spdx

package
v0.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 16, 2021 License: Apache-2.0 Imports: 43 Imported by: 0

Documentation

Overview

SHA1 is the currently accepted hash algorithm for SPDX documents, used for file integrity checks, NOT security. Instances of G401 and G505 can be safely ignored in this file.

ref: https://github.com/spdx/spdx-spec/issues/11

SHA1 is the currently accepted hash algorithm for SPDX documents, used for file integrity checks, NOT security. Instances of G401 and G505 can be safely ignored in this file.

ref: https://github.com/spdx/spdx-spec/issues/11

SHA1 is the currently accepted hash algorithm for SPDX documents, used for file integrity checks, NOT security. Instances of G401 and G505 can be safely ignored in this file.

ref: https://github.com/spdx/spdx-spec/issues/11

Index

Constants

View Source 
const (
	GoModFileName = "go.mod"
	GoSumFileName = "go.sum"
)
View Source 
const (

	// Consts of some SPDX expressions
	NONE        = "NONE"
	NOASSERTION = "NOASSERTION"
)

Variables

View Source 
var DefaultProvenanceOptions = &ProvenanceOptions{
	Relationships: map[string][]RelationshipType{
		"include": {},
		"exclude": {
			EXAMPLE_OF,
			DEPENDS_ON,
		},
	},
}

DefaultProvenanceOptions we consider examples and dependencies as not part of the doc

Functions 

func Banner() string

func PullImageToArchive added in v0.10.0 

func PullImageToArchive(referenceString, path string) error

Types

type ArchiveManifest 

type ArchiveManifest struct {
	ConfigFilename string   `json:"Config"`
	RepoTags       []string `json:"RepoTags"`
	LayerFiles     []string `json:"Layers"`
}

type ContainerLayerAnalyzer 

type ContainerLayerAnalyzer interface {
	ReadPackageData(layerPath string, pkg *Package) error
	CanHandle(layerPath string) (bool, error)
}

ContainerLayerAnalyzer is an interface that knows how to read a known container layer and populate a SPDX package

type ContainerLayerAnalyzerOptions 

type ContainerLayerAnalyzerOptions struct {
	LicenseCacheDir string
}

type DocBuilder 

type DocBuilder struct {
	// contains filtered or unexported fields
}

DocBuilder is a tool to write spdx manifests

func NewDocBuilder 

func NewDocBuilder() *DocBuilder

func (*DocBuilder) Generate 

func (db *DocBuilder) Generate(genopts *DocGenerateOptions) (*Document, error)

Generate creates anew SPDX document describing the artifacts specified in the options

type DocBuilderImplementation 

type DocBuilderImplementation interface {
	GenerateDoc(*DocBuilderOptions, *DocGenerateOptions) (*Document, error)
	WriteDoc(*Document, string) error
	ReadYamlConfiguration(string, *DocGenerateOptions) error
}

type DocBuilderOptions 

type DocBuilderOptions struct {
	WorkDir string // Working directory (defaults to a tmp dir)
}

type DocGenerateOptions 

type DocGenerateOptions struct {
	AnalyseLayers       bool                  // A flag that controls if deep layer analysis should be performed
	NoGitignore         bool                  // Do not read exclusions from gitignore file
	ProcessGoModules    bool                  // Analyze go.mod to include data about packages
	OnlyDirectDeps      bool                  // Only include direct dependencies from go.mod
	ScanLicenses        bool                  // Try to llok into files to determine their license
	ConfigFile          string                // Path to SBOM configuration file
	OutputFile          string                // Output location
	Name                string                // Name to us ein the resulting document
	Namespace           string                // Namespace for the document (a unique URI)
	CreatorPerson       string                // Document creator information
	License             string                // Main license of the document
	Tarballs            []string              // A slice of tar paths
	Files               []string              // A slice of naked files to include in the bom
	Images              []string              // A slice of docker images
	Directories         []string              // A slice of directories to convert into packages
	IgnorePatterns      []string              // a slice of regexp patterns to ignore when scanning dirs
	ExternalDocumentRef []ExternalDocumentRef // List of external documents related to the bom
}

func (*DocGenerateOptions) Validate 

func (o *DocGenerateOptions) Validate() error

type Document 

type Document struct {
	Version     string // SPDX-2.2
	DataLicense string // CC0-1.0
	ID          string // SPDXRef-DOCUMENT
	Name        string // hello-go-src
	Namespace   string // https://swinslow.net/spdx-examples/example6/hello-go-src-v1
	Creator     struct {
		Person       string // Steve Winslow (steve@swinslow.net)
		Organization string
		Tool         []string // github.com/spdx/tools-golang/builder
	}
	Created            time.Time // 2020-11-24T01:12:27Z
	LicenseListVersion string
	Packages           map[string]*Package
	Files              map[string]*File      // List of files
	ExternalDocRefs    []ExternalDocumentRef // List of related external documents
}

Document abstracts the SPDX document

func NewDocument 

func NewDocument() *Document

NewDocument returns a new SPDX document with some defaults preloaded

func OpenDoc added in v0.12.0 

func OpenDoc(path string) (*Document, error)

OpenDoc opens a file, parses a SPDX tag-value file and returns a loaded spdx.Document object. This functions has the cyclomatic chec disabled as it spans specific cases for each of the tags it recognizes. nolint:gocyclo

func (*Document) AddFile 

func (d *Document) AddFile(file *File) error

AddFile adds a file contained in the package

func (*Document) AddPackage 

func (d *Document) AddPackage(pkg *Package) error

AddPackage adds a new empty package to the document

func (*Document) Outline added in v0.12.0 

func (d *Document) Outline(o *DrawingOptions) (outline string, err error)

Outline draws an outline of the relationships inside the doc

func (*Document) Render 

func (d *Document) Render() (doc string, err error)

Render reders the spdx manifest

func (*Document) ToProvenanceStatement added in v0.12.0 

func (d *Document) ToProvenanceStatement(opts *ProvenanceOptions) *provenance.Statement

func (*Document) Write 

func (d *Document) Write(path string) error

Write outputs the SPDX document into a file

type DrawingOptions added in v0.12.0 

type DrawingOptions struct {
	Width       int
	Height      int
	Recursion   int
	DisableTerm bool
	LastItem    bool
	SkipName    bool
	OnlyIDs     bool
	ASCIIOnly   bool
}

type Entity added in v0.10.0 

type Entity struct {
	ID               string            // Identifier string  for the object in the doc
	SourceFile       string            // Local file to read for information
	Name             string            // Name of the package
	DownloadLocation string            // Download point for the entity
	CopyrightText    string            // NOASSERTION
	FileName         string            // Name of the file
	LicenseConcluded string            // LicenseID o NOASSERTION
	Opts             *ObjectOptions    // Entity options
	Relationships    []*Relationship   // List of objects that have a relationship woth this package
	Checksum         map[string]string // Colection of source file checksums
}

func (*Entity) AddRelationship added in v0.10.0 

func (e *Entity) AddRelationship(rel *Relationship)

AddRelated this adds a related object to the file to be rendered on the document. The exact output depends on the related obj options

func (*Entity) BuildID added in v0.10.0 

func (e *Entity) BuildID(seeds ...string)

BuildID sets the file ID, optionally from a series of strings

func (*Entity) GetRelationships added in v0.12.0 

func (e *Entity) GetRelationships() *[]*Relationship

func (*Entity) Options added in v0.10.0 

func (e *Entity) Options() *ObjectOptions

func (*Entity) ReadChecksums added in v0.10.0 

func (e *Entity) ReadChecksums(filePath string) error

ReadChecksums receives a path to a file and calculates its checksums

func (*Entity) ReadSourceFile added in v0.10.0 

func (e *Entity) ReadSourceFile(path string) error

ReadSourceFile reads the source file for the package and populates 

the fields derived from it (Checksums and FileName)

func (*Entity) Render added in v0.10.0 

func (e *Entity) Render() (string, error)

Render is overridden by Package and File with their own variants

func (*Entity) SPDXID added in v0.10.0 

func (e *Entity) SPDXID() string

SPDXID returns the SPDX reference string for the object

func (*Entity) ToProvenanceSubject added in v0.12.0 

func (e *Entity) ToProvenanceSubject() *intoto.Subject

ToProvenanceSubject converts the element to an intoto subject, suitable to use inprovenance attestaions

type ExternalDocumentRef added in v0.10.0 

type ExternalDocumentRef struct {
	ID        string            `yaml:"id"`        // Identifier for the external doc (eg "external-source-bom")
	URI       string            `yaml:"uri"`       // URI where the doc can be retrieved
	Checksums map[string]string `yaml:"checksums"` // Document checksums
}

ExternalDocumentRef is a pointer to an external, related document

func (*ExternalDocumentRef) ReadSourceFile added in v0.10.0 

func (ed *ExternalDocumentRef) ReadSourceFile(path string) error

ReadSourceFile populates the external reference data (the sha256 checksum) from a given path

func (*ExternalDocumentRef) String added in v0.10.0 

func (ed *ExternalDocumentRef) String() string

String returns the SPDX string of the external document ref

type ExternalRef added in v0.12.0 

type ExternalRef struct {
	Category string // SECURITY | PACKAGE-MANAGER | PERSISTENT-ID | OTHER
	Type     string // cpe22Type | cpe23Type | maven-central | npm | nuget | bower | purl | swh | other
	Locator  string // unique string with no spaces
}

Example: cpe23Type cpe:2.3:a:base-files:base-files:10.3+deb10u9:*:*:*:*:*:*:*

type File 

type File struct {
	Entity
	LicenseInfoInFile string // GPL-3.0-or-later
}

File abstracts a file contained in a package

func NewFile 

func NewFile() (f *File)

func (*File) BuildID added in v0.10.0 

func (f *File) BuildID(seeds ...string)

BuildID sets the file ID, optionally from a series of strings

func (*File) Draw added in v0.12.0 

func (f *File) Draw(builder *strings.Builder, o *DrawingOptions, depth int, seen *map[string]struct{})

Draw renders the file data as a tree-like structure nolint:gocritic

func (*File) Render 

func (f *File) Render() (docFragment string, err error)

Render renders the document fragment of a file

func (*File) SetEntity added in v0.12.0 

func (f *File) SetEntity(e *Entity)

type GoModDefaultImpl 

type GoModDefaultImpl struct {
	// contains filtered or unexported fields
}

func (*GoModDefaultImpl) BuildPackageList 

func (di *GoModDefaultImpl) BuildPackageList(gomod *modfile.File) ([]*GoPackage, error)

BuildPackageList builds a slice of packages to assign to the module

func (*GoModDefaultImpl) DownloadPackage 

func (di *GoModDefaultImpl) DownloadPackage(pkg *GoPackage, opts *GoModuleOptions, force bool) error

DownloadPackage takes a pkg, downloads it from its src and sets 

the download dir in the LocalDir field

func (*GoModDefaultImpl) LicenseReader 

func (di *GoModDefaultImpl) LicenseReader() (*license.Reader, error)

LicenseReader returns a license reader

func (*GoModDefaultImpl) OpenModule 

func (di *GoModDefaultImpl) OpenModule(opts *GoModuleOptions) (*modfile.File, error)

OpenModule opens the go,mod file for the module and parses it

func (*GoModDefaultImpl) RemoveDownloads 

func (di *GoModDefaultImpl) RemoveDownloads(packageList []*GoPackage) error

RemoveDownloads takes a list of packages and remove its downloads

func (*GoModDefaultImpl) ScanPackageLicense 

func (di *GoModDefaultImpl) ScanPackageLicense(
	pkg *GoPackage, reader *license.Reader, opts *GoModuleOptions) error

ScanPackageLicense scans a package for licensing info

type GoModImplementation 

type GoModImplementation interface {
	OpenModule(*GoModuleOptions) (*modfile.File, error)
	BuildPackageList(*modfile.File) ([]*GoPackage, error)
	DownloadPackage(*GoPackage, *GoModuleOptions, bool) error
	RemoveDownloads([]*GoPackage) error
	LicenseReader() (*license.Reader, error)
	ScanPackageLicense(*GoPackage, *license.Reader, *GoModuleOptions) error
}

type GoModule 

type GoModule struct {
	GoMod *modfile.File

	Packages []*GoPackage // maps of package download locations
	// contains filtered or unexported fields
}

GoModule abstracts the go module data of a project

func NewGoModule 

func NewGoModule() *GoModule

func NewGoModuleFromPath 

func NewGoModuleFromPath(path string) (*GoModule, error)

NewGoModule returns a new go module from the specified path

func (*GoModule) BuildFullPackageList 

func (mod *GoModule) BuildFullPackageList(g *modfile.File) (packageList []*GoPackage, err error)

BuildFullPackageList return the complete of packages imported into the module, instead of reading go.mod, this functions calls go list and works from there

func (*GoModule) DownloadPackages 

func (mod *GoModule) DownloadPackages() error

DownloadPackages downloads all the module's packages to the local disk

func (*GoModule) Open 

func (mod *GoModule) Open() error

Initializes a go module from the specified path

func (*GoModule) Options 

func (mod *GoModule) Options() *GoModuleOptions

Options returns a pointer to the module options set

func (*GoModule) RemoveDownloads 

func (mod *GoModule) RemoveDownloads() error

RemoveDownloads cleans all downloads

func (*GoModule) ScanLicenses 

func (mod *GoModule) ScanLicenses() error

ScanLicenses scans the licenses and populats the fields

type GoModuleOptions 

type GoModuleOptions struct {
	Path           string // Path to the dir where go.mod resides
	OnlyDirectDeps bool   // Only include direct dependencies from go.mod
	ScanLicenses   bool   // Scan licenses from everypossible place unless false
}

type GoPackage 

type GoPackage struct {
	TmpDir        bool
	ImportPath    string
	Revision      string
	LocalDir      string
	LocalInstall  string
	LicenseID     string
	CopyrightText string
}

GoPackage basic pkg data we need

func (*GoPackage) ToSPDXPackage 

func (pkg *GoPackage) ToSPDXPackage() (*Package, error)

SPDXPackage builds a spdx package from the go package data

type ImageAnalyzer 

type ImageAnalyzer struct {
	Analyzers map[string]ContainerLayerAnalyzer
}

ImageAnalyzer is an object that checks images to see if we can add more 

information to a spdx package based on its content. Each analyzer is
written specifically for a layer type. The idea is to be able to enrich
common base images with more data to have the most common images covered.

func NewImageAnalyzer 

func NewImageAnalyzer() *ImageAnalyzer

func (*ImageAnalyzer) AnalyzeLayer 

func (ia *ImageAnalyzer) AnalyzeLayer(layerPath string, pkg *Package) error

AnalyzeLayer is the main method of the analyzer 

it will query each of the analyzers to see if we can
extract more image from the layer and enrich the
spdx package referenced by pkg

type Object added in v0.10.0 

type Object interface {
	SPDXID() string
	ReadSourceFile(string) error
	Render() (string, error)
	BuildID(seeds ...string)
	SetEntity(*Entity)
	AddRelationship(*Relationship)
	GetRelationships() *[]*Relationship
	ToProvenanceSubject() *intoto.Subject
	// contains filtered or unexported methods
}

Object is an interface that dictates the common methods of spdx objects. Currently this includes files and packages.

type ObjectOptions added in v0.10.0 

type ObjectOptions struct {
	WorkDir string
}

type Options 

type Options struct {
	AnalyzeLayers    bool
	NoGitignore      bool     // Do not read exclusions from gitignore file
	ProcessGoModules bool     // If true, spdx will check if dirs are go modules and analize the packages
	OnlyDirectDeps   bool     // Only include direct dependencies from go.mod
	ScanLicenses     bool     // Scan licenses from everypossible place unless false
	LicenseCacheDir  string   // Directory to cache SPDX license downloads
	LicenseData      string   // Directory to store the SPDX licenses
	IgnorePatterns   []string // Patterns to ignore when scanning file
}

type Package 

type Package struct {
	Entity
	sync.RWMutex
	FilesAnalyzed        bool     // true
	VerificationCode     string   // 6486e016b01e9ec8a76998cefd0705144d869234
	LicenseInfoFromFiles []string // GPL-3.0-or-later
	LicenseDeclared      string   // GPL-3.0-or-later
	LicenseComments      string   // record any relevant background information or analysis that went in to arriving at the Concluded License
	Version              string   // Package version
	Comment              string   // a place for the SPDX document creator to record any general comments

	// Supplier: the actual distribution source for the package/directory
	Supplier struct {
		Person       string // person name and optional (<email>)
		Organization string // organization name and optional (<email>)
	}
	// Originator: For example, the SPDX file identifies the package glibc and Red Hat as the Package Supplier,
	// but the Free Software Foundation is the Package Originator.
	Originator struct {
		Person       string // person name and optional (<email>)
		Organization string // organization name and optional (<email>)
	}

	ExternalRefs []ExternalRef // List of external references
}

Package groups a set of files

func NewPackage 

func NewPackage() (p *Package)

func (*Package) AddDependency 

func (p *Package) AddDependency(pkg *Package) error

AddDependency adds a new subpackage as a dependency

func (*Package) AddFile 

func (p *Package) AddFile(file *File) error

AddFile adds a file contained in the package

func (*Package) AddPackage 

func (p *Package) AddPackage(pkg *Package) error

AddPackage adds a new subpackage to a package

func (*Package) BuildID added in v0.10.0 

func (p *Package) BuildID(seeds ...string)

BuildID sets the file ID, optionally from a series of strings

func (*Package) CheckRelationships added in v0.10.0 

func (p *Package) CheckRelationships() error

CheckRelationships ensures al linked relationships are complete before rendering.

func (*Package) Draw added in v0.12.0 

func (p *Package) Draw(builder *strings.Builder, o *DrawingOptions, depth int, seen *map[string]struct{})

Draw renders the package data as a tree-like structure nolint:gocritic

func (*Package) Files 

func (p *Package) Files() []*File

Files returns all contained files in the package

func (*Package) Render 

func (p *Package) Render() (docFragment string, err error)

Render renders the document fragment of the package

func (*Package) SetEntity added in v0.12.0 

func (p *Package) SetEntity(e *Entity)

type ProvenanceOptions added in v0.12.0 

type ProvenanceOptions struct {
	Relationships map[string][]RelationshipType
}

type Relationship added in v0.10.0 

type Relationship struct {
	FullRender       bool             // Flag, then true the package will be rendered in the doc
	PeerReference    string           // SPDX Ref of the peer object. Will override the ID of provided package if set
	PeerExtReference string           // External doc reference if peer is a different doc
	Comment          string           // Relationship ship commnet
	Type             RelationshipType // Relationship of the specified package
	Peer             Object           // SPDX object that acts as peer
}

func (*Relationship) Render added in v0.10.0 

func (ro *Relationship) Render(hostObject Object) (string, error)

type RelationshipType added in v0.10.0 

type RelationshipType string
const (
	DESCRIBES              RelationshipType = "DESCRIBES"
	DESCRIBED_BY           RelationshipType = "DESCRIBED_BY"
	CONTAINS               RelationshipType = "CONTAINS"
	CONTAINED_BY           RelationshipType = "CONTAINED_BY"
	DEPENDS_ON             RelationshipType = "DEPENDS_ON"
	DEPENDENCY_OF          RelationshipType = "DEPENDENCY_OF"
	DEPENDENCY_MANIFEST_OF RelationshipType = "DEPENDENCY_MANIFEST_OF"
	BUILD_DEPENDENCY_OF    RelationshipType = "BUILD_DEPENDENCY_OF"
	DEV_DEPENDENCY_OF      RelationshipType = "DEV_DEPENDENCY_OF"
	OPTIONAL_DEPENDENCY_OF RelationshipType = "OPTIONAL_DEPENDENCY_OF"
	PROVIDED_DEPENDENCY_OF RelationshipType = "PROVIDED_DEPENDENCY_OF"
	TEST_DEPENDENCY_OF     RelationshipType = "TEST_DEPENDENCY_OF"
	RUNTIME_DEPENDENCY_OF  RelationshipType = "RUNTIME_DEPENDENCY_OF"
	EXAMPLE_OF             RelationshipType = "EXAMPLE_OF"
	GENERATES              RelationshipType = "GENERATES"
	GENERATED_FROM         RelationshipType = "GENERATED_FROM"
	ANCESTOR_OF            RelationshipType = "ANCESTOR_OF"
	DESCENDANT_OF          RelationshipType = "DESCENDANT_OF"
	VARIANT_OF             RelationshipType = "VARIANT_OF"
	DISTRIBUTION_ARTIFACT  RelationshipType = "DISTRIBUTION_ARTIFACT"
	PATCH_FOR              RelationshipType = "PATCH_FOR"
	PATCH_APPLIED          RelationshipType = "PATCH_APPLIED"
	COPY_OF                RelationshipType = "COPY_OF"
	FILE_ADDED             RelationshipType = "FILE_ADDED"
	FILE_DELETED           RelationshipType = "FILE_DELETED"
	FILE_MODIFIED          RelationshipType = "FILE_MODIFIED"
	EXPANDED_FROM_ARCHIVE  RelationshipType = "EXPANDED_FROM_ARCHIVE"
	DYNAMIC_LINK           RelationshipType = "DYNAMIC_LINK"
	STATIC_LINK            RelationshipType = "STATIC_LINK"
	DATA_FILE_OF           RelationshipType = "DATA_FILE_OF"
	TEST_CASE_OF           RelationshipType = "TEST_CASE_OF"
	BUILD_TOOL_OF          RelationshipType = "BUILD_TOOL_OF"
	DEV_TOOL_OF            RelationshipType = "DEV_TOOL_OF"
	TEST_OF                RelationshipType = "TEST_OF"
	TEST_TOOL_OF           RelationshipType = "TEST_TOOL_OF"
	DOCUMENTATION_OF       RelationshipType = "DOCUMENTATION_OF"
	OPTIONAL_COMPONENT_OF  RelationshipType = "OPTIONAL_COMPONENT_OF"
	METAFILE_OF            RelationshipType = "METAFILE_OF"
	PACKAGE_OF             RelationshipType = "PACKAGE_OF"
	AMENDS                 RelationshipType = "AMENDS"
	PREREQUISITE_FOR       RelationshipType = "PREREQUISITE_FOR"
	HAS_PREREQUISITE       RelationshipType = "HAS_PREREQUISITE"
	OTHER                  RelationshipType = "OTHER"
)

type SPDX 

type SPDX struct {
	// contains filtered or unexported fields
}

func NewSPDX 

func NewSPDX() *SPDX

func (*SPDX) AnalyzeImageLayer 

func (spdx *SPDX) AnalyzeImageLayer(layerPath string, pkg *Package) error

AnalyzeLayer uses the collection of image analyzers to see if 

it matches a known image from which a spdx package can be
enriched with more information

func (*SPDX) ExtractTarballTmp 

func (spdx *SPDX) ExtractTarballTmp(tarPath string) (tmpDir string, err error)

ExtractTarballTmp extracts a tarball to a temp file

func (*SPDX) FileFromPath 

func (spdx *SPDX) FileFromPath(filePath string) (*File, error)

FileFromPath creates a File object from a path

func (*SPDX) ImageRefToPackage added in v0.10.0 

func (spdx *SPDX) ImageRefToPackage(reference string) (pkg *Package, err error)

ImageRefToPackage gets an image reference (tag or digest) and returns a spdx package describing it. It can take two forms:

  • When the reference is a digest (or single image), a single package describing the layers is returned
  • When the reference is an image index, the returned package is a package referencing each of the images, each in its own packages. All subpackages are returned with a relationship of VARIANT_OF

func (*SPDX) Options 

func (spdx *SPDX) Options() *Options

func (*SPDX) PackageFromDirectory 

func (spdx *SPDX) PackageFromDirectory(dirPath string) (pkg *Package, err error)

PackageFromDirectory indexes all files in a directory and builds a SPDX package describing its contents

func (*SPDX) PackageFromImageTarball 

func (spdx *SPDX) PackageFromImageTarball(tarPath string) (imagePackage *Package, err error)

PackageFromImageTarball returns a SPDX package from a tarball

func (*SPDX) PullImagesToArchive 

func (spdx *SPDX) PullImagesToArchive(reference, path string) ([]struct {
	Reference string
	Archive   string
	Arch      string
	OS        string
}, error)

PullImagesToArchive

func (*SPDX) SetImplementation 

func (spdx *SPDX) SetImplementation(impl spdxImplementation)

type TarballOptions 

type TarballOptions struct {
	ExtractDir string // Directory where the docker tar archive will be extracted
}

ImageOptions set of options for processing tar files

type YamlBOMConfiguration added in v0.10.0 

type YamlBOMConfiguration struct {
	Namespace string `yaml:"namespace"`
	License   string `yaml:"license"` // Document wide license
	Name      string `yaml:"name"`
	Creator   struct {
		Person string `yaml:"person"`
		Tool   string `yaml:"tool"`
	} `yaml:"creator"`
	ExternalDocRefs []ExternalDocumentRef `yaml:"external-docs"`
	Artifacts       []*YamlBuildArtifact  `yaml:"artifacts"`
}

type YamlBuildArtifact added in v0.10.0 

type YamlBuildArtifact struct {
	Type      string `yaml:"type"` //  directory
	Source    string `yaml:"source"`
	License   string `yaml:"license"`   // SPDX license ID Apache-2.0
	GoModules *bool  `yaml:"gomodules"` // Shoud we scan go modules
}

Source Files

View all Source files

Directories

Path Synopsis
Code generated by counterfeiter.
 Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.