mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 08:23:15 +01:00
706322f826
* add initial spdx support Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * expose FileOwner and use in SPDX presenter Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add initial json support for SPDX Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add remaining package fields Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add spdx license list generation + tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * keep fileOwner unexported from pkg Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * restore cli test util Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add external refs to spdx tag-value format Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add golang support to CPE generation Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * use tag-value format as default "spdx" format flavor Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add tests around spdx presenters + refactor presenter tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add bouncer exception for spdx tools-golang repo Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * remove spdx model questions Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
42 lines
1.9 KiB
Go
42 lines
1.9 KiB
Go
package spdx22
|
|
|
|
type FileType string
|
|
|
|
const (
|
|
DocumentationFileType FileType = "DOCUMENTATION"
|
|
ImageFileType FileType = "IMAGE"
|
|
VideoFileType FileType = "VIDEO"
|
|
ArchiveFileType FileType = "ARCHIVE"
|
|
SpdxFileType FileType = "SPDX"
|
|
ApplicationFileType FileType = "APPLICATION"
|
|
SourceFileType FileType = "SOURCE"
|
|
BinaryFileType FileType = "BINARY"
|
|
TextFileType FileType = "TEXT"
|
|
AudioFileType FileType = "AUDIO"
|
|
OtherFileType FileType = "OTHER"
|
|
)
|
|
|
|
type File struct {
|
|
Item
|
|
// (At least one is required.) The checksum property provides a mechanism that can be used to verify that the
|
|
// contents of a File or Package have not changed.
|
|
Checksums []Checksum `json:"checksums"`
|
|
// This field provides a place for the SPDX file creator to record file contributors. Contributors could include
|
|
// names of copyright holders and/or authors who may not be copyright holders yet contributed to the file content.
|
|
FileContributors []string `json:"fileContributors"`
|
|
// Each element is a SPDX ID for a File.
|
|
FileDependencies []string `json:"fileDependencies"`
|
|
// The name of the file relative to the root of the package.
|
|
FileName string `json:"fileName"`
|
|
// The type of the file
|
|
FileTypes []string `json:"fileTypes"`
|
|
// This field provides a place for the SPDX file creator to record potential legal notices found in the file.
|
|
// This may or may not include copyright statements.
|
|
NoticeText string `json:"noticeText,omitempty"`
|
|
// Indicates the project in which the SpdxElement originated. Tools must preserve doap:homepage and doap:name
|
|
// properties and the URI (if one is known) of doap:Project resources that are values of this property. All other
|
|
// properties of doap:Projects are not directly supported by SPDX and may be dropped when translating to or
|
|
// from some SPDX formats.
|
|
ArtifactOf []string `json:"artifactOf"`
|
|
}
|