mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 16:33:21 +01:00
93d00dc340
* update spdx22 Document model to include relationships field Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * update document and relationship to match current JSON spec https://github.com/spdx/spdx-spec/blob/development/v2.2.1/schemas/spdx-schema.json https://github.com/spdx/spdx-spec/pull/528 https://github.com/spdx/spdx-spec/pull/528#issuecomment-904180177 Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * update File struct based on SPDX schema Required fields: [ "SPDXID", "fileName", "copyrightText", "licenseConcluded" ] Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com>
109 lines
4.2 KiB
Plaintext
109 lines
4.2 KiB
Plaintext
{
|
|
"artifacts": [
|
|
{
|
|
"id": "package-1-id",
|
|
"name": "package-1",
|
|
"version": "1.0.1",
|
|
"type": "python",
|
|
"foundBy": "the-cataloger-1",
|
|
"locations": [
|
|
{
|
|
"path": "/somefile-1.txt",
|
|
"layerID": "sha256:ffb5e9eaa453a002110719d12c294960117ca2903953d1faa40f01dc3f77045c"
|
|
}
|
|
],
|
|
"licenses": [
|
|
"MIT"
|
|
],
|
|
"language": "python",
|
|
"cpes": [
|
|
"cpe:2.3:*:some:package:1:*:*:*:*:*:*:*"
|
|
],
|
|
"purl": "a-purl-1",
|
|
"metadataType": "PythonPackageMetadata",
|
|
"metadata": {
|
|
"name": "package-1",
|
|
"version": "1.0.1",
|
|
"license": "",
|
|
"author": "",
|
|
"authorEmail": "",
|
|
"platform": "",
|
|
"sitePackagesRootPath": ""
|
|
}
|
|
},
|
|
{
|
|
"id": "package-2-id",
|
|
"name": "package-2",
|
|
"version": "2.0.1",
|
|
"type": "deb",
|
|
"foundBy": "the-cataloger-2",
|
|
"locations": [
|
|
{
|
|
"path": "/somefile-2.txt",
|
|
"layerID": "sha256:8463854829fc53d47b9dcdf7ee79fe7eb4ca7933c910f67f8521412f7a2f5c21"
|
|
}
|
|
],
|
|
"licenses": [],
|
|
"language": "",
|
|
"cpes": [
|
|
"cpe:2.3:*:some:package:2:*:*:*:*:*:*:*"
|
|
],
|
|
"purl": "a-purl-2",
|
|
"metadataType": "DpkgMetadata",
|
|
"metadata": {
|
|
"package": "package-2",
|
|
"source": "",
|
|
"version": "2.0.1",
|
|
"sourceVersion": "",
|
|
"architecture": "",
|
|
"maintainer": "",
|
|
"installedSize": 0,
|
|
"files": null
|
|
}
|
|
}
|
|
],
|
|
"artifactRelationships": [],
|
|
"source": {
|
|
"type": "image",
|
|
"target": {
|
|
"userInput": "user-image-input",
|
|
"imageID": "sha256:112851310e48e604f7379e2a3acddab50e91ce926edacb598a532e60ff6b776a",
|
|
"manifestDigest": "sha256:2731251dc34951c0e50fcc643b4c5f74922dad1a5d98f302b504cf46cd5d9368",
|
|
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
|
|
"tags": [
|
|
"stereoscope-fixture-image-simple:85066c51088bdd274f7a89e99e00490f666c49e72ffc955707cd6e18f0e22c5b"
|
|
],
|
|
"imageSize": 38,
|
|
"layers": [
|
|
{
|
|
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
|
|
"digest": "sha256:ffb5e9eaa453a002110719d12c294960117ca2903953d1faa40f01dc3f77045c",
|
|
"size": 22
|
|
},
|
|
{
|
|
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
|
|
"digest": "sha256:8463854829fc53d47b9dcdf7ee79fe7eb4ca7933c910f67f8521412f7a2f5c21",
|
|
"size": 16
|
|
}
|
|
],
|
|
"manifest": "eyJzY2hlbWFWZXJzaW9uIjoyLCJtZWRpYVR5cGUiOiJhcHBsaWNhdGlvbi92bmQuZG9ja2VyLmRpc3RyaWJ1dGlvbi5tYW5pZmVzdC52Mitqc29uIiwiY29uZmlnIjp7Im1lZGlhVHlwZSI6ImFwcGxpY2F0aW9uL3ZuZC5kb2NrZXIuY29udGFpbmVyLmltYWdlLnYxK2pzb24iLCJzaXplIjo2NzMsImRpZ2VzdCI6InNoYTI1NjoxMTI4NTEzMTBlNDhlNjA0ZjczNzllMmEzYWNkZGFiNTBlOTFjZTkyNmVkYWNiNTk4YTUzMmU2MGZmNmI3NzZhIn0sImxheWVycyI6W3sibWVkaWFUeXBlIjoiYXBwbGljYXRpb24vdm5kLmRvY2tlci5pbWFnZS5yb290ZnMuZGlmZi50YXIuZ3ppcCIsInNpemUiOjIwNDgsImRpZ2VzdCI6InNoYTI1NjpmZmI1ZTllYWE0NTNhMDAyMTEwNzE5ZDEyYzI5NDk2MDExN2NhMjkwMzk1M2QxZmFhNDBmMDFkYzNmNzcwNDVjIn0seyJtZWRpYVR5cGUiOiJhcHBsaWNhdGlvbi92bmQuZG9ja2VyLmltYWdlLnJvb3Rmcy5kaWZmLnRhci5nemlwIiwic2l6ZSI6MjA0OCwiZGlnZXN0Ijoic2hhMjU2Ojg0NjM4NTQ4MjlmYzUzZDQ3YjlkY2RmN2VlNzlmZTdlYjRjYTc5MzNjOTEwZjY3Zjg1MjE0MTJmN2EyZjVjMjEifV19",
|
|
"config": "eyJhcmNoaXRlY3R1cmUiOiJhbWQ2NCIsImNvbmZpZyI6eyJFbnYiOlsiUEFUSD0vdXNyL2xvY2FsL3NiaW46L3Vzci9sb2NhbC9iaW46L3Vzci9zYmluOi91c3IvYmluOi9zYmluOi9iaW4iXSwiV29ya2luZ0RpciI6Ii8iLCJPbkJ1aWxkIjpudWxsfSwiY3JlYXRlZCI6IjIwMjEtMDktMDhUMTc6MjE6NTguODk2NTI5MTkyWiIsImhpc3RvcnkiOlt7ImNyZWF0ZWQiOiIyMDIxLTA5LTA4VDE3OjIxOjU4Ljg3OTY5MDgyNFoiLCJjcmVhdGVkX2J5IjoiQUREIGZpbGUtMS50eHQgL3NvbWVmaWxlLTEudHh0ICMgYnVpbGRraXQiLCJjb21tZW50IjoiYnVpbGRraXQuZG9ja2VyZmlsZS52MCJ9LHsiY3JlYXRlZCI6IjIwMjEtMDktMDhUMTc6MjE6NTguODk2NTI5MTkyWiIsImNyZWF0ZWRfYnkiOiJBREQgZmlsZS0yLnR4dCAvc29tZWZpbGUtMi50eHQgIyBidWlsZGtpdCIsImNvbW1lbnQiOiJidWlsZGtpdC5kb2NrZXJmaWxlLnYwIn1dLCJvcyI6ImxpbnV4Iiwicm9vdGZzIjp7InR5cGUiOiJsYXllcnMiLCJkaWZmX2lkcyI6WyJzaGEyNTY6ZmZiNWU5ZWFhNDUzYTAwMjExMDcxOWQxMmMyOTQ5NjAxMTdjYTI5MDM5NTNkMWZhYTQwZjAxZGMzZjc3MDQ1YyIsInNoYTI1Njo4NDYzODU0ODI5ZmM1M2Q0N2I5ZGNkZjdlZTc5ZmU3ZWI0Y2E3OTMzYzkxMGY2N2Y4NTIxNDEyZjdhMmY1YzIxIl19fQ==",
|
|
"repoDigests": [],
|
|
"scope": "Squashed"
|
|
}
|
|
},
|
|
"distro": {
|
|
"name": "debian",
|
|
"version": "1.2.3",
|
|
"idLike": "like!"
|
|
},
|
|
"descriptor": {
|
|
"name": "syft",
|
|
"version": "[not provided]"
|
|
},
|
|
"schema": {
|
|
"version": "1.1.0",
|
|
"url": "https://raw.githubusercontent.com/anchore/syft/main/schema/json/schema-1.1.0.json"
|
|
}
|
|
}
|