* remove internal string set
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* incorporate changes from #2227
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* beef up the pkg.License.Merg() doc string
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* Parse the Maven license from the pom.xml if not contained in the manifest
Signed-off-by: Colm O hEigeartaigh <coheigea@apache.org>
* chore: restore 10.0.2 schema
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* chore: generate new 11.0.1 schema
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* refactor: remove schema change
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update unit tests to align with new pattern
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* chore: pr feedback
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* chore: remove struct tags
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* keep license name and url semantics preserved on the pkg object
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Colm O hEigeartaigh <coheigea@apache.org>
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Christopher Angelo Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
* migrate location structs to file package
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* replace source.Location refs with file package call
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* fix linting
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* remove hardlink test for file based catalogers
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* remove hardlink test for all-regular-files testing
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* migrate file resolver implementations to separate package
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* fix linting
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* [wip] migrate resolvers to internal
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* migrate resolvers to syft/internal
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
---------
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Signed-off-by: <>
to keep things consistent across the schema we want Locations and URLs to be plural fields now that they are fields on the License struct
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
this PR makes the following changes to update the underlying license model to have more expressive capabilities
it also provides some guarantee's surrounding the license values themselves
- Licenses are updated from string -> pkg.LicenseSet which contain pkg.License with the following fields:
- original `Value` read by syft
- If it's possible to construct licenses will always have a valid SPDX expression for downstream consumption
- the above is run against a generated list of SPDX license ID to try and find the correct ID
- SPDX concluded vs declared is added to the new struct
- URL source for license is added to the new struct
- Location source is added to the new struct to show where the expression was pulled from
