mirror of
https://github.com/anchore/syft.git
synced 2026-04-01 14:43:29 +02:00
4da3be864f
* refactor source API and syft json source block Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update source detection and format test utils Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * generate list of all source metadata types Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * extract base and root normalization into helper functions Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * preserve syftjson model package name import ref Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * alias should not be a pointer Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
64 lines
2.5 KiB
XML
64 lines
2.5 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<bom xmlns="http://cyclonedx.org/schema/bom/1.4" serialNumber="redacted" version="1">
|
|
<metadata>
|
|
<timestamp>redacted</timestamp>
|
|
<tools>
|
|
<tool>
|
|
<vendor>anchore</vendor>
|
|
<name>syft</name>
|
|
<version>v0.42.0-bogus</version>
|
|
</tool>
|
|
</tools>
|
|
<component bom-ref="redacted" type="container">
|
|
<name>user-image-input</name>
|
|
<version>sha256:redacted</version>
|
|
</component>
|
|
</metadata>
|
|
<components>
|
|
<component bom-ref="redacted" type="library">
|
|
<name>package-1</name>
|
|
<version>1.0.1</version>
|
|
<licenses>
|
|
<license>
|
|
<id>MIT</id>
|
|
</license>
|
|
</licenses>
|
|
<cpe>cpe:2.3:*:some:package:1:*:*:*:*:*:*:*</cpe>
|
|
<purl>a-purl-1</purl>
|
|
<properties>
|
|
<property name="syft:package:foundBy">the-cataloger-1</property>
|
|
<property name="syft:package:language">python</property>
|
|
<property name="syft:package:metadataType">PythonPackageMetadata</property>
|
|
<property name="syft:package:type">python</property>
|
|
<property name="syft:location:0:layerID">sha256:redacted</property>
|
|
<property name="syft:location:0:path">/somefile-1.txt</property>
|
|
</properties>
|
|
</component>
|
|
<component bom-ref="pkg:deb/debian/package-2@2.0.1?package-id=958443e2d9304af4" type="library">
|
|
<name>package-2</name>
|
|
<version>2.0.1</version>
|
|
<cpe>cpe:2.3:*:some:package:2:*:*:*:*:*:*:*</cpe>
|
|
<purl>pkg:deb/debian/package-2@2.0.1</purl>
|
|
<properties>
|
|
<property name="syft:package:foundBy">the-cataloger-2</property>
|
|
<property name="syft:package:metadataType">DpkgMetadata</property>
|
|
<property name="syft:package:type">deb</property>
|
|
<property name="syft:location:0:layerID">sha256:redacted</property>
|
|
<property name="syft:location:0:path">/somefile-2.txt</property>
|
|
<property name="syft:metadata:installedSize">0</property>
|
|
</properties>
|
|
</component>
|
|
<component type="operating-system">
|
|
<name>debian</name>
|
|
<version>1.2.3</version>
|
|
<description>debian</description>
|
|
<swid tagId="debian" name="debian" version="1.2.3"></swid>
|
|
<properties>
|
|
<property name="syft:distro:id">debian</property>
|
|
<property name="syft:distro:idLike:0">like!</property>
|
|
<property name="syft:distro:prettyName">debian</property>
|
|
<property name="syft:distro:versionID">1.2.3</property>
|
|
</properties>
|
|
</component>
|
|
</components>
|
|
</bom> |