFiles walks the filesystem from root, up to maxDepth, looking for manifest files and potential SBOM documents.
type ManifestInfo ¶
type ManifestInfo struct {
Type string // canonical filename used as the manifest "type" parameter
Ecosystem string
Language string
IsLock bool
}
ManifestInfo describes a known manifest file
func DetectManifest ¶
func DetectManifest(filename string) (*ManifestInfo, bool)
DetectManifest checks if a filename is a known manifest file.
type WalkOptions ¶
type WalkOptions struct {
RootPath string
MaxDepth int
Excludes []string // glob patterns to exclude
}
WalkOptions configures the filesystem walk behavior.
Source Files
Click to show internal directories.
Click to hide internal directories.