From 0c7706f254992fb0a09de26f1aae7b628edcf132 Mon Sep 17 00:00:00 2001 From: Alex Goodman Date: Mon, 12 Apr 2021 16:41:37 -0400 Subject: [PATCH 1/2] add extra RPM file record fields (user, group, flags) Signed-off-by: Alex Goodman --- go.mod | 2 +- go.sum | 6 +- schema/json/schema-1.1.0.json | 959 ------------------- syft/pkg/cataloger/rpmdb/parse_rpmdb.go | 16 +- syft/pkg/cataloger/rpmdb/parse_rpmdb_test.go | 14 +- syft/pkg/rpmdb_metadata.go | 13 +- 6 files changed, 34 insertions(+), 976 deletions(-) delete mode 100644 schema/json/schema-1.1.0.json diff --git a/go.mod b/go.mod index 089a1cf00..c66b90c8d 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/adrg/xdg v0.2.1 github.com/alecthomas/jsonschema v0.0.0-20210301060011-54c507b6f074 github.com/anchore/client-go v0.0.0-20210222170800-9c70f9b80bcf - github.com/anchore/go-rpmdb v0.0.0-20201106153645-0043963c2e12 + github.com/anchore/go-rpmdb v0.0.0-20210415132930-2460011e83c6 github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04 github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b github.com/anchore/stereoscope v0.0.0-20210413221244-d577f30b19e6 diff --git a/go.sum b/go.sum index 26028cb2d..df078dcb3 100644 --- a/go.sum +++ b/go.sum @@ -109,14 +109,12 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/anchore/client-go v0.0.0-20210222170800-9c70f9b80bcf h1:DYssiUV1pBmKqzKsm4mqXx8artqC0Q8HgZsVI3lMsAg= github.com/anchore/client-go v0.0.0-20210222170800-9c70f9b80bcf/go.mod h1:FaODhIA06mxO1E6R32JE0TL1JWZZkmjRIAd4ULvHUKk= -github.com/anchore/go-rpmdb v0.0.0-20201106153645-0043963c2e12 h1:xbeIbn5F52JVx3RUIajxCj8b0y+9lywspql4sFhcxWQ= -github.com/anchore/go-rpmdb v0.0.0-20201106153645-0043963c2e12/go.mod h1:juoyWXIj7sJ1IDl4E/KIfyLtovbs5XQVSIdaQifFQT8= +github.com/anchore/go-rpmdb v0.0.0-20210415132930-2460011e83c6 h1:wEN3HXc3VuC4wo7Cz27YCpeQ4gaB5ASKwMwM5GdFsew= +github.com/anchore/go-rpmdb v0.0.0-20210415132930-2460011e83c6/go.mod h1:8jNYOxCJC5kyD/Ct4MbzsDN2hOhRoCAzQcb/7KdYYGw= github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04 h1:VzprUTpc0vW0nnNKJfJieyH/TZ9UYAnTZs5/gHTdAe8= github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04/go.mod h1:6dK64g27Qi1qGQZ67gFmBFvEHScy0/C8qhQhNe5B5pQ= github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b h1:e1bmaoJfZVsCYMrIZBpFxwV26CbsuoEh5muXD5I1Ods= github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E= -github.com/anchore/stereoscope v0.0.0-20210412194439-0b9e0281ef0c h1:iAkv8iBnbHQzcROt55IbEh7r7qUJxj64E8bM4EnaBlA= -github.com/anchore/stereoscope v0.0.0-20210412194439-0b9e0281ef0c/go.mod h1:vhh1M99rfWx5ejMvz1lkQiFZUrC5wu32V12R4JXH+ZI= github.com/anchore/stereoscope v0.0.0-20210413221244-d577f30b19e6 h1:g9ZS2V/T0wxseccI4t1hQTqWBek5DVOQZOzzdWBjwnU= github.com/anchore/stereoscope v0.0.0-20210413221244-d577f30b19e6/go.mod h1:vhh1M99rfWx5ejMvz1lkQiFZUrC5wu32V12R4JXH+ZI= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= diff --git a/schema/json/schema-1.1.0.json b/schema/json/schema-1.1.0.json deleted file mode 100644 index 687a81c19..000000000 --- a/schema/json/schema-1.1.0.json +++ /dev/null @@ -1,959 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/Document", - "definitions": { - "ApkFileRecord": { - "required": [ - "path" - ], - "properties": { - "path": { - "type": "string" - }, - "ownerUid": { - "type": "string" - }, - "ownerGid": { - "type": "string" - }, - "permissions": { - "type": "string" - }, - "checksum": { - "type": "string" - } - }, - "additionalProperties": true, - "type": "object" - }, - "ApkMetadata": { - "required": [ - "package", - "originPackage", - "maintainer", - "version", - "license", - "architecture", - "url", - "description", - "size", - "installedSize", - "pullDependencies", - "pullChecksum", - "gitCommitOfApkPort", - "files" - ], - "properties": { - "package": { - "type": "string" - }, - "originPackage": { - "type": "string" - }, - "maintainer": { - "type": "string" - }, - "version": { - "type": "string" - }, - "license": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "url": { - "type": "string" - }, - "description": { - "type": "string" - }, - "size": { - "type": "integer" - }, - "installedSize": { - "type": "integer" - }, - "pullDependencies": { - "type": "string" - }, - "pullChecksum": { - "type": "string" - }, - "gitCommitOfApkPort": { - "type": "string" - }, - "files": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/ApkFileRecord" - }, - "type": "array" - } - }, - "additionalProperties": true, - "type": "object" - }, - "CargoPackageMetadata": { - "required": [ - "name", - "version", - "source", - "checksum", - "dependencies" - ], - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "source": { - "type": "string" - }, - "checksum": { - "type": "string" - }, - "dependencies": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "additionalProperties": true, - "type": "object" - }, - "Classification": { - "required": [ - "class", - "metadata" - ], - "properties": { - "class": { - "type": "string" - }, - "metadata": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - } - }, - "additionalProperties": true, - "type": "object" - }, - "Descriptor": { - "required": [ - "name", - "version" - ], - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "configuration": { - "additionalProperties": true - } - }, - "additionalProperties": true, - "type": "object" - }, - "Digest": { - "required": [ - "algorithm", - "value" - ], - "properties": { - "algorithm": { - "type": "string" - }, - "value": { - "type": "string" - } - }, - "additionalProperties": true, - "type": "object" - }, - "Distribution": { - "required": [ - "name", - "version", - "idLike" - ], - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "idLike": { - "type": "string" - } - }, - "additionalProperties": true, - "type": "object" - }, - "Document": { - "required": [ - "artifacts", - "artifactRelationships", - "source", - "distro", - "descriptor", - "schema" - ], - "properties": { - "fileClassifications": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/FileClassifications" - }, - "type": "array" - }, - "fileContents": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/FileContents" - }, - "type": "array" - }, - "fileMetadata": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/FileMetadata" - }, - "type": "array" - }, - "secrets": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/Secrets" - }, - "type": "array" - }, - "artifacts": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/Package" - }, - "type": "array" - }, - "artifactRelationships": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/Relationship" - }, - "type": "array" - }, - "source": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/Source" - }, - "distro": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/Distribution" - }, - "descriptor": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/Descriptor" - }, - "schema": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/Schema" - } - }, - "additionalProperties": true, - "type": "object" - }, - "DpkgFileRecord": { - "required": [ - "path", - "isConfigFile" - ], - "properties": { - "path": { - "type": "string" - }, - "digest": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/Digest" - }, - "isConfigFile": { - "type": "boolean" - } - }, - "additionalProperties": true, - "type": "object" - }, - "DpkgMetadata": { - "required": [ - "package", - "source", - "version", - "sourceVersion", - "architecture", - "maintainer", - "installedSize", - "files" - ], - "properties": { - "package": { - "type": "string" - }, - "source": { - "type": "string" - }, - "version": { - "type": "string" - }, - "sourceVersion": { - "type": "string" - }, - "architecture": { - "type": "string" - }, - "maintainer": { - "type": "string" - }, - "installedSize": { - "type": "integer" - }, - "files": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/DpkgFileRecord" - }, - "type": "array" - } - }, - "additionalProperties": true, - "type": "object" - }, - "FileClassifications": { - "required": [ - "location", - "classification" - ], - "properties": { - "location": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/Location" - }, - "classification": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/Classification" - } - }, - "additionalProperties": true, - "type": "object" - }, - "FileContents": { - "required": [ - "location", - "contents" - ], - "properties": { - "location": { - "$ref": "#/definitions/Location" - }, - "contents": { - "type": "string" - } - }, - "additionalProperties": true, - "type": "object" - }, - "FileMetadata": { - "required": [ - "location", - "metadata" - ], - "properties": { - "location": { - "$ref": "#/definitions/Location" - }, - "metadata": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/FileMetadataEntry" - } - }, - "additionalProperties": true, - "type": "object" - }, - "FileMetadataEntry": { - "required": [ - "mode", - "type", - "userID", - "groupID" - ], - "properties": { - "mode": { - "type": "integer" - }, - "type": { - "type": "string" - }, - "linkDestination": { - "type": "string" - }, - "userID": { - "type": "integer" - }, - "groupID": { - "type": "integer" - }, - "digests": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/Digest" - }, - "type": "array" - } - }, - "additionalProperties": true, - "type": "object" - }, - "GemMetadata": { - "required": [ - "name", - "version" - ], - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "files": { - "items": { - "type": "string" - }, - "type": "array" - }, - "authors": { - "items": { - "type": "string" - }, - "type": "array" - }, - "licenses": { - "items": { - "type": "string" - }, - "type": "array" - }, - "homepage": { - "type": "string" - } - }, - "additionalProperties": true, - "type": "object" - }, - "JavaManifest": { - "properties": { - "main": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - }, - "namedSections": { - "patternProperties": { - ".*": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "additionalProperties": true, - "type": "object" - }, - "JavaMetadata": { - "required": [ - "virtualPath" - ], - "properties": { - "virtualPath": { - "type": "string" - }, - "manifest": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/JavaManifest" - }, - "pomProperties": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/PomProperties" - } - }, - "additionalProperties": true, - "type": "object" - }, - "Location": { - "required": [ - "path" - ], - "properties": { - "path": { - "type": "string" - }, - "layerID": { - "type": "string" - } - }, - "additionalProperties": true, - "type": "object" - }, - "NpmPackageJSONMetadata": { - "required": [ - "author", - "licenses", - "homepage", - "description", - "url" - ], - "properties": { - "files": { - "items": { - "type": "string" - }, - "type": "array" - }, - "author": { - "type": "string" - }, - "licenses": { - "items": { - "type": "string" - }, - "type": "array" - }, - "homepage": { - "type": "string" - }, - "description": { - "type": "string" - }, - "url": { - "type": "string" - } - }, - "additionalProperties": true, - "type": "object" - }, - "Package": { - "required": [ - "id", - "name", - "version", - "type", - "foundBy", - "locations", - "licenses", - "language", - "cpes", - "purl", - "metadataType", - "metadata" - ], - "properties": { - "id": { - "type": "string" - }, - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "type": { - "type": "string" - }, - "foundBy": { - "type": "string" - }, - "locations": { - "items": { - "$ref": "#/definitions/Location" - }, - "type": "array" - }, - "licenses": { - "items": { - "type": "string" - }, - "type": "array" - }, - "language": { - "type": "string" - }, - "cpes": { - "items": { - "type": "string" - }, - "type": "array" - }, - "purl": { - "type": "string" - }, - "metadataType": { - "type": "string" - }, - "metadata": { - "anyOf": [ - { - "type": "null" - }, - { - "$ref": "#/definitions/ApkMetadata" - }, - { - "$ref": "#/definitions/CargoPackageMetadata" - }, - { - "$ref": "#/definitions/DpkgMetadata" - }, - { - "$ref": "#/definitions/GemMetadata" - }, - { - "$ref": "#/definitions/JavaMetadata" - }, - { - "$ref": "#/definitions/NpmPackageJSONMetadata" - }, - { - "$ref": "#/definitions/PythonPackageMetadata" - }, - { - "$ref": "#/definitions/RpmdbMetadata" - } - ] - } - }, - "additionalProperties": true, - "type": "object" - }, - "PomProperties": { - "required": [ - "path", - "name", - "groupId", - "artifactId", - "version", - "extraFields" - ], - "properties": { - "path": { - "type": "string" - }, - "name": { - "type": "string" - }, - "groupId": { - "type": "string" - }, - "artifactId": { - "type": "string" - }, - "version": { - "type": "string" - }, - "extraFields": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object" - } - }, - "additionalProperties": true, - "type": "object" - }, - "PythonFileDigest": { - "required": [ - "algorithm", - "value" - ], - "properties": { - "algorithm": { - "type": "string" - }, - "value": { - "type": "string" - } - }, - "additionalProperties": true, - "type": "object" - }, - "PythonFileRecord": { - "required": [ - "path" - ], - "properties": { - "path": { - "type": "string" - }, - "digest": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/PythonFileDigest" - }, - "size": { - "type": "string" - } - }, - "additionalProperties": true, - "type": "object" - }, - "PythonPackageMetadata": { - "required": [ - "name", - "version", - "license", - "author", - "authorEmail", - "platform", - "sitePackagesRootPath" - ], - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "license": { - "type": "string" - }, - "author": { - "type": "string" - }, - "authorEmail": { - "type": "string" - }, - "platform": { - "type": "string" - }, - "files": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/PythonFileRecord" - }, - "type": "array" - }, - "sitePackagesRootPath": { - "type": "string" - }, - "topLevelPackages": { - "items": { - "type": "string" - }, - "type": "array" - } - }, - "additionalProperties": true, - "type": "object" - }, - "Relationship": { - "required": [ - "parent", - "child", - "type", - "metadata" - ], - "properties": { - "parent": { - "type": "string" - }, - "child": { - "type": "string" - }, - "type": { - "type": "string" - }, - "metadata": { - "additionalProperties": true - } - }, - "additionalProperties": true, - "type": "object" - }, - "RpmdbFileRecord": { - "required": [ - "path", - "mode", - "size", - "sha256" - ], - "properties": { - "path": { - "type": "string" - }, - "mode": { - "type": "integer" - }, - "size": { - "type": "integer" - }, - "sha256": { - "type": "string" - } - }, - "additionalProperties": true, - "type": "object" - }, - "RpmdbMetadata": { - "required": [ - "name", - "version", - "epoch", - "architecture", - "release", - "sourceRpm", - "size", - "license", - "vendor", - "files" - ], - "properties": { - "name": { - "type": "string" - }, - "version": { - "type": "string" - }, - "epoch": { - "type": "integer" - }, - "architecture": { - "type": "string" - }, - "release": { - "type": "string" - }, - "sourceRpm": { - "type": "string" - }, - "size": { - "type": "integer" - }, - "license": { - "type": "string" - }, - "vendor": { - "type": "string" - }, - "files": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/RpmdbFileRecord" - }, - "type": "array" - } - }, - "additionalProperties": true, - "type": "object" - }, - "Schema": { - "required": [ - "version", - "url" - ], - "properties": { - "version": { - "type": "string" - }, - "url": { - "type": "string" - } - }, - "additionalProperties": true, - "type": "object" - }, - "SearchResult": { - "required": [ - "classification", - "lineNumber", - "lineOffset", - "seekPosition", - "length" - ], - "properties": { - "classification": { - "type": "string" - }, - "lineNumber": { - "type": "integer" - }, - "lineOffset": { - "type": "integer" - }, - "seekPosition": { - "type": "integer" - }, - "length": { - "type": "integer" - }, - "value": { - "type": "string" - } - }, - "additionalProperties": true, - "type": "object" - }, - "Secrets": { - "required": [ - "location", - "secrets" - ], - "properties": { - "location": { - "$ref": "#/definitions/Location" - }, - "secrets": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/SearchResult" - }, - "type": "array" - } - }, - "additionalProperties": true, - "type": "object" - }, - "Source": { - "required": [ - "type", - "target" - ], - "properties": { - "type": { - "type": "string" - }, - "target": { - "additionalProperties": true - } - }, - "additionalProperties": true, - "type": "object" - } - } -} diff --git a/syft/pkg/cataloger/rpmdb/parse_rpmdb.go b/syft/pkg/cataloger/rpmdb/parse_rpmdb.go index 103de4f5f..b99f29509 100644 --- a/syft/pkg/cataloger/rpmdb/parse_rpmdb.go +++ b/syft/pkg/cataloger/rpmdb/parse_rpmdb.go @@ -6,6 +6,8 @@ import ( "io/ioutil" "os" + "github.com/anchore/syft/syft/file" + rpmdb "github.com/anchore/go-rpmdb/pkg" "github.com/anchore/syft/internal" "github.com/anchore/syft/internal/log" @@ -79,10 +81,16 @@ func extractRpmdbFileRecords(resolver source.FilePathResolver, entry *rpmdb.Pack //only persist RPMDB file records which exist in the image/directory, otherwise ignore them if resolver.HasPath(record.Path) { records = append(records, pkg.RpmdbFileRecord{ - Path: record.Path, - Mode: pkg.RpmdbFileMode(record.Mode), - Size: int(record.Size), - SHA256: record.SHA256, + Path: record.Path, + Mode: pkg.RpmdbFileMode(record.Mode), + Size: int(record.Size), + Digest: file.Digest{ + Value: record.Digest, + Algorithm: entry.DigestAlgorithm.String(), + }, + UserName: record.Username, + GroupName: record.Groupname, + Flags: record.Flags.String(), }) } } diff --git a/syft/pkg/cataloger/rpmdb/parse_rpmdb_test.go b/syft/pkg/cataloger/rpmdb/parse_rpmdb_test.go index d615ac2cd..c0a732b1a 100644 --- a/syft/pkg/cataloger/rpmdb/parse_rpmdb_test.go +++ b/syft/pkg/cataloger/rpmdb/parse_rpmdb_test.go @@ -5,6 +5,8 @@ import ( "os" "testing" + "github.com/anchore/syft/syft/file" + "github.com/anchore/syft/syft/source" "github.com/anchore/syft/syft/pkg" @@ -105,10 +107,14 @@ func TestParseRpmDB(t *testing.T) { Vendor: "", Files: []pkg.RpmdbFileRecord{ { - Path: "/usr/local/bin/dive", - Mode: 33261, - Size: 12406784, - SHA256: "81d29f327ba23096b3c52ff6fe1c425641e618bc87b5c05ee377edc650afaa55", + Path: "/usr/local/bin/dive", + Mode: 33261, + Size: 12406784, + Digest: file.Digest{ + Algorithm: "sha256", + Value: "81d29f327ba23096b3c52ff6fe1c425641e618bc87b5c05ee377edc650afaa55", + }, + // note: there is no username, groupname, or flags for this RPM }, }, }, diff --git a/syft/pkg/rpmdb_metadata.go b/syft/pkg/rpmdb_metadata.go index 24cef2fc2..7b1d40dda 100644 --- a/syft/pkg/rpmdb_metadata.go +++ b/syft/pkg/rpmdb_metadata.go @@ -4,6 +4,8 @@ import ( "fmt" "sort" + "github.com/anchore/syft/syft/file" + "github.com/scylladb/go-set/strset" "github.com/anchore/syft/syft/distro" @@ -30,10 +32,13 @@ type RpmdbMetadata struct { // RpmdbFileRecord represents the file metadata for a single file attributed to a RPM package. type RpmdbFileRecord struct { - Path string `json:"path"` - Mode RpmdbFileMode `json:"mode"` - Size int `json:"size"` - SHA256 string `json:"sha256"` + Path string `json:"path"` + Mode RpmdbFileMode `json:"mode"` + Size int `json:"size"` + Digest file.Digest `json:"digest"` + UserName string `json:"userName"` + GroupName string `json:"groupName"` + Flags string `json:"flags"` } // RpmdbFileMode is the raw file mode for a single file. This can be interpreted as the linux stat.h mode (see https://pubs.opengroup.org/onlinepubs/007908799/xsh/sysstat.h.html) From 6edbae08e5b473766b444c8fc6a8b34307baae50 Mon Sep 17 00:00:00 2001 From: Alex Goodman Date: Thu, 15 Apr 2021 09:54:32 -0400 Subject: [PATCH 2/2] update json schema with extra rpm fields Signed-off-by: Alex Goodman --- schema/json/schema-1.1.0.json | 971 ++++++++++++++++++++++++++++++++++ 1 file changed, 971 insertions(+) create mode 100644 schema/json/schema-1.1.0.json diff --git a/schema/json/schema-1.1.0.json b/schema/json/schema-1.1.0.json new file mode 100644 index 000000000..0ae40af0e --- /dev/null +++ b/schema/json/schema-1.1.0.json @@ -0,0 +1,971 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Document", + "definitions": { + "ApkFileRecord": { + "required": [ + "path" + ], + "properties": { + "path": { + "type": "string" + }, + "ownerUid": { + "type": "string" + }, + "ownerGid": { + "type": "string" + }, + "permissions": { + "type": "string" + }, + "checksum": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object" + }, + "ApkMetadata": { + "required": [ + "package", + "originPackage", + "maintainer", + "version", + "license", + "architecture", + "url", + "description", + "size", + "installedSize", + "pullDependencies", + "pullChecksum", + "gitCommitOfApkPort", + "files" + ], + "properties": { + "package": { + "type": "string" + }, + "originPackage": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "version": { + "type": "string" + }, + "license": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "url": { + "type": "string" + }, + "description": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "installedSize": { + "type": "integer" + }, + "pullDependencies": { + "type": "string" + }, + "pullChecksum": { + "type": "string" + }, + "gitCommitOfApkPort": { + "type": "string" + }, + "files": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ApkFileRecord" + }, + "type": "array" + } + }, + "additionalProperties": true, + "type": "object" + }, + "CargoPackageMetadata": { + "required": [ + "name", + "version", + "source", + "checksum", + "dependencies" + ], + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "source": { + "type": "string" + }, + "checksum": { + "type": "string" + }, + "dependencies": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "additionalProperties": true, + "type": "object" + }, + "Classification": { + "required": [ + "class", + "metadata" + ], + "properties": { + "class": { + "type": "string" + }, + "metadata": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "additionalProperties": true, + "type": "object" + }, + "Descriptor": { + "required": [ + "name", + "version" + ], + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "configuration": { + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object" + }, + "Digest": { + "required": [ + "algorithm", + "value" + ], + "properties": { + "algorithm": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object" + }, + "Distribution": { + "required": [ + "name", + "version", + "idLike" + ], + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "idLike": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object" + }, + "Document": { + "required": [ + "artifacts", + "artifactRelationships", + "source", + "distro", + "descriptor", + "schema" + ], + "properties": { + "fileClassifications": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/FileClassifications" + }, + "type": "array" + }, + "fileContents": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/FileContents" + }, + "type": "array" + }, + "fileMetadata": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/FileMetadata" + }, + "type": "array" + }, + "secrets": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Secrets" + }, + "type": "array" + }, + "artifacts": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Package" + }, + "type": "array" + }, + "artifactRelationships": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Relationship" + }, + "type": "array" + }, + "source": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Source" + }, + "distro": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Distribution" + }, + "descriptor": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Descriptor" + }, + "schema": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Schema" + } + }, + "additionalProperties": true, + "type": "object" + }, + "DpkgFileRecord": { + "required": [ + "path", + "isConfigFile" + ], + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Digest" + }, + "isConfigFile": { + "type": "boolean" + } + }, + "additionalProperties": true, + "type": "object" + }, + "DpkgMetadata": { + "required": [ + "package", + "source", + "version", + "sourceVersion", + "architecture", + "maintainer", + "installedSize", + "files" + ], + "properties": { + "package": { + "type": "string" + }, + "source": { + "type": "string" + }, + "version": { + "type": "string" + }, + "sourceVersion": { + "type": "string" + }, + "architecture": { + "type": "string" + }, + "maintainer": { + "type": "string" + }, + "installedSize": { + "type": "integer" + }, + "files": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/DpkgFileRecord" + }, + "type": "array" + } + }, + "additionalProperties": true, + "type": "object" + }, + "FileClassifications": { + "required": [ + "location", + "classification" + ], + "properties": { + "location": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Location" + }, + "classification": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Classification" + } + }, + "additionalProperties": true, + "type": "object" + }, + "FileContents": { + "required": [ + "location", + "contents" + ], + "properties": { + "location": { + "$ref": "#/definitions/Location" + }, + "contents": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object" + }, + "FileMetadata": { + "required": [ + "location", + "metadata" + ], + "properties": { + "location": { + "$ref": "#/definitions/Location" + }, + "metadata": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/FileMetadataEntry" + } + }, + "additionalProperties": true, + "type": "object" + }, + "FileMetadataEntry": { + "required": [ + "mode", + "type", + "userID", + "groupID" + ], + "properties": { + "mode": { + "type": "integer" + }, + "type": { + "type": "string" + }, + "linkDestination": { + "type": "string" + }, + "userID": { + "type": "integer" + }, + "groupID": { + "type": "integer" + }, + "digests": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/Digest" + }, + "type": "array" + } + }, + "additionalProperties": true, + "type": "object" + }, + "GemMetadata": { + "required": [ + "name", + "version" + ], + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "files": { + "items": { + "type": "string" + }, + "type": "array" + }, + "authors": { + "items": { + "type": "string" + }, + "type": "array" + }, + "licenses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "homepage": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object" + }, + "JavaManifest": { + "properties": { + "main": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + }, + "namedSections": { + "patternProperties": { + ".*": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + } + }, + "additionalProperties": true, + "type": "object" + }, + "JavaMetadata": { + "required": [ + "virtualPath" + ], + "properties": { + "virtualPath": { + "type": "string" + }, + "manifest": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/JavaManifest" + }, + "pomProperties": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/PomProperties" + } + }, + "additionalProperties": true, + "type": "object" + }, + "Location": { + "required": [ + "path" + ], + "properties": { + "path": { + "type": "string" + }, + "layerID": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object" + }, + "NpmPackageJSONMetadata": { + "required": [ + "author", + "licenses", + "homepage", + "description", + "url" + ], + "properties": { + "files": { + "items": { + "type": "string" + }, + "type": "array" + }, + "author": { + "type": "string" + }, + "licenses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "homepage": { + "type": "string" + }, + "description": { + "type": "string" + }, + "url": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object" + }, + "Package": { + "required": [ + "id", + "name", + "version", + "type", + "foundBy", + "locations", + "licenses", + "language", + "cpes", + "purl", + "metadataType", + "metadata" + ], + "properties": { + "id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "type": { + "type": "string" + }, + "foundBy": { + "type": "string" + }, + "locations": { + "items": { + "$ref": "#/definitions/Location" + }, + "type": "array" + }, + "licenses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "language": { + "type": "string" + }, + "cpes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "purl": { + "type": "string" + }, + "metadataType": { + "type": "string" + }, + "metadata": { + "anyOf": [ + { + "type": "null" + }, + { + "$ref": "#/definitions/ApkMetadata" + }, + { + "$ref": "#/definitions/CargoPackageMetadata" + }, + { + "$ref": "#/definitions/DpkgMetadata" + }, + { + "$ref": "#/definitions/GemMetadata" + }, + { + "$ref": "#/definitions/JavaMetadata" + }, + { + "$ref": "#/definitions/NpmPackageJSONMetadata" + }, + { + "$ref": "#/definitions/PythonPackageMetadata" + }, + { + "$ref": "#/definitions/RpmdbMetadata" + } + ] + } + }, + "additionalProperties": true, + "type": "object" + }, + "PomProperties": { + "required": [ + "path", + "name", + "groupId", + "artifactId", + "version", + "extraFields" + ], + "properties": { + "path": { + "type": "string" + }, + "name": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "artifactId": { + "type": "string" + }, + "version": { + "type": "string" + }, + "extraFields": { + "patternProperties": { + ".*": { + "type": "string" + } + }, + "type": "object" + } + }, + "additionalProperties": true, + "type": "object" + }, + "PythonFileDigest": { + "required": [ + "algorithm", + "value" + ], + "properties": { + "algorithm": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object" + }, + "PythonFileRecord": { + "required": [ + "path" + ], + "properties": { + "path": { + "type": "string" + }, + "digest": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/PythonFileDigest" + }, + "size": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object" + }, + "PythonPackageMetadata": { + "required": [ + "name", + "version", + "license", + "author", + "authorEmail", + "platform", + "sitePackagesRootPath" + ], + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "license": { + "type": "string" + }, + "author": { + "type": "string" + }, + "authorEmail": { + "type": "string" + }, + "platform": { + "type": "string" + }, + "files": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/PythonFileRecord" + }, + "type": "array" + }, + "sitePackagesRootPath": { + "type": "string" + }, + "topLevelPackages": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "additionalProperties": true, + "type": "object" + }, + "Relationship": { + "required": [ + "parent", + "child", + "type", + "metadata" + ], + "properties": { + "parent": { + "type": "string" + }, + "child": { + "type": "string" + }, + "type": { + "type": "string" + }, + "metadata": { + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object" + }, + "RpmdbFileRecord": { + "required": [ + "path", + "mode", + "size", + "digest", + "userName", + "groupName", + "flags" + ], + "properties": { + "path": { + "type": "string" + }, + "mode": { + "type": "integer" + }, + "size": { + "type": "integer" + }, + "digest": { + "$ref": "#/definitions/Digest" + }, + "userName": { + "type": "string" + }, + "groupName": { + "type": "string" + }, + "flags": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object" + }, + "RpmdbMetadata": { + "required": [ + "name", + "version", + "epoch", + "architecture", + "release", + "sourceRpm", + "size", + "license", + "vendor", + "files" + ], + "properties": { + "name": { + "type": "string" + }, + "version": { + "type": "string" + }, + "epoch": { + "type": "integer" + }, + "architecture": { + "type": "string" + }, + "release": { + "type": "string" + }, + "sourceRpm": { + "type": "string" + }, + "size": { + "type": "integer" + }, + "license": { + "type": "string" + }, + "vendor": { + "type": "string" + }, + "files": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/RpmdbFileRecord" + }, + "type": "array" + } + }, + "additionalProperties": true, + "type": "object" + }, + "Schema": { + "required": [ + "version", + "url" + ], + "properties": { + "version": { + "type": "string" + }, + "url": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object" + }, + "SearchResult": { + "required": [ + "classification", + "lineNumber", + "lineOffset", + "seekPosition", + "length" + ], + "properties": { + "classification": { + "type": "string" + }, + "lineNumber": { + "type": "integer" + }, + "lineOffset": { + "type": "integer" + }, + "seekPosition": { + "type": "integer" + }, + "length": { + "type": "integer" + }, + "value": { + "type": "string" + } + }, + "additionalProperties": true, + "type": "object" + }, + "Secrets": { + "required": [ + "location", + "secrets" + ], + "properties": { + "location": { + "$ref": "#/definitions/Location" + }, + "secrets": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/SearchResult" + }, + "type": "array" + } + }, + "additionalProperties": true, + "type": "object" + }, + "Source": { + "required": [ + "type", + "target" + ], + "properties": { + "type": { + "type": "string" + }, + "target": { + "additionalProperties": true + } + }, + "additionalProperties": true, + "type": "object" + } + } +}