wip

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

syft/format/syftjson/model/document.go

@@ -2,13 +2,13 @@ package model
 
 // Document represents the syft cataloging findings as a JSON document
 type Document struct {
-	Artifacts             []Package      `json:"artifacts"` // Artifacts is the list of packages discovered and placed into the catalog
+	Schema        Schema         `json:"schema"`          // Schema is a block reserved for defining the version for the shape of this JSON document and where to find the schema document to validate the shape
-	ArtifactRelationships []Relationship `json:"artifactRelationships"`
+	Descriptor    Descriptor     `json:"descriptor"`      // Descriptor is a block containing self-describing information about syft
-	Files                 []File         `json:"files,omitempty"` // note: must have omitempty
 	Source        Source         `json:"source"`          // Source represents the original object that was cataloged
 	Distro        LinuxRelease   `json:"distro"`          // Distro represents the Linux distribution that was detected from the source
-	Descriptor            Descriptor     `json:"descriptor"`      // Descriptor is a block containing self-describing information about syft
+	Packages      []Package      `json:"packages"`        // Packages is the list of packages discovered
-	Schema                Schema         `json:"schema"`          // Schema is a block reserved for defining the version for the shape of this JSON document and where to find the schema document to validate the shape
+	Relationships []Relationship `json:"relationships"`   // Relationships is a list of package-to-package, package-to-file, and file-to-package relationships
+	Files         []File         `json:"files,omitempty"` // Files is a list of all files at their real path and any associated metadata about that file
 }
 
 // Descriptor describes what created the document as well as surrounding metadata

syft/format/syftjson/to_format_model.go

@@ -35,8 +35,8 @@ func metadataType(metadata interface{}, legacy bool) string {
 // ToFormatModel transforms the sbom import a format-specific model.
 func ToFormatModel(s sbom.SBOM, cfg EncoderConfig) model.Document {
 	return model.Document{
-		Artifacts:             toPackageModels(s.Artifacts.Packages, cfg),
+		Packages:      toPackageModels(s.Artifacts.Packages, cfg),
-		ArtifactRelationships: toRelationshipModel(s.Relationships),
+		Relationships: toRelationshipModel(s.Relationships),
 		Files:         toFile(s),
 		Source:        toSourceModel(s.Source),
 		Distro:        toLinuxReleaser(s.Artifacts.LinuxDistribution),

syft/format/syftjson/to_syft_model.go

@@ -24,7 +24,7 @@ import (
 func toSyftModel(doc model.Document) *sbom.SBOM {
 	idAliases := make(map[string]string)
 
-	catalog := toSyftCatalog(doc.Artifacts, idAliases)
+	catalog := toSyftCatalog(doc.Packages, idAliases)
 
 	fileArtifacts := toSyftFiles(doc.Files)
 
@@ -39,7 +39,7 @@ func toSyftModel(doc model.Document) *sbom.SBOM {
 		},
 		Source:        *toSyftSourceData(doc.Source),
 		Descriptor:    toSyftDescriptor(doc.Descriptor),
-		Relationships: warnConversionErrors(toSyftRelationships(&doc, catalog, doc.ArtifactRelationships, idAliases)),
+		Relationships: warnConversionErrors(toSyftRelationships(&doc, catalog, doc.Relationships, idAliases)),
 	}
 }
 

syft/format/syftjson/to_syft_model_test.go

@@ -177,7 +177,7 @@ func Test_idsHaveChanged(t *testing.T) {
 			Type:     "file",
 			Metadata: source.FileSourceMetadata{Path: "some/path"},
 		},
-		Artifacts: []model.Package{
+		Packages: []model.Package{
 			{
 				PackageBasicData: model.PackageBasicData{
 					ID:   "1",
@@ -191,7 +191,7 @@ func Test_idsHaveChanged(t *testing.T) {
 				},
 			},
 		},
-		ArtifactRelationships: []model.Relationship{
+		Relationships: []model.Relationship{
 			{
 				Parent: "1",
 				Child:  "2",

test/integration/java_purl_test.go

@@ -34,7 +34,7 @@ func TestJavaPURLs(t *testing.T) {
 // syft anchore/test_images:java-56d52bc -o template -t /tmp/test.templ | grep 'pkg:maven' | sort | uniq >> test/integration/java_purl_test.go
 // where the template is:
 /*
-{{ range .Artifacts}}"{{.Name}}@{{.Version}}":"{{.PURL}}",
+{{ range .Packages}}"{{.Name}}@{{.Version}}":"{{.PURL}}",
 {{ end }}
 */
 // The map was then hand-edited for correctness by comparing to Maven Central.

test/integration/package_ownership_relationship_test.go

@@ -37,7 +37,7 @@ func TestPackageOwnershipRelationships(t *testing.T) {
 				t.Fatalf("unable to decode json doc: %+v", err)
 			}
 
-			if len(doc.ArtifactRelationships) == 0 {
+			if len(doc.Relationships) == 0 {
 				t.Errorf("expected to find relationships between packages but found none")
 			}