mirror of
https://github.com/anchore/syft.git
synced 2025-11-18 17:03:17 +01:00
bd9007fc0e
* remove power-user document shape Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add power-user specific fields to syft-json format Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * port remaining spdx-json relationships to sbom model Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add coordinate set Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add SBOM file path helper Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * use internal mimetype helper in go binary cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add new package-of relationship Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update json schema to v2 Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * replace power-user presenter with syft-json format Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix tests and linting Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * remove "package-of" relationship (in favor of "contains") Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add tests for spdx22json format encoding enhancements Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update TODO and log entries Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * introduce sbom.Descriptor Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
62 lines
1.6 KiB
Plaintext
62 lines
1.6 KiB
Plaintext
{
|
|
"SPDXID": "SPDXRef-DOCUMENT",
|
|
"name": "/some/path",
|
|
"spdxVersion": "SPDX-2.2",
|
|
"creationInfo": {
|
|
"created": "2021-11-17T19:35:54.834877Z",
|
|
"creators": [
|
|
"Organization: Anchore, Inc",
|
|
"Tool: syft-[not provided]"
|
|
],
|
|
"licenseListVersion": "3.15"
|
|
},
|
|
"dataLicense": "CC0-1.0",
|
|
"documentNamespace": "https:/anchore.com/syft/dir/some/path-65e2226e-a61e-4ed1-81bb-56022e1ff1eb",
|
|
"packages": [
|
|
{
|
|
"SPDXID": "SPDXRef-2a115ac97d018a0e",
|
|
"name": "package-1",
|
|
"licenseConcluded": "MIT",
|
|
"downloadLocation": "NOASSERTION",
|
|
"externalRefs": [
|
|
{
|
|
"referenceCategory": "SECURITY",
|
|
"referenceLocator": "cpe:2.3:*:some:package:2:*:*:*:*:*:*:*",
|
|
"referenceType": "cpe23Type"
|
|
},
|
|
{
|
|
"referenceCategory": "PACKAGE_MANAGER",
|
|
"referenceLocator": "a-purl-2",
|
|
"referenceType": "purl"
|
|
}
|
|
],
|
|
"filesAnalyzed": false,
|
|
"licenseDeclared": "MIT",
|
|
"sourceInfo": "acquired package info from installed python package manifest file: /some/path/pkg1",
|
|
"versionInfo": "1.0.1"
|
|
},
|
|
{
|
|
"SPDXID": "SPDXRef-5e920b2bece2c3ae",
|
|
"name": "package-2",
|
|
"licenseConcluded": "NONE",
|
|
"downloadLocation": "NOASSERTION",
|
|
"externalRefs": [
|
|
{
|
|
"referenceCategory": "SECURITY",
|
|
"referenceLocator": "cpe:2.3:*:some:package:2:*:*:*:*:*:*:*",
|
|
"referenceType": "cpe23Type"
|
|
},
|
|
{
|
|
"referenceCategory": "PACKAGE_MANAGER",
|
|
"referenceLocator": "a-purl-2",
|
|
"referenceType": "purl"
|
|
}
|
|
],
|
|
"filesAnalyzed": false,
|
|
"licenseDeclared": "NONE",
|
|
"sourceInfo": "acquired package info from DPKG DB: /some/path/pkg1",
|
|
"versionInfo": "2.0.1"
|
|
}
|
|
]
|
|
}
|