mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 08:23:15 +01:00
44422853be
* add evident-by relationship Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * wire up evident-by relationship geneation Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * handle evident-by relationship in spdx formats Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix decoding file info for syft json format Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * bump json schema to incorporate file size attribute Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * refactor to create relationships for primary evidence only Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix linting Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * remove unused 7.0.2 json schema Signed-off-by: Alex Goodman <alex.goodman@anchore.com> --------- Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
26 lines
658 B
Go
26 lines
658 B
Go
package pkg
|
|
|
|
import (
|
|
"github.com/anchore/syft/syft/artifact"
|
|
)
|
|
|
|
func RelationshipsEvidentBy(catalog *Catalog) []artifact.Relationship {
|
|
var edges []artifact.Relationship
|
|
for _, p := range catalog.Sorted() {
|
|
for _, l := range p.Locations.ToSlice() {
|
|
if v, exists := l.Annotations[EvidenceAnnotationKey]; !exists || v != PrimaryEvidenceAnnotation {
|
|
// skip non-primary evidence from being expressed as a relationship.
|
|
// note: this may be configurable in the future.
|
|
continue
|
|
}
|
|
edges = append(edges, artifact.Relationship{
|
|
From: p,
|
|
To: l.Coordinates,
|
|
Type: artifact.EvidentByRelationship,
|
|
})
|
|
}
|
|
}
|
|
|
|
return edges
|
|
}
|