Documentation ¶
Overview ¶
The `sbom` package, provides the go data structures rendered from the format-agnostic representation of Software Bill of Materials data expressed in the protobom protocol buffer definitions.
The protobom data model captures the SBOM data in a graph where the packages, components, files expressed in the native SBOM formats are `Nodes`, each related to each other through typed edges.
A group of `Nodes` and `Edge`s form a `NodeList` which is the main work unit of protobom. A `NodeList` can be embedded in a `Document` to form a full representation of an SBOM.
The SBOM package provides functions to work with the graph data through basic data operations like union, intersection and diffing as well as several querying functions to locate and extract information.
Protobom documents can be created programmatically or ingested using the different unserializers that understand the native formats. Data from the neutral protobom representation can be rendered to native formats using serialzers.
Example (Metadata) ¶
Illustrates how to create a new protobom document and populate its metadata. It sets the document name, version, ID, author information, and the tool details that produced the SBOM.
package main import ( "github.com/protobom/protobom/pkg/sbom" ) func main() { // Create a new protobom document document := sbom.NewDocument() // Populate some of the document metadata: document.Metadata.Name = "My software name" document.Metadata.Version = "v1.0.0" document.Metadata.Id = "acme_my_software_v0.1.0" // ...for example the author: document.Metadata.Authors = append( document.Metadata.Authors, &sbom.Person{Name: "John Doe"}, ) // ...and the tool that produced the SBOM: document.Metadata.Tools = append( document.Metadata.Tools, &sbom.Tool{ Name: "ACME SBOM Tool", Version: "1.0", Vendor: "ACME Corporation", }, ) }
Output:
Example (Nodes) ¶
Showcases how to create a new protobom document, add nodes representing software components, create a build dependency edge between two software components, and attach these components to the document.
package main import ( "github.com/protobom/protobom/pkg/sbom" ) func main() { // Create a new protobom document document := sbom.NewDocument() // Create a node to represent some software component: firstNode := &sbom.Node{ Id: "pkg:generic/[email protected]", PrimaryPurpose: []sbom.Purpose{sbom.Purpose_APPLICATION}, Name: "My Software Name", Version: "v1.0.0", Licenses: []string{"Apache-2.0"}, LicenseConcluded: "Apache-2.0", LicenseComments: "Apache License", } // Create a second node to represent a second software component secondSecond := &sbom.Node{ Id: "pkg:generic/[email protected]", PrimaryPurpose: []sbom.Purpose{sbom.Purpose_DEVICE}, Name: "My Second Software Name", Version: "v2.0.0", Licenses: []string{"Apache-2.0"}, LicenseConcluded: "Apache-2.0", LicenseComments: "Apache License", } // Create build dependency edge between the two software components. edge := &sbom.Edge{ Type: sbom.Edge_buildDependency, From: "pkg:generic/[email protected]", To: []string{ "pkg:generic/[email protected]", }, } // Attach components to document document.NodeList.AddNode(firstNode) document.NodeList.AddNode(secondSecond) document.NodeList.AddEdge(edge) }
Output:
Example (Roots) ¶
Demonstrates how to create a new protobom document and add multiple root nodes representing different software applications. Each root node has distinct properties such as ID, name, version, licenses, etc. These root nodes are then attached to the document.
package main import ( "github.com/protobom/protobom/pkg/sbom" ) func main() { // Create a new protobom document document := sbom.NewDocument() // Create a node to represent the application: firstRoot := &sbom.Node{ Id: "pkg:generic/[email protected]", PrimaryPurpose: []sbom.Purpose{sbom.Purpose_APPLICATION}, Name: "My Software Name", Version: "v1.0.0", Licenses: []string{"Apache-2.0"}, LicenseConcluded: "Apache-2.0", LicenseComments: "Apache License", } // Create a second node to represent the application, // It can have a eather the same or a different purpose. secondRoot := &sbom.Node{ Id: "pkg:generic/[email protected]", PrimaryPurpose: []sbom.Purpose{sbom.Purpose_DEVICE}, Name: "My Second Software Name", Version: "v2.0.0", Licenses: []string{"Apache-2.0"}, LicenseConcluded: "Apache-2.0", LicenseComments: "Apache License", } // Attach both roots to document document.NodeList.AddRootNode(firstRoot) document.NodeList.AddRootNode(secondRoot) }
Output:
Index ¶
- Constants
- Variables
- func NewNodeIdentifier(prefixes ...string) string
- type Document
- func (*Document) Descriptor() ([]byte, []int)deprecated
- func (x *Document) GetMetadata() *Metadata
- func (x *Document) GetNodeList() *NodeList
- func (d *Document) GetRootNodes() []*Node
- func (*Document) ProtoMessage()
- func (x *Document) ProtoReflect() protoreflect.Message
- func (x *Document) Reset()
- func (x *Document) String() string
- type DocumentType
- func (*DocumentType) Descriptor() ([]byte, []int)deprecated
- func (x *DocumentType) GetDescription() string
- func (x *DocumentType) GetName() string
- func (x *DocumentType) GetType() DocumentType_SBOMType
- func (*DocumentType) ProtoMessage()
- func (x *DocumentType) ProtoReflect() protoreflect.Message
- func (x *DocumentType) Reset()
- func (x *DocumentType) String() string
- type DocumentType_SBOMType
- func (DocumentType_SBOMType) Descriptor() protoreflect.EnumDescriptor
- func (x DocumentType_SBOMType) Enum() *DocumentType_SBOMType
- func (DocumentType_SBOMType) EnumDescriptor() ([]byte, []int)deprecated
- func (x DocumentType_SBOMType) Number() protoreflect.EnumNumber
- func (x DocumentType_SBOMType) String() string
- func (DocumentType_SBOMType) Type() protoreflect.EnumType
- type Edge
- func (e *Edge) AddDestinationById(ids ...string)
- func (e *Edge) Copy() *Edge
- func (*Edge) Descriptor() ([]byte, []int)deprecated
- func (e *Edge) Equal(e2 *Edge) bool
- func (x *Edge) GetFrom() string
- func (x *Edge) GetTo() []string
- func (x *Edge) GetType() Edge_Type
- func (e *Edge) PointsTo(id string) bool
- func (*Edge) ProtoMessage()
- func (x *Edge) ProtoReflect() protoreflect.Message
- func (x *Edge) Reset()
- func (x *Edge) String() string
- type Edge_Type
- func (Edge_Type) Descriptor() protoreflect.EnumDescriptor
- func (x Edge_Type) Enum() *Edge_Type
- func (Edge_Type) EnumDescriptor() ([]byte, []int)deprecated
- func (x Edge_Type) Number() protoreflect.EnumNumber
- func (x Edge_Type) String() string
- func (et Edge_Type) ToSPDX2() string
- func (Edge_Type) Type() protoreflect.EnumType
- type ExternalReference
- func (e *ExternalReference) Copy() *ExternalReference
- func (*ExternalReference) Descriptor() ([]byte, []int)deprecated
- func (x *ExternalReference) GetAuthority() string
- func (x *ExternalReference) GetComment() string
- func (x *ExternalReference) GetHashes() map[int32]string
- func (x *ExternalReference) GetType() ExternalReference_ExternalReferenceType
- func (x *ExternalReference) GetUrl() string
- func (*ExternalReference) ProtoMessage()
- func (x *ExternalReference) ProtoReflect() protoreflect.Message
- func (x *ExternalReference) Reset()
- func (x *ExternalReference) String() string
- type ExternalReference_ExternalReferenceType
- func (ExternalReference_ExternalReferenceType) Descriptor() protoreflect.EnumDescriptor
- func (x ExternalReference_ExternalReferenceType) Enum() *ExternalReference_ExternalReferenceType
- func (ExternalReference_ExternalReferenceType) EnumDescriptor() ([]byte, []int)deprecated
- func (x ExternalReference_ExternalReferenceType) Number() protoreflect.EnumNumber
- func (x ExternalReference_ExternalReferenceType) String() string
- func (ExternalReference_ExternalReferenceType) Type() protoreflect.EnumType
- type Flattenable
- type HashAlgorithm
- func (HashAlgorithm) Descriptor() protoreflect.EnumDescriptor
- func (x HashAlgorithm) Enum() *HashAlgorithm
- func (HashAlgorithm) EnumDescriptor() ([]byte, []int)deprecated
- func (x HashAlgorithm) Number() protoreflect.EnumNumber
- func (x HashAlgorithm) String() string
- func (ha HashAlgorithm) ToSPDX() common.ChecksumAlgorithm
- func (ha HashAlgorithm) ToSPDX3() string
- func (HashAlgorithm) Type() protoreflect.EnumType
- type Metadata
- func (*Metadata) Descriptor() ([]byte, []int)deprecated
- func (x *Metadata) GetAuthors() []*Person
- func (x *Metadata) GetComment() string
- func (x *Metadata) GetDate() *timestamppb.Timestamp
- func (x *Metadata) GetDocumentTypes() []*DocumentType
- func (x *Metadata) GetId() string
- func (x *Metadata) GetName() string
- func (x *Metadata) GetTools() []*Tool
- func (x *Metadata) GetVersion() string
- func (*Metadata) ProtoMessage()
- func (x *Metadata) ProtoReflect() protoreflect.Message
- func (x *Metadata) Reset()
- func (x *Metadata) String() string
- type Node
- func (n *Node) AddHash(algo HashAlgorithm, value string)
- func (n *Node) Augment(n2 *Node)
- func (n *Node) Checksum() string
- func (n *Node) Copy() *Node
- func (*Node) Descriptor() ([]byte, []int)deprecated
- func (n *Node) Diff(n2 *Node) *NodeDiff
- func (n *Node) Equal(n2 *Node) bool
- func (x *Node) GetAttribution() []string
- func (x *Node) GetBuildDate() *timestamppb.Timestamp
- func (x *Node) GetComment() string
- func (x *Node) GetCopyright() string
- func (x *Node) GetDescription() string
- func (x *Node) GetExternalReferences() []*ExternalReference
- func (x *Node) GetFileName() string
- func (x *Node) GetFileTypes() []string
- func (x *Node) GetHashes() map[int32]string
- func (x *Node) GetId() string
- func (x *Node) GetIdentifiers() map[int32]string
- func (x *Node) GetLicenseComments() string
- func (x *Node) GetLicenseConcluded() string
- func (x *Node) GetLicenses() []string
- func (x *Node) GetName() string
- func (x *Node) GetOriginators() []*Person
- func (x *Node) GetPrimaryPurpose() []Purpose
- func (x *Node) GetReleaseDate() *timestamppb.Timestamp
- func (x *Node) GetSourceInfo() string
- func (x *Node) GetSummary() string
- func (x *Node) GetSuppliers() []*Person
- func (x *Node) GetType() Node_NodeType
- func (x *Node) GetUrlDownload() string
- func (x *Node) GetUrlHome() string
- func (x *Node) GetValidUntilDate() *timestamppb.Timestamp
- func (x *Node) GetVersion() string
- func (n *Node) HashesMatch(th map[int32]string) bool
- func (*Node) ProtoMessage()
- func (x *Node) ProtoReflect() protoreflect.Message
- func (n *Node) Purl() PackageURL
- func (x *Node) Reset()
- func (x *Node) String() string
- func (n *Node) Update(n2 *Node)
- type NodeDiff
- type NodeList
- func (nl *NodeList) Add(nl2 *NodeList)
- func (nl *NodeList) AddEdge(e *Edge)
- func (nl *NodeList) AddNode(n *Node)
- func (nl *NodeList) AddRootNode(n *Node)
- func (nl *NodeList) Copy() *NodeList
- func (*NodeList) Descriptor() ([]byte, []int)deprecated
- func (nl *NodeList) Equal(nl2 *NodeList) bool
- func (nl *NodeList) GetEdgeByType(fromElement string, t Edge_Type) *Edge
- func (x *NodeList) GetEdges() []*Edge
- func (nl *NodeList) GetMatchingNode(node *Node) (*Node, error)
- func (nl *NodeList) GetNodeByID(id string) *Node
- func (x *NodeList) GetNodes() []*Node
- func (nl *NodeList) GetNodesByIdentifier(t, v string) []*Node
- func (nl *NodeList) GetNodesByName(name string) []*Node
- func (nl *NodeList) GetNodesByPurlType(purlType string) *NodeList
- func (x *NodeList) GetRootElements() []string
- func (nl *NodeList) GetRootNodes() []*Node
- func (nl *NodeList) Intersect(nl2 *NodeList) *NodeList
- func (nl *NodeList) NodeDescendants(id string, maxDepth int) *NodeList
- func (nl *NodeList) NodeGraph(id string) *NodeList
- func (nl *NodeList) NodeSiblings(id string) *NodeList
- func (*NodeList) ProtoMessage()
- func (x *NodeList) ProtoReflect() protoreflect.Message
- func (nl *NodeList) RelateNodeAtID(n *Node, nodeID string, edgeType Edge_Type) error
- func (nl *NodeList) RelateNodeListAtID(nl2 *NodeList, nodeID string, edgeType Edge_Type) error
- func (nl *NodeList) RemoveNodes(ids []string)
- func (x *NodeList) Reset()
- func (x *NodeList) String() string
- func (nl *NodeList) Union(nl2 *NodeList) *NodeList
- type Node_NodeType
- func (Node_NodeType) Descriptor() protoreflect.EnumDescriptor
- func (x Node_NodeType) Enum() *Node_NodeType
- func (Node_NodeType) EnumDescriptor() ([]byte, []int)deprecated
- func (x Node_NodeType) Number() protoreflect.EnumNumber
- func (x Node_NodeType) String() string
- func (Node_NodeType) Type() protoreflect.EnumType
- type PackageURL
- type Person
- func (p *Person) Copy() *Person
- func (*Person) Descriptor() ([]byte, []int)deprecated
- func (x *Person) GetContacts() []*Person
- func (x *Person) GetEmail() string
- func (x *Person) GetIsOrg() bool
- func (x *Person) GetName() string
- func (x *Person) GetPhone() string
- func (x *Person) GetUrl() string
- func (*Person) ProtoMessage()
- func (x *Person) ProtoReflect() protoreflect.Message
- func (x *Person) Reset()
- func (x *Person) String() string
- func (p *Person) ToSPDX2ClientOrg() string
- func (p *Person) ToSPDX2ClientString() string
- type Purpose
- type SoftwareIdentifierType
- func (SoftwareIdentifierType) Descriptor() protoreflect.EnumDescriptor
- func (x SoftwareIdentifierType) Enum() *SoftwareIdentifierType
- func (SoftwareIdentifierType) EnumDescriptor() ([]byte, []int)deprecated
- func (x SoftwareIdentifierType) Number() protoreflect.EnumNumber
- func (x SoftwareIdentifierType) String() string
- func (i SoftwareIdentifierType) ToSPDX2Category() string
- func (i SoftwareIdentifierType) ToSPDX2Type() string
- func (SoftwareIdentifierType) Type() protoreflect.EnumType
- type Tool
Examples ¶
Constants ¶
const NodeIdentifierPrefix = "protobom"
NodeIdentifierPrefix known protobom prefix
Variables ¶
var ( HashAlgorithm_name = map[int32]string{ 0: "UNKNOWN", 1: "MD5", 2: "SHA1", 3: "SHA256", 4: "SHA384", 5: "SHA512", 6: "SHA3_256", 7: "SHA3_384", 8: "SHA3_512", 9: "BLAKE2B_256", 10: "BLAKE2B_384", 11: "BLAKE2B_512", 12: "BLAKE3", 13: "MD2", 14: "ADLER32", 15: "MD4", 16: "MD6", 17: "SHA224", } HashAlgorithm_value = map[string]int32{ "UNKNOWN": 0, "MD5": 1, "SHA1": 2, "SHA256": 3, "SHA384": 4, "SHA512": 5, "SHA3_256": 6, "SHA3_384": 7, "SHA3_512": 8, "BLAKE2B_256": 9, "BLAKE2B_384": 10, "BLAKE2B_512": 11, "BLAKE3": 12, "MD2": 13, "ADLER32": 14, "MD4": 15, "MD6": 16, "SHA224": 17, } )
Enum value maps for HashAlgorithm.
var ( SoftwareIdentifierType_name = map[int32]string{ 0: "UNKNOWN_IDENTIFIER_TYPE", 1: "PURL", 2: "CPE22", 3: "CPE23", 4: "GITOID", } SoftwareIdentifierType_value = map[string]int32{ "UNKNOWN_IDENTIFIER_TYPE": 0, "PURL": 1, "CPE22": 2, "CPE23": 3, "GITOID": 4, } )
Enum value maps for SoftwareIdentifierType.
var ( Purpose_name = map[int32]string{ 0: "UNKNOWN_PURPOSE", 1: "APPLICATION", 2: "ARCHIVE", 3: "BOM", 4: "CONFIGURATION", 5: "CONTAINER", 6: "DATA", 7: "DEVICE", 8: "DEVICE_DRIVER", 9: "DOCUMENTATION", 10: "EVIDENCE", 11: "EXECUTABLE", 12: "FILE", 13: "FIRMWARE", 14: "FRAMEWORK", 15: "INSTALL", 16: "LIBRARY", 17: "MACHINE_LEARNING_MODEL", 18: "MANIFEST", 19: "MODEL", 20: "MODULE", 21: "OPERATING_SYSTEM", 22: "OTHER", 23: "PATCH", 24: "PLATFORM", 25: "REQUIREMENT", 26: "SOURCE", 27: "SPECIFICATION", 28: "TEST", } Purpose_value = map[string]int32{ "UNKNOWN_PURPOSE": 0, "APPLICATION": 1, "ARCHIVE": 2, "BOM": 3, "CONFIGURATION": 4, "CONTAINER": 5, "DATA": 6, "DEVICE": 7, "DEVICE_DRIVER": 8, "DOCUMENTATION": 9, "EVIDENCE": 10, "EXECUTABLE": 11, "FILE": 12, "FIRMWARE": 13, "FRAMEWORK": 14, "INSTALL": 15, "LIBRARY": 16, "MACHINE_LEARNING_MODEL": 17, "MANIFEST": 18, "MODEL": 19, "MODULE": 20, "OPERATING_SYSTEM": 21, "OTHER": 22, "PATCH": 23, "PLATFORM": 24, "REQUIREMENT": 25, "SOURCE": 26, "SPECIFICATION": 27, "TEST": 28, } )
Enum value maps for Purpose.
var ( Node_NodeType_name = map[int32]string{ 0: "PACKAGE", 1: "FILE", } Node_NodeType_value = map[string]int32{ "PACKAGE": 0, "FILE": 1, } )
Enum value maps for Node_NodeType.
var ( Edge_Type_name = map[int32]string{ 0: "UNKNOWN", 1: "amends", 2: "ancestor", 3: "buildDependency", 4: "buildTool", 5: "contains", 6: "contained_by", 7: "copy", 8: "dataFile", 9: "dependencyManifest", 10: "dependsOn", 11: "dependencyOf", 12: "descendant", 13: "describes", 14: "describedBy", 15: "devDependency", 16: "devTool", 17: "distributionArtifact", 18: "documentation", 19: "dynamicLink", 20: "example", 21: "expandedFromArchive", 22: "fileAdded", 23: "fileDeleted", 24: "fileModified", 25: "generates", 26: "generatedFrom", 27: "metafile", 28: "optionalComponent", 29: "optionalDependency", 30: "other", 31: "packages", 32: "patch", 33: "prerequisite", 34: "prerequisiteFor", 35: "providedDependency", 36: "requirementFor", 37: "runtimeDependency", 38: "specificationFor", 39: "staticLink", 40: "test", 41: "testCase", 42: "testDependency", 43: "testTool", 44: "variant", } Edge_Type_value = map[string]int32{ "UNKNOWN": 0, "amends": 1, "ancestor": 2, "buildDependency": 3, "buildTool": 4, "contains": 5, "contained_by": 6, "copy": 7, "dataFile": 8, "dependencyManifest": 9, "dependsOn": 10, "dependencyOf": 11, "descendant": 12, "describes": 13, "describedBy": 14, "devDependency": 15, "devTool": 16, "distributionArtifact": 17, "documentation": 18, "dynamicLink": 19, "example": 20, "expandedFromArchive": 21, "fileAdded": 22, "fileDeleted": 23, "fileModified": 24, "generates": 25, "generatedFrom": 26, "metafile": 27, "optionalComponent": 28, "optionalDependency": 29, "other": 30, "packages": 31, "patch": 32, "prerequisite": 33, "prerequisiteFor": 34, "providedDependency": 35, "requirementFor": 36, "runtimeDependency": 37, "specificationFor": 38, "staticLink": 39, "test": 40, "testCase": 41, "testDependency": 42, "testTool": 43, "variant": 44, } )
Enum value maps for Edge_Type.
var ( ExternalReference_ExternalReferenceType_name = map[int32]string{ 0: "UNKNOWN", 1: "ATTESTATION", 2: "BINARY", 3: "BOM", 4: "BOWER", 5: "BUILD_META", 6: "BUILD_SYSTEM", 7: "CERTIFICATION_REPORT", 8: "CHAT", 9: "CODIFIED_INFRASTRUCTURE", 10: "COMPONENT_ANALYSIS_REPORT", 11: "CONFIGURATION", 12: "DISTRIBUTION_INTAKE", 13: "DOCUMENTATION", 14: "DOWNLOAD", 15: "DYNAMIC_ANALYSIS_REPORT", 16: "EOL_NOTICE", 17: "EVIDENCE", 18: "EXPORT_CONTROL_ASSESSMENT", 19: "FORMULATION", 20: "FUNDING", 21: "ISSUE_TRACKER", 22: "LICENSE", 23: "LOG", 24: "MAILING_LIST", 25: "MATURITY_REPORT", 26: "MAVEN_CENTRAL", 27: "METRICS", 28: "MODEL_CARD", 29: "NPM", 30: "NUGET", 31: "OTHER", 32: "POAM", 33: "PRIVACY_ASSESSMENT", 34: "PRODUCT_METADATA", 35: "PURCHASE_ORDER", 36: "QUALITY_ASSESSMENT_REPORT", 37: "QUALITY_METRICS", 38: "RELEASE_HISTORY", 39: "RELEASE_NOTES", 40: "RISK_ASSESSMENT", 41: "RUNTIME_ANALYSIS_REPORT", 42: "SECURE_SOFTWARE_ATTESTATION", 43: "SECURITY_ADVERSARY_MODEL", 44: "SECURITY_ADVISORY", 45: "SECURITY_CONTACT", 46: "SECURITY_FIX", 47: "SECURITY_OTHER", 48: "SECURITY_PENTEST_REPORT", 49: "SECURITY_POLICY", 50: "SECURITY_SWID", 51: "SECURITY_THREAT_MODEL", 52: "SOCIAL", 53: "SOURCE_ARTIFACT", 54: "STATIC_ANALYSIS_REPORT", 55: "SUPPORT", 56: "VCS", 57: "VULNERABILITY_ASSERTION", 58: "VULNERABILITY_DISCLOSURE_REPORT", 59: "VULNERABILITY_EXPLOITABILITY_ASSESSMENT", 60: "WEBSITE", } ExternalReference_ExternalReferenceType_value = map[string]int32{ "UNKNOWN": 0, "ATTESTATION": 1, "BINARY": 2, "BOM": 3, "BOWER": 4, "BUILD_META": 5, "BUILD_SYSTEM": 6, "CERTIFICATION_REPORT": 7, "CHAT": 8, "CODIFIED_INFRASTRUCTURE": 9, "COMPONENT_ANALYSIS_REPORT": 10, "CONFIGURATION": 11, "DISTRIBUTION_INTAKE": 12, "DOCUMENTATION": 13, "DOWNLOAD": 14, "DYNAMIC_ANALYSIS_REPORT": 15, "EOL_NOTICE": 16, "EVIDENCE": 17, "EXPORT_CONTROL_ASSESSMENT": 18, "FORMULATION": 19, "FUNDING": 20, "ISSUE_TRACKER": 21, "LICENSE": 22, "LOG": 23, "MAILING_LIST": 24, "MATURITY_REPORT": 25, "MAVEN_CENTRAL": 26, "METRICS": 27, "MODEL_CARD": 28, "NPM": 29, "NUGET": 30, "OTHER": 31, "POAM": 32, "PRIVACY_ASSESSMENT": 33, "PRODUCT_METADATA": 34, "PURCHASE_ORDER": 35, "QUALITY_ASSESSMENT_REPORT": 36, "QUALITY_METRICS": 37, "RELEASE_HISTORY": 38, "RELEASE_NOTES": 39, "RISK_ASSESSMENT": 40, "RUNTIME_ANALYSIS_REPORT": 41, "SECURE_SOFTWARE_ATTESTATION": 42, "SECURITY_ADVERSARY_MODEL": 43, "SECURITY_ADVISORY": 44, "SECURITY_CONTACT": 45, "SECURITY_FIX": 46, "SECURITY_OTHER": 47, "SECURITY_PENTEST_REPORT": 48, "SECURITY_POLICY": 49, "SECURITY_SWID": 50, "SECURITY_THREAT_MODEL": 51, "SOCIAL": 52, "SOURCE_ARTIFACT": 53, "STATIC_ANALYSIS_REPORT": 54, "SUPPORT": 55, "VCS": 56, "VULNERABILITY_ASSERTION": 57, "VULNERABILITY_DISCLOSURE_REPORT": 58, "VULNERABILITY_EXPLOITABILITY_ASSESSMENT": 59, "WEBSITE": 60, } )
Enum value maps for ExternalReference_ExternalReferenceType.
var ( DocumentType_SBOMType_name = map[int32]string{ 0: "OTHER", 1: "DESIGN", 2: "SOURCE", 3: "BUILD", 4: "ANALYZED", 5: "DEPLOYED", 6: "RUNTIME", 7: "DISCOVERY", 8: "DECOMISSION", } DocumentType_SBOMType_value = map[string]int32{ "OTHER": 0, "DESIGN": 1, "SOURCE": 2, "BUILD": 3, "ANALYZED": 4, "DEPLOYED": 5, "RUNTIME": 6, "DISCOVERY": 7, "DECOMISSION": 8, } )
Enum value maps for DocumentType_SBOMType.
var ErrorMoreThanOneMatch = fmt.Errorf("more than one node matches")
var File_api_sbom_proto protoreflect.FileDescriptor
Functions ¶
func NewNodeIdentifier ¶
NewNodeIdentifier generates an identifier string compatible with CycloneDX and SPDX for use in a node.
If no prefixes are provided, the identifier will be created using a new UUID and prefixed with "protobom-xx-yy--". The prefix allows serializers to interpret characteristics, such as "auto," indicating it was autogenerated by protobom.
If prefixes are provided, they are used to build the identifier. Invalid characters are removed, and known separators are replaced with dashes. If no valid prefixes are found, a UUID will be used by default.
Types ¶
type Document ¶
type Document struct { Metadata *Metadata `protobuf:"bytes,1,opt,name=metadata,proto3" json:"metadata,omitempty"` // Metadata associated with the SBOM document NodeList *NodeList `protobuf:"bytes,2,opt,name=node_list,json=nodeList,proto3" json:"node_list,omitempty"` // List of nodes and edges forming the SBOM graph // contains filtered or unexported fields }
Document is the top-level structure representing the entire Software Bill of Materials (SBOM). It serves as the core neutral ground for the SBOM translation process, encapsulating metadata, components (nodes), and the graph structure (edges).
func (*Document) Descriptor
deprecated
func (*Document) GetMetadata ¶
func (*Document) GetNodeList ¶
func (*Document) GetRootNodes ¶
GetRootNodes returns the top level nodes of the document. It calls the underlying method in the document's NodeList.
func (*Document) ProtoMessage ¶
func (*Document) ProtoMessage()
func (*Document) ProtoReflect ¶
func (x *Document) ProtoReflect() protoreflect.Message
type DocumentType ¶
type DocumentType struct { Type *DocumentType_SBOMType `protobuf:"varint,1,opt,name=type,proto3,enum=protobom.protobom.DocumentType_SBOMType,oneof" json:"type,omitempty"` // SBOM document type. Name *string `protobuf:"bytes,2,opt,name=name,proto3,oneof" json:"name,omitempty"` // Name associated with the document type. Description *string `protobuf:"bytes,3,opt,name=description,proto3,oneof" json:"description,omitempty"` // Description of the document type. // contains filtered or unexported fields }
DocumentType represents the type of document in the Software Bill of Materials (SBOM) ecosystem. It categorizes the SBOM document based on its purpose or stage in the software development lifecycle.
func (*DocumentType) Descriptor
deprecated
func (*DocumentType) Descriptor() ([]byte, []int)
Deprecated: Use DocumentType.ProtoReflect.Descriptor instead.
func (*DocumentType) GetDescription ¶
func (x *DocumentType) GetDescription() string
func (*DocumentType) GetName ¶
func (x *DocumentType) GetName() string
func (*DocumentType) GetType ¶
func (x *DocumentType) GetType() DocumentType_SBOMType
func (*DocumentType) ProtoMessage ¶
func (*DocumentType) ProtoMessage()
func (*DocumentType) ProtoReflect ¶
func (x *DocumentType) ProtoReflect() protoreflect.Message
func (*DocumentType) Reset ¶
func (x *DocumentType) Reset()
func (*DocumentType) String ¶
func (x *DocumentType) String() string
type DocumentType_SBOMType ¶
type DocumentType_SBOMType int32
Enumeration of SBOM document types.
const ( DocumentType_OTHER DocumentType_SBOMType = 0 // Other document type. DocumentType_DESIGN DocumentType_SBOMType = 1 // Design document type. (CDX: design) DocumentType_SOURCE DocumentType_SBOMType = 2 // Source document type. (CDX: pre-build) DocumentType_BUILD DocumentType_SBOMType = 3 // Build document type. (CDX: build) DocumentType_ANALYZED DocumentType_SBOMType = 4 // Analyzed document type. (CDX: post-build) DocumentType_DEPLOYED DocumentType_SBOMType = 5 // Deployed document type. (CDX: operations) DocumentType_RUNTIME DocumentType_SBOMType = 6 // Runtime document type. (CDX: none) DocumentType_DISCOVERY DocumentType_SBOMType = 7 // Discovery document type. (CDX Specific) DocumentType_DECOMISSION DocumentType_SBOMType = 8 // Decommission document type. (CDX Specific) )
func (DocumentType_SBOMType) Descriptor ¶
func (DocumentType_SBOMType) Descriptor() protoreflect.EnumDescriptor
func (DocumentType_SBOMType) Enum ¶
func (x DocumentType_SBOMType) Enum() *DocumentType_SBOMType
func (DocumentType_SBOMType) EnumDescriptor
deprecated
func (DocumentType_SBOMType) EnumDescriptor() ([]byte, []int)
Deprecated: Use DocumentType_SBOMType.Descriptor instead.
func (DocumentType_SBOMType) Number ¶
func (x DocumentType_SBOMType) Number() protoreflect.EnumNumber
func (DocumentType_SBOMType) String ¶
func (x DocumentType_SBOMType) String() string
func (DocumentType_SBOMType) Type ¶
func (DocumentType_SBOMType) Type() protoreflect.EnumType
type Edge ¶
type Edge struct { Type Edge_Type `protobuf:"varint,1,opt,name=type,proto3,enum=protobom.protobom.Edge_Type" json:"type,omitempty"` // Type enumerator representing the node relationship. From string `protobuf:"bytes,2,opt,name=from,proto3" json:"from,omitempty"` // Source node of the edge. To []string `protobuf:"bytes,3,rep,name=to,proto3" json:"to,omitempty"` // Target nodes of the edge. // contains filtered or unexported fields }
Edge represents relationships between nodes in the Software Bill of Materials (SBOM) graph. Each Edge captures the type of relationship and the nodes involved, providing a structured way to model dependencies and connections within the SBOM.
func (*Edge) AddDestinationById ¶
AddDestinationById adds identifiers to the destination list of the edge. The new destination identifiers are guaranteed to be added only once and will not be duplicated if there is already a destination with the same ID.
func (*Edge) Descriptor
deprecated
func (*Edge) Equal ¶
Equal compares the current edge to another (e2) and returns true if they are identical. It checks if both edges have the same source, type, and destination nodes.
func (*Edge) PointsTo ¶
PointsTo returns true if the edge is directed towards a specific node. It evaluates to true only if the edge includes the provided node ID in its list of To nodes.
func (*Edge) ProtoMessage ¶
func (*Edge) ProtoMessage()
func (*Edge) ProtoReflect ¶
func (x *Edge) ProtoReflect() protoreflect.Message
type Edge_Type ¶
type Edge_Type int32
Type enumerator representing the node relationship.
const ( Edge_UNKNOWN Edge_Type = 0 // Unknown type. Edge_amends Edge_Type = 1 // Amends relationship type. Edge_ancestor Edge_Type = 2 // Ancestor relationship type. Edge_buildDependency Edge_Type = 3 // Build dependency relationship type. Edge_buildTool Edge_Type = 4 // Build tool relationship type. Edge_contains Edge_Type = 5 // Contains relationship type. Edge_contained_by Edge_Type = 6 // Contained by relationship type. In SPDX 3.x, this field is not supported. Edge_copy Edge_Type = 7 // Copy relationship type. Edge_dataFile Edge_Type = 8 // Data file relationship type. Edge_dependencyManifest Edge_Type = 9 // Dependency manifest relationship type. Edge_dependsOn Edge_Type = 10 // Depends on relationship type. Edge_dependencyOf Edge_Type = 11 // Dependency of relationship type. In SPDX 3.x, this field is not supported. Edge_descendant Edge_Type = 12 // Descendant relationship type. Edge_describes Edge_Type = 13 // Describes relationship type. Edge_describedBy Edge_Type = 14 // Described by relationship type. In SPDX 3.x, this field is not supported. Edge_devDependency Edge_Type = 15 // Development dependency relationship type. Edge_devTool Edge_Type = 16 // Development tool relationship type. Edge_distributionArtifact Edge_Type = 17 // Distribution artifact relationship type. Edge_documentation Edge_Type = 18 // Documentation relationship type. Edge_dynamicLink Edge_Type = 19 // Dynamic link relationship type. Edge_example Edge_Type = 20 // Example relationship type. Edge_expandedFromArchive Edge_Type = 21 // Expanded from archive relationship type. Edge_fileAdded Edge_Type = 22 // File added relationship type. Edge_fileDeleted Edge_Type = 23 // File deleted relationship type. Edge_fileModified Edge_Type = 24 // File modified relationship type. Edge_generates Edge_Type = 25 // Generates relationship type. Edge_generatedFrom Edge_Type = 26 // Generated from relationship type. In SPDX 3.x, this field is not supported. Edge_metafile Edge_Type = 27 // Metafile relationship type. Edge_optionalComponent Edge_Type = 28 // Optional component relationship type. Edge_optionalDependency Edge_Type = 29 // Optional dependency relationship type. Edge_other Edge_Type = 30 // Other relationship type. Edge_packages Edge_Type = 31 // Packages relationship type. Edge_patch Edge_Type = 32 // Patch relationship type. Edge_prerequisite Edge_Type = 33 // Prerequisite relationship type. Edge_prerequisiteFor Edge_Type = 34 // Prerequisite for relationship type. In SPDX 3.x, this field is not supported. Edge_providedDependency Edge_Type = 35 // Provided dependency relationship type. Edge_requirementFor Edge_Type = 36 // Requirement for relationship type. Edge_runtimeDependency Edge_Type = 37 // Runtime dependency relationship type. Edge_specificationFor Edge_Type = 38 // Specification for relationship type. Edge_staticLink Edge_Type = 39 // Static link relationship type. Edge_test Edge_Type = 40 // Test relationship type. Edge_testCase Edge_Type = 41 // Test case relationship type. Edge_testDependency Edge_Type = 42 // Test dependency relationship type. Edge_testTool Edge_Type = 43 // Test tool relationship type. Edge_variant Edge_Type = 44 // Variant relationship type. )
func EdgeTypeFromSPDX ¶
EdgeTypeFromSPDX converts an SPDX2 edge type string to its corresponding edge type.
func EdgeTypeFromSPDX2 ¶
EdgeTypeFromSPDX2 converts SPDX2 label in to the corresponding edge type. It maps the SPDX2 representation in to neutral edge type to its SPDX2 representation.
func (Edge_Type) Descriptor ¶
func (Edge_Type) Descriptor() protoreflect.EnumDescriptor
func (Edge_Type) EnumDescriptor
deprecated
func (Edge_Type) Number ¶
func (x Edge_Type) Number() protoreflect.EnumNumber
func (Edge_Type) ToSPDX2 ¶
ToSPDX2 converts the edge type to the corresponding SPDX2 label. It maps the neutral edge type to its SPDX2 representation.
func (Edge_Type) Type ¶
func (Edge_Type) Type() protoreflect.EnumType
type ExternalReference ¶
type ExternalReference struct { Url string `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"` // URL providing reference to an external resource. // string type = 2; // Deprecated (string) use ExternalReferenceType instead, see https://github.com/protobom/protobom/issues/148.. Comment string `protobuf:"bytes,3,opt,name=comment,proto3" json:"comment,omitempty"` // Comments associated with the external reference. Authority string `protobuf:"bytes,4,opt,name=authority,proto3" json:"authority,omitempty"` // Authority responsible for the external reference. // string type = 5; // Deprecated (string map) use hashes field instead, see https://github.com/protobom/protobom/issues/89. Hashes map[int32]string `` // Hashes associated with the external reference, Replaced field 5. /* 154-byte string literal not displayed */ Type ExternalReference_ExternalReferenceType `protobuf:"varint,7,opt,name=type,proto3,enum=protobom.protobom.ExternalReference_ExternalReferenceType" json:"type,omitempty"` // Type of the external reference, Replaced field 2. // contains filtered or unexported fields }
ExternalReference is an entry linking an element to a resource defined outside the SBOM standard.
func (*ExternalReference) Copy ¶
func (e *ExternalReference) Copy() *ExternalReference
Copy returns an exact duplicate of the external reference.
func (*ExternalReference) Descriptor
deprecated
func (*ExternalReference) Descriptor() ([]byte, []int)
Deprecated: Use ExternalReference.ProtoReflect.Descriptor instead.
func (*ExternalReference) GetAuthority ¶
func (x *ExternalReference) GetAuthority() string
func (*ExternalReference) GetComment ¶
func (x *ExternalReference) GetComment() string
func (*ExternalReference) GetHashes ¶
func (x *ExternalReference) GetHashes() map[int32]string
func (*ExternalReference) GetType ¶
func (x *ExternalReference) GetType() ExternalReference_ExternalReferenceType
func (*ExternalReference) GetUrl ¶
func (x *ExternalReference) GetUrl() string
func (*ExternalReference) ProtoMessage ¶
func (*ExternalReference) ProtoMessage()
func (*ExternalReference) ProtoReflect ¶
func (x *ExternalReference) ProtoReflect() protoreflect.Message
func (*ExternalReference) Reset ¶
func (x *ExternalReference) Reset()
func (*ExternalReference) String ¶
func (x *ExternalReference) String() string
type ExternalReference_ExternalReferenceType ¶
type ExternalReference_ExternalReferenceType int32
Type enumerator representing of the external reference.
const ( ExternalReference_UNKNOWN ExternalReference_ExternalReferenceType = 0 // Unknown type. ExternalReference_ATTESTATION ExternalReference_ExternalReferenceType = 1 // Attestation type. ExternalReference_BINARY ExternalReference_ExternalReferenceType = 2 // Binary type. ExternalReference_BOM ExternalReference_ExternalReferenceType = 3 // BOM type. ExternalReference_BOWER ExternalReference_ExternalReferenceType = 4 // Bower type. ExternalReference_BUILD_META ExternalReference_ExternalReferenceType = 5 // Build meta type. ExternalReference_BUILD_SYSTEM ExternalReference_ExternalReferenceType = 6 // Build system type. ExternalReference_CERTIFICATION_REPORT ExternalReference_ExternalReferenceType = 7 // Certification report type. ExternalReference_CHAT ExternalReference_ExternalReferenceType = 8 // Chat type. ExternalReference_CODIFIED_INFRASTRUCTURE ExternalReference_ExternalReferenceType = 9 // Codified infrastructure type. ExternalReference_COMPONENT_ANALYSIS_REPORT ExternalReference_ExternalReferenceType = 10 // Component analysis report type. ExternalReference_CONFIGURATION ExternalReference_ExternalReferenceType = 11 // Configuration type. ExternalReference_DISTRIBUTION_INTAKE ExternalReference_ExternalReferenceType = 12 // Distribution intake type. ExternalReference_DOCUMENTATION ExternalReference_ExternalReferenceType = 13 // Documentation type. ExternalReference_DOWNLOAD ExternalReference_ExternalReferenceType = 14 // Download type. ExternalReference_DYNAMIC_ANALYSIS_REPORT ExternalReference_ExternalReferenceType = 15 // Dynamic analysis report type. ExternalReference_EOL_NOTICE ExternalReference_ExternalReferenceType = 16 // End-of-life notice type. ExternalReference_EVIDENCE ExternalReference_ExternalReferenceType = 17 // Evidence type. ExternalReference_EXPORT_CONTROL_ASSESSMENT ExternalReference_ExternalReferenceType = 18 // Export control assessment type. ExternalReference_FORMULATION ExternalReference_ExternalReferenceType = 19 // Formulation type. ExternalReference_FUNDING ExternalReference_ExternalReferenceType = 20 // Funding type. ExternalReference_ISSUE_TRACKER ExternalReference_ExternalReferenceType = 21 // Issue tracker type. ExternalReference_LICENSE ExternalReference_ExternalReferenceType = 22 // License type. ExternalReference_LOG ExternalReference_ExternalReferenceType = 23 // Log type. ExternalReference_MAILING_LIST ExternalReference_ExternalReferenceType = 24 // Mailing list type. ExternalReference_MATURITY_REPORT ExternalReference_ExternalReferenceType = 25 // Maturity report type. ExternalReference_MAVEN_CENTRAL ExternalReference_ExternalReferenceType = 26 // Maven Central type. ExternalReference_METRICS ExternalReference_ExternalReferenceType = 27 // Metrics type. ExternalReference_MODEL_CARD ExternalReference_ExternalReferenceType = 28 // Model card type. ExternalReference_NPM ExternalReference_ExternalReferenceType = 29 // NPM type. ExternalReference_NUGET ExternalReference_ExternalReferenceType = 30 // NuGet type. ExternalReference_OTHER ExternalReference_ExternalReferenceType = 31 // Other type. ExternalReference_POAM ExternalReference_ExternalReferenceType = 32 // POAM type. ExternalReference_PRIVACY_ASSESSMENT ExternalReference_ExternalReferenceType = 33 // Privacy assessment type. ExternalReference_PRODUCT_METADATA ExternalReference_ExternalReferenceType = 34 // Product metadata type. ExternalReference_PURCHASE_ORDER ExternalReference_ExternalReferenceType = 35 // Purchase order type. ExternalReference_QUALITY_ASSESSMENT_REPORT ExternalReference_ExternalReferenceType = 36 // Quality assessment report type. ExternalReference_QUALITY_METRICS ExternalReference_ExternalReferenceType = 37 // Quality metrics type. ExternalReference_RELEASE_HISTORY ExternalReference_ExternalReferenceType = 38 // Release history type. ExternalReference_RELEASE_NOTES ExternalReference_ExternalReferenceType = 39 // Release notes type. ExternalReference_RISK_ASSESSMENT ExternalReference_ExternalReferenceType = 40 // Risk assessment type. ExternalReference_RUNTIME_ANALYSIS_REPORT ExternalReference_ExternalReferenceType = 41 // Runtime analysis report type. ExternalReference_SECURE_SOFTWARE_ATTESTATION ExternalReference_ExternalReferenceType = 42 // Secure software attestation type. ExternalReference_SECURITY_ADVERSARY_MODEL ExternalReference_ExternalReferenceType = 43 // Security adversary model type. ExternalReference_SECURITY_ADVISORY ExternalReference_ExternalReferenceType = 44 // Security advisory type. ExternalReference_SECURITY_CONTACT ExternalReference_ExternalReferenceType = 45 // Security contact type. ExternalReference_SECURITY_FIX ExternalReference_ExternalReferenceType = 46 // Security fix type. ExternalReference_SECURITY_OTHER ExternalReference_ExternalReferenceType = 47 // Security other type. ExternalReference_SECURITY_PENTEST_REPORT ExternalReference_ExternalReferenceType = 48 // Security pentest report type. ExternalReference_SECURITY_POLICY ExternalReference_ExternalReferenceType = 49 // Security policy type. ExternalReference_SECURITY_SWID ExternalReference_ExternalReferenceType = 50 // Security SWID type. ExternalReference_SECURITY_THREAT_MODEL ExternalReference_ExternalReferenceType = 51 // Security threat model type. ExternalReference_SOCIAL ExternalReference_ExternalReferenceType = 52 // Social type. ExternalReference_SOURCE_ARTIFACT ExternalReference_ExternalReferenceType = 53 // Source artifact type. ExternalReference_STATIC_ANALYSIS_REPORT ExternalReference_ExternalReferenceType = 54 // Static analysis report type. ExternalReference_SUPPORT ExternalReference_ExternalReferenceType = 55 // Support type. ExternalReference_VCS ExternalReference_ExternalReferenceType = 56 // VCS type. ExternalReference_VULNERABILITY_ASSERTION ExternalReference_ExternalReferenceType = 57 // Vulnerability assertion type. ExternalReference_VULNERABILITY_DISCLOSURE_REPORT ExternalReference_ExternalReferenceType = 58 // Vulnerability disclosure report type. ExternalReference_VULNERABILITY_EXPLOITABILITY_ASSESSMENT ExternalReference_ExternalReferenceType = 59 // Vulnerability exploitability assessment type. ExternalReference_WEBSITE ExternalReference_ExternalReferenceType = 60 // Website type. )
func (ExternalReference_ExternalReferenceType) Descriptor ¶
func (ExternalReference_ExternalReferenceType) Descriptor() protoreflect.EnumDescriptor
func (ExternalReference_ExternalReferenceType) EnumDescriptor
deprecated
func (ExternalReference_ExternalReferenceType) EnumDescriptor() ([]byte, []int)
Deprecated: Use ExternalReference_ExternalReferenceType.Descriptor instead.
func (ExternalReference_ExternalReferenceType) Number ¶
func (x ExternalReference_ExternalReferenceType) Number() protoreflect.EnumNumber
func (ExternalReference_ExternalReferenceType) String ¶
func (x ExternalReference_ExternalReferenceType) String() string
func (ExternalReference_ExternalReferenceType) Type ¶
func (ExternalReference_ExternalReferenceType) Type() protoreflect.EnumType
type Flattenable ¶
type Flattenable interface {
// contains filtered or unexported methods
}
type HashAlgorithm ¶
type HashAlgorithm int32
HashAlgorithm represents the hashing algorithms used within the Software Bill of Materials (SBOM) document. It enumerates various hash algorithms that can be employed to generate checksums or unique identifiers for files or data.
const ( HashAlgorithm_UNKNOWN HashAlgorithm = 0 // Unknown hash algorithm. HashAlgorithm_MD5 HashAlgorithm = 1 // MD5 hash algorithm. HashAlgorithm_SHA1 HashAlgorithm = 2 // SHA-1 hash algorithm. HashAlgorithm_SHA256 HashAlgorithm = 3 // SHA-256 hash algorithm. HashAlgorithm_SHA384 HashAlgorithm = 4 // SHA-384 hash algorithm. HashAlgorithm_SHA512 HashAlgorithm = 5 // SHA-512 hash algorithm. HashAlgorithm_SHA3_256 HashAlgorithm = 6 // SHA3-256 hash algorithm. HashAlgorithm_SHA3_384 HashAlgorithm = 7 // SHA3-384 hash algorithm. HashAlgorithm_SHA3_512 HashAlgorithm = 8 // SHA3-512 hash algorithm. HashAlgorithm_BLAKE2B_256 HashAlgorithm = 9 // BLAKE2B-256 hash algorithm. HashAlgorithm_BLAKE2B_384 HashAlgorithm = 10 // BLAKE2B-384 hash algorithm. HashAlgorithm_BLAKE2B_512 HashAlgorithm = 11 // BLAKE2B-512 hash algorithm. HashAlgorithm_BLAKE3 HashAlgorithm = 12 // BLAKE3 hash algorithm. HashAlgorithm_MD2 HashAlgorithm = 13 // MD2 hash algorithm, not supported by SPDX formats. HashAlgorithm_ADLER32 HashAlgorithm = 14 // Adler-32 hash algorithm, not supported by SPDX formats.. HashAlgorithm_MD4 HashAlgorithm = 15 // MD4 hash algorithm, not supported by SPDX formats.. HashAlgorithm_MD6 HashAlgorithm = 16 // MD6 hash algorithm, not supported by SPDX formats.. HashAlgorithm_SHA224 HashAlgorithm = 17 // SHA-224 hash algorithm, not supported by SPDX formats.. )
func HashAlgorithmFromCDX ¶
func HashAlgorithmFromCDX(cdxAlgorithm cyclonedx.HashAlgorithm) HashAlgorithm
HashAlgorithmFromCDX converts a CycloneDX hash algorithm to its corresponding Hash Algorithm.
func HashAlgorithmFromCycloneDX
deprecated
func HashAlgorithmFromCycloneDX(cdxAlgo cdx.HashAlgorithm) HashAlgorithm
Deprecated: HashAlgorithmFromCycloneDX is deprecated and will be removed in an upcoming version, Please use HashAlgorithmFromCDX. HashAlgorithmFromCycloneDX converts a CycloneDX hash algorithm to its corresponding Hash Algorithm.
func HashAlgorithmFromSPDX ¶
func HashAlgorithmFromSPDX(spdxAlgo common.ChecksumAlgorithm) HashAlgorithm
HashAlgorithmFromSPDX converts a SPDX2 hash algorithm to its corresponding Hash Algorithm.
func (HashAlgorithm) Descriptor ¶
func (HashAlgorithm) Descriptor() protoreflect.EnumDescriptor
func (HashAlgorithm) Enum ¶
func (x HashAlgorithm) Enum() *HashAlgorithm
func (HashAlgorithm) EnumDescriptor
deprecated
func (HashAlgorithm) EnumDescriptor() ([]byte, []int)
Deprecated: Use HashAlgorithm.Descriptor instead.
func (HashAlgorithm) Number ¶
func (x HashAlgorithm) Number() protoreflect.EnumNumber
func (HashAlgorithm) String ¶
func (x HashAlgorithm) String() string
func (HashAlgorithm) ToSPDX ¶
func (ha HashAlgorithm) ToSPDX() common.ChecksumAlgorithm
ToSPDX2 converts the Hash Algorithm to its corresponding SPDX2 label. It maps the neutral Hash Algorithm to its SPDX representation.
func (HashAlgorithm) ToSPDX3 ¶
func (ha HashAlgorithm) ToSPDX3() string
ToSPDX3 converts the Hash Algorithm to its corresponding SPDX3 label. It maps the neutral Hash Algorithm to its SPDX representation.
Note: The SPDX-3.0 specification is subject to change, and the returned values are based on the vocabulary defined by SPDX-3.0 for HashAlgorithm: https://github.com/spdx/spdx-3-model/blob/main/model/Core/Vocabularies/HashAlgorithm.md
func (HashAlgorithm) Type ¶
func (HashAlgorithm) Type() protoreflect.EnumType
type Metadata ¶
type Metadata struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // // Unique identifier for the document. Serial number in CycloneDX foramts, SPDXID in spdx formats. Version string `protobuf:"bytes,2,opt,name=version,proto3" json:"version,omitempty"` // Version of the document. In Cyclone formats the version is translated from `Int` field in to a more general `String` field. Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"` // Name associated with the document. Date *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=date,proto3" json:"date,omitempty"` // Created date of the Document. In SPDX formats mapped to the created date field. Tools []*Tool `protobuf:"bytes,5,rep,name=tools,proto3" json:"tools,omitempty"` // Tools used in the creation or processing of the document. Authors []*Person `protobuf:"bytes,6,rep,name=authors,proto3" json:"authors,omitempty"` // Individuals or organizations involved in the creation or maintenance of the document. Comment string `protobuf:"bytes,7,opt,name=comment,proto3" json:"comment,omitempty"` // Comments on the document. DocumentTypes []*DocumentType `protobuf:"bytes,8,rep,name=documentTypes,proto3" json:"documentTypes,omitempty"` // Types categorizing the document based on its purpose or stage in the software development lifecycle. // contains filtered or unexported fields }
Metadata encapsulates document-related details about the Software Bill of Materials (SBOM) document. It includes information such as the document's identifier, version, authorship, creation date, associated tools, and document types.
func (*Metadata) Descriptor
deprecated
func (*Metadata) GetAuthors ¶
func (*Metadata) GetComment ¶
func (*Metadata) GetDate ¶
func (x *Metadata) GetDate() *timestamppb.Timestamp
func (*Metadata) GetDocumentTypes ¶
func (x *Metadata) GetDocumentTypes() []*DocumentType
func (*Metadata) GetVersion ¶
func (*Metadata) ProtoMessage ¶
func (*Metadata) ProtoMessage()
func (*Metadata) ProtoReflect ¶
func (x *Metadata) ProtoReflect() protoreflect.Message
type Node ¶
type Node struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // Unique identifier for the node. Type Node_NodeType `protobuf:"varint,2,opt,name=type,proto3,enum=protobom.protobom.Node_NodeType" json:"type,omitempty"` // Type of the software component. Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"` // Name of the software component. Version string `protobuf:"bytes,4,opt,name=version,proto3" json:"version,omitempty"` // Version string of the software component. FileName string `protobuf:"bytes,5,opt,name=file_name,json=fileName,proto3" json:"file_name,omitempty"` // Package filename when there is one. UrlHome string `protobuf:"bytes,6,opt,name=url_home,json=urlHome,proto3" json:"url_home,omitempty"` // Website of the package. UrlDownload string `protobuf:"bytes,7,opt,name=url_download,json=urlDownload,proto3" json:"url_download,omitempty"` // Location to download the package. // Multiple licenses applicable to the software component, // Multiple licenses can be specified for CycloneDX 1.4 and files in SPDX. Licenses []string `protobuf:"bytes,8,rep,name=licenses,proto3" json:"licenses,omitempty"` // Concluded license applicable to the software component, // This is only in SPDX and it is just one. LicenseConcluded string `protobuf:"bytes,9,opt,name=license_concluded,json=licenseConcluded,proto3" json:"license_concluded,omitempty"` LicenseComments string `protobuf:"bytes,10,opt,name=license_comments,json=licenseComments,proto3" json:"license_comments,omitempty"` // Comments on the license. Copyright string `protobuf:"bytes,11,opt,name=copyright,proto3" json:"copyright,omitempty"` // Copyright information applicable to the software component. // This field is intended to capture details related to the source or origin of the software component. // It may include any relevant background information or additional comments. SourceInfo string `protobuf:"bytes,13,opt,name=source_info,json=sourceInfo,proto3" json:"source_info,omitempty"` Comment string `protobuf:"bytes,15,opt,name=comment,proto3" json:"comment,omitempty"` // Comments on the software component. Summary string `protobuf:"bytes,16,opt,name=summary,proto3" json:"summary,omitempty"` // Concise description of the software component (short description). Description string `protobuf:"bytes,17,opt,name=description,proto3" json:"description,omitempty"` // Detailed description of the software component (full description). Attribution []string `protobuf:"bytes,18,rep,name=attribution,proto3" json:"attribution,omitempty"` // One or more contributions or acknowledgments associated with the software component. Suppliers []*Person `protobuf:"bytes,19,rep,name=suppliers,proto3" json:"suppliers,omitempty"` // One or more entities providing the software component. Originators []*Person `protobuf:"bytes,20,rep,name=originators,proto3" json:"originators,omitempty"` // One or more entities involved in the creation or maintenance of the software component. ReleaseDate *timestamppb.Timestamp `protobuf:"bytes,21,opt,name=release_date,json=releaseDate,proto3" json:"release_date,omitempty"` // Release date of the software component. BuildDate *timestamppb.Timestamp `protobuf:"bytes,22,opt,name=build_date,json=buildDate,proto3" json:"build_date,omitempty"` // Build date of the software component. ValidUntilDate *timestamppb.Timestamp `protobuf:"bytes,23,opt,name=valid_until_date,json=validUntilDate,proto3" json:"valid_until_date,omitempty"` // Valid until date of the software component. ExternalReferences []*ExternalReference `protobuf:"bytes,24,rep,name=external_references,json=externalReferences,proto3" json:"external_references,omitempty"` // External references associated with the software component. FileTypes []string `protobuf:"bytes,27,rep,name=file_types,json=fileTypes,proto3" json:"file_types,omitempty"` // File types associated with the component // Software identifer map used by the component. // Maps between the software identifier types and the identifier values. Identifiers map[int32]string `` /* 165-byte string literal not displayed */ // Hashes map associated with the software component. // Maps between hash algorithms types and hash values. Hashes map[int32]string `` /* 155-byte string literal not displayed */ PrimaryPurpose []Purpose `` // Primary purpose or role assigned to the software component. /* 143-byte string literal not displayed */ // contains filtered or unexported fields }
Node represents a central element within the Software Bill of Materials (SBOM) graph, serving as a vertex that captures vital information about a software component. Each Node in the SBOM graph signifies a distinct software component, forming the vertices of the graph.
func (*Node) AddHash ¶
func (n *Node) AddHash(algo HashAlgorithm, value string)
AddHash adds a new hash with the specified algorithm (algo) to the node. If the node already has a hash with the same algorithm, it is silently replaced. The provided value must not be an empty string
func (*Node) Augment ¶
Augment takes updates fields in n with data from n2 which is not already defined (not empty string, not 0 length string, not nill pointer).
func (*Node) Descriptor
deprecated
func (*Node) Diff ¶
Diff analyses a node and returns a a new node populated with all fields that are different in n2 from n. If no changes are found, Diff returns nil
func (*Node) Equal ¶
Equal compares the current Node to another (n2) and returns true if they are identical.
func (*Node) GetAttribution ¶
func (*Node) GetBuildDate ¶
func (x *Node) GetBuildDate() *timestamppb.Timestamp
func (*Node) GetComment ¶
func (*Node) GetCopyright ¶
func (*Node) GetDescription ¶
func (*Node) GetExternalReferences ¶
func (x *Node) GetExternalReferences() []*ExternalReference
func (*Node) GetFileName ¶
func (*Node) GetFileTypes ¶
func (*Node) GetIdentifiers ¶
func (*Node) GetLicenseComments ¶
func (*Node) GetLicenseConcluded ¶
func (*Node) GetLicenses ¶
func (*Node) GetOriginators ¶
func (*Node) GetPrimaryPurpose ¶
func (*Node) GetReleaseDate ¶
func (x *Node) GetReleaseDate() *timestamppb.Timestamp
func (*Node) GetSourceInfo ¶
func (*Node) GetSummary ¶
func (*Node) GetSuppliers ¶
func (*Node) GetType ¶
func (x *Node) GetType() Node_NodeType
func (*Node) GetUrlDownload ¶
func (*Node) GetUrlHome ¶
func (*Node) GetValidUntilDate ¶
func (x *Node) GetValidUntilDate() *timestamppb.Timestamp
func (*Node) GetVersion ¶
func (*Node) HashesMatch ¶
HashesMatch checks if the provided test-hashes (th) match those of the node. It only considers common algorithms between the node and the test hashes.
If test-hashes contain hashes with algorithms not present in the node, those are ignored, and the function returns true if the remaining hashes match.
If either the node or the test-hashes is empty, no match is assumed.
func (*Node) ProtoMessage ¶
func (*Node) ProtoMessage()
func (*Node) ProtoReflect ¶
func (x *Node) ProtoReflect() protoreflect.Message
func (*Node) Purl ¶
func (n *Node) Purl() PackageURL
Purl returns the node's Package URL (PURL) as a string. If the node is of type FILE empty PURL is returned.
type NodeList ¶
type NodeList struct { Nodes []*Node `protobuf:"bytes,1,rep,name=nodes,proto3" json:"nodes,omitempty"` // List of software components (nodes) in the SBOM graph. Edges []*Edge `protobuf:"bytes,2,rep,name=edges,proto3" json:"edges,omitempty"` // List of relationships (edges) between nodes in the SBOM graph. RootElements []string `protobuf:"bytes,3,rep,name=root_elements,json=rootElements,proto3" json:"root_elements,omitempty"` // List of root elements in the SBOM graph. // contains filtered or unexported fields }
NodeList represents a collection of nodes and edges forming the Software Bill of Materials (SBOM) graph. It encapsulates the fundamental components of the SBOM, including software entities (nodes) and their relationships (edges).
func NewNodeList ¶
func NewNodeList() *NodeList
NewNodeList returns a new NodeList with empty nodes, edges, and root elements.
func (*NodeList) Add ¶
Add combines the nodes and edges from NodeList (nl2) into the current NodeList (nl). It modifies current NodeList (nl) by adding new roots, nodes and edges or updating existing ones. It is the equivalent to the Union of both NodeLists, but it modifies the current NodeList (nl) in place.
func (*NodeList) AddRootNode ¶
AddRootNode adds a node to the NodeList and registers it as a Root Elements. More than one root element can be added to the NodeList.
func (*NodeList) Descriptor
deprecated
func (*NodeList) Equal ¶
Equal compares the current NodeList to another (n2) and returns true if they are identical.
func (*NodeList) GetEdgeByType ¶
GetEdgeByType returns the first edge of the specified type (t) originating from the given node ID (fromElement). If no such edge is found, it returns nil.
func (*NodeList) GetMatchingNode ¶
GetMatchingNode looks up a node in the NodeList (nl) that matches the software described the provided. Matching is performed based on hashes and, if necessary, by Package URL (PURL). This function guarantees a single-node match. If more than one node matches, an ErrorMoreThanOneMatch is returned.
If the target node has hashes, it first looks for nodes with matching hashes. If exactly one node is found, the function returns it. If no nodes match by hash, it attempts to match based on the purl. If more than one node matches by purl, an error is returned. If multiple nodes match by hash, it looks for a single node where the purl also matches to break the ambiguity.
See Node.HashesMatch for details on how hashes are compared.
func (*NodeList) GetNodeByID ¶
GetNodeByID returns a node with the specified ID
func (*NodeList) GetNodesByIdentifier ¶
GetNodesByIdentifier returns a list of nodes that match the provided identifier type (t) and value (v). For example, the identifier type (t) can be "purl," and its value (v) can be "pkg:deb/debian/[email protected]+deb11u1?arch=i386". The function may return an empty list if no nodes match the given identifier. Matching is based on simple string comparison.
func (*NodeList) GetNodesByName ¶
GetNodesByName returns a list of node with the specified name.
func (*NodeList) GetNodesByPurlType ¶
GetNodesByPurlType retrieves nodes with a specific Package URL type (purlType) from the current NodeList (nl). Returns a new NodeList with matching nodes and their relationships. If no nodes match, an empty NodeList is returned.
func (*NodeList) GetRootElements ¶
func (*NodeList) GetRootNodes ¶
GetRootNodes returns a list of the document root nodes.
func (*NodeList) Intersect ¶
Intersect returns a new NodeList that represents the intersection of nodes and their relationships between nl and nl2. The resulting NodeList contains common nodes and edges copied from nl, and updates them with data from nl2.
func (*NodeList) NodeDescendants ¶
NodeDescendants traverses the NodeList graph starting at the node specified by id and returns a new node list with elements related at a maximal distance of maxDepth levels. If the specified id is not found, the NodeList will be empty. Traversing the graph will stop if any of the related nodes is a RootNode.
func (*NodeList) NodeGraph ¶
NodeGraph retruns a new NodeList representing the full dependency graph of the node identified by the provided ID. The method traverses the SBOM graph, adding all nodes connected to the specified ID. If no nodes match, an empty NodeList is returned.
func (*NodeList) NodeSiblings ¶
NodeSiblings returns a new NodeList containing the specified node at the root and a graph fragment with its immediate siblings with their edges preserved. If no nodes match, an empty NodeList is returned.
func (*NodeList) ProtoMessage ¶
func (*NodeList) ProtoMessage()
func (*NodeList) ProtoReflect ¶
func (x *NodeList) ProtoReflect() protoreflect.Message
func (*NodeList) RelateNodeAtID ¶
RelateNodeAtID creates a relationship between the provided Node (n) and an existing node in the NodeList specified by ID (nodeID). If the targeted node (looked up by ID) does not exist in the Node List, it is added. If the specified nodeID does not exist, an error is returned.
func (*NodeList) RelateNodeListAtID ¶
RelateNodeListAtID relates nodes from the provided NodeList (nl2) at the top level to an existing node in this NodeList with the specified ID (nodeID) using a relationship of the given type (edgeType). It returns an error if ID cannot be found in the graph. Nodes with the same ID in both the current (nl) and provided (nl2) Node Lists are considered equivalent and will be deduplicated.
func (*NodeList) RemoveNodes ¶
RemoveNodes removes nodes with specified IDs from the NodeList. It also removes corresponding edges connected to the removed nodes.
type Node_NodeType ¶
type Node_NodeType int32
Type of the software component.
const ( Node_PACKAGE Node_NodeType = 0 // Software component type is a package. Node_FILE Node_NodeType = 1 // Software component type is a file. )
func (Node_NodeType) Descriptor ¶
func (Node_NodeType) Descriptor() protoreflect.EnumDescriptor
func (Node_NodeType) Enum ¶
func (x Node_NodeType) Enum() *Node_NodeType
func (Node_NodeType) EnumDescriptor
deprecated
func (Node_NodeType) EnumDescriptor() ([]byte, []int)
Deprecated: Use Node_NodeType.Descriptor instead.
func (Node_NodeType) Number ¶
func (x Node_NodeType) Number() protoreflect.EnumNumber
func (Node_NodeType) String ¶
func (x Node_NodeType) String() string
func (Node_NodeType) Type ¶
func (Node_NodeType) Type() protoreflect.EnumType
type PackageURL ¶
type PackageURL string
PackageURL represents a Package URL (PURL) for identifying and locating software packages.
type Person ¶
type Person struct { Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` // Name of the person or organization. IsOrg bool `protobuf:"varint,2,opt,name=is_org,json=isOrg,proto3" json:"is_org,omitempty"` // Indicates whether the entity is an organization (true) or an individual (false). Email string `protobuf:"bytes,3,opt,name=email,proto3" json:"email,omitempty"` // Email address of the person or organization. Url string `protobuf:"bytes,4,opt,name=url,proto3" json:"url,omitempty"` // URL associated with the person or organization. Phone string `protobuf:"bytes,5,opt,name=phone,proto3" json:"phone,omitempty"` // Phone number associated with the person or organization. Contacts []*Person `protobuf:"bytes,6,rep,name=contacts,proto3" json:"contacts,omitempty"` // Contacts associated with the person or organization. // contains filtered or unexported fields }
Person represents an individual or organization involved in the creation or maintenance of the document or node.
func (*Person) Copy ¶
Copy returns a new Person pointer which is a duplicate of Person p. The copy is recursive into the Contacts array.
func (*Person) Descriptor
deprecated
func (*Person) GetContacts ¶
func (*Person) ProtoMessage ¶
func (*Person) ProtoMessage()
func (*Person) ProtoReflect ¶
func (x *Person) ProtoReflect() protoreflect.Message
func (*Person) ToSPDX2ClientOrg ¶
ToSPDX2ClientOrg returns a string representing the type of actor to use in the SPDX go-tools, basically it will returns "Organization" or "Person"
func (*Person) ToSPDX2ClientString ¶
ToSPDX2ClientString converts the person to an SPDX actor string (not valid for an SBOM but to feed into the SPDX go-tools).
type Purpose ¶
type Purpose int32
Purpose represents different purposes or roles assigned to software entities within the Software Bill of Materials (SBOM). It categorizes the roles that software components can fulfill.
const ( Purpose_UNKNOWN_PURPOSE Purpose = 0 // Unknown purpose. Purpose_APPLICATION Purpose = 1 // Application purpose. (SPDX2.3, CDX1.5, SPDX3.0) Purpose_ARCHIVE Purpose = 2 // Archive purpose. (SPDX2.3, SPDX3.0) Purpose_BOM Purpose = 3 // BOM purpose. (SPDX3.0) Purpose_CONFIGURATION Purpose = 4 // Configuration purpose. (SPDX3.0) Purpose_CONTAINER Purpose = 5 // Container purpose. (SPDX2.3, CDX1.5, SPDX3.0) Purpose_DATA Purpose = 6 // Data purpose. (CDX1.5, SPDX3.0) Purpose_DEVICE Purpose = 7 // Device purpose. (SPDX2.3, CDX1.5, SPDX3.0) Purpose_DEVICE_DRIVER Purpose = 8 // Device Driver purpose. (CDX1.5, SPDX3.0) Purpose_DOCUMENTATION Purpose = 9 // Documentation purpose. (SPDX3.0) Purpose_EVIDENCE Purpose = 10 // Evidence purpose. (SPDX3.0) Purpose_EXECUTABLE Purpose = 11 // Executable purpose. (SPDX3.0) Purpose_FILE Purpose = 12 // File purpose. (SPDX2.3, CDX1.5, SPDX3.0) Purpose_FIRMWARE Purpose = 13 // Firmware purpose. (SPDX2.3, CDX1.5, SPDX3.0) Purpose_FRAMEWORK Purpose = 14 // Framework purpose. (SPDX2.3, CDX1.5, SPDX3.0) Purpose_INSTALL Purpose = 15 // Install purpose. (SPDX2.3, SPDX3.0) Purpose_LIBRARY Purpose = 16 // Library purpose. (SPDX2.3, CDX1.5, SPDX3.0) Purpose_MACHINE_LEARNING_MODEL Purpose = 17 // Machine Learning Model purpose. (CDX1.5) Purpose_MANIFEST Purpose = 18 // Manifest purpose. (SPDX3.0) Purpose_MODEL Purpose = 19 // Model purpose. (SPDX3.0) Purpose_MODULE Purpose = 20 // Module purpose. (SPDX3.0) Purpose_OPERATING_SYSTEM Purpose = 21 // Operating System purpose. (SPDX2.3, CDX1.5, SPDX3.0) Purpose_OTHER Purpose = 22 // Other purpose. (SPDX2.3, SPDX3.0) Purpose_PATCH Purpose = 23 // Patch purpose. (SPDX3.0) Purpose_PLATFORM Purpose = 24 // Platform purpose. (SPDX2.3, CDX1.5, SPDX3.0) Purpose_REQUIREMENT Purpose = 25 // Requirement purpose. (SPDX3.0) Purpose_SOURCE Purpose = 26 // Source purpose. (SPDX2.3, SPDX3.0) Purpose_SPECIFICATION Purpose = 27 // Specification purpose. (SPDX3.0) Purpose_TEST Purpose = 28 // Test purpose. (SPDX3.0) )
func (Purpose) Descriptor ¶
func (Purpose) Descriptor() protoreflect.EnumDescriptor
func (Purpose) EnumDescriptor
deprecated
func (Purpose) Number ¶
func (x Purpose) Number() protoreflect.EnumNumber
func (Purpose) Type ¶
func (Purpose) Type() protoreflect.EnumType
type SoftwareIdentifierType ¶
type SoftwareIdentifierType int32
SoftwareIdentifierType represents different types of identifiers used for software entities within the Software Bill of Materials (SBOM).
const ( SoftwareIdentifierType_UNKNOWN_IDENTIFIER_TYPE SoftwareIdentifierType = 0 // Unknown software identifier type. SoftwareIdentifierType_PURL SoftwareIdentifierType = 1 // Package URL (PURL) identifier type. SoftwareIdentifierType_CPE22 SoftwareIdentifierType = 2 // Common Platform Enumeration (CPE) version 2.2 identifier type. SoftwareIdentifierType_CPE23 SoftwareIdentifierType = 3 // Common Platform Enumeration (CPE) version 2.3 identifier type. SoftwareIdentifierType_GITOID SoftwareIdentifierType = 4 // Git Object Identifier (OID) identifier type. )
func SoftwareIdentifierTypeFromSPDXExtRefType
deprecated
func SoftwareIdentifierTypeFromSPDXExtRefType(spdxType string) SoftwareIdentifierType
Deprecated: SoftwareIdentifierTypeFromSPDXExtRefType is deprecated and will be removed in an upcoming version. Please use SoftwareIdentifierTypeFromString for a unified approach to identifier resolution.
func SoftwareIdentifierTypeFromString ¶
func SoftwareIdentifierTypeFromString(queryString string) SoftwareIdentifierType
SoftwareIdentifierTypeFromString resolves a string into one of our built-in identifier types.
func (SoftwareIdentifierType) Descriptor ¶
func (SoftwareIdentifierType) Descriptor() protoreflect.EnumDescriptor
func (SoftwareIdentifierType) Enum ¶
func (x SoftwareIdentifierType) Enum() *SoftwareIdentifierType
func (SoftwareIdentifierType) EnumDescriptor
deprecated
func (SoftwareIdentifierType) EnumDescriptor() ([]byte, []int)
Deprecated: Use SoftwareIdentifierType.Descriptor instead.
func (SoftwareIdentifierType) Number ¶
func (x SoftwareIdentifierType) Number() protoreflect.EnumNumber
func (SoftwareIdentifierType) String ¶
func (x SoftwareIdentifierType) String() string
func (SoftwareIdentifierType) ToSPDX2Category ¶
func (i SoftwareIdentifierType) ToSPDX2Category() string
ToSPDX2Category converts the external reference type to its SPDX2 category.
func (SoftwareIdentifierType) ToSPDX2Type ¶
func (i SoftwareIdentifierType) ToSPDX2Type() string
ToSPDX2Type converts the external reference type to its SPDX2 equivalent.
func (SoftwareIdentifierType) Type ¶
func (SoftwareIdentifierType) Type() protoreflect.EnumType
type Tool ¶
type Tool struct { Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` // Name of the software tool. Version string `protobuf:"bytes,2,opt,name=version,proto3" json:"version,omitempty"` // Version of the software tool. Vendor string `protobuf:"bytes,3,opt,name=vendor,proto3" json:"vendor,omitempty"` // Vendor or creator of the software tool. // contains filtered or unexported fields }
Tool represents a software tool used in the creation or processing of the Software Bill of Materials (SBOM) document.
func (*Tool) Descriptor
deprecated
func (*Tool) GetVersion ¶
func (*Tool) ProtoMessage ¶
func (*Tool) ProtoMessage()
func (*Tool) ProtoReflect ¶
func (x *Tool) ProtoReflect() protoreflect.Message