mirror of
https://github.com/anchore/syft.git
synced 2025-11-18 00:43:20 +01:00
28 lines
656 B
Go
28 lines
656 B
Go
package spdxhelpers
|
|
|
|
import (
|
|
"github.com/anchore/syft/syft/cpe"
|
|
"github.com/anchore/syft/syft/pkg"
|
|
)
|
|
|
|
func ExternalRefs(p pkg.Package) (externalRefs []ExternalRef) {
|
|
externalRefs = make([]ExternalRef, 0)
|
|
|
|
for _, c := range p.CPEs {
|
|
externalRefs = append(externalRefs, ExternalRef{
|
|
ReferenceCategory: SecurityReferenceCategory,
|
|
ReferenceLocator: cpe.String(c),
|
|
ReferenceType: Cpe23ExternalRefType,
|
|
})
|
|
}
|
|
|
|
if p.PURL != "" {
|
|
externalRefs = append(externalRefs, ExternalRef{
|
|
ReferenceCategory: PackageManagerReferenceCategory,
|
|
ReferenceLocator: p.PURL,
|
|
ReferenceType: PurlExternalRefType,
|
|
})
|
|
}
|
|
return externalRefs
|
|
}
|