Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch '510-attach-sbomb-attestation' of https://github.com/anc…
…hore/syft into 510-attach-sbomb-attestation * '510-attach-sbomb-attestation' of https://github.com/anchore/syft: Upgrade install.sh to support installations for previous versions (#830) remove duplicate manifest lines (#828) bump stereoscope to include functional options (#823) update golang crypto library dependency (#815) deduplicate SPDX tag-value package IDs (#813) Add pURL generation for java packages + fix NPM pURL generation (#812)
- Loading branch information
Showing
25 changed files
with
264 additions
and
131 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
package java | ||
|
||
import ( | ||
"github.com/anchore/packageurl-go" | ||
"github.com/anchore/syft/syft/pkg" | ||
"github.com/anchore/syft/syft/pkg/cataloger/common/cpe" | ||
) | ||
|
||
// PackageURL returns the PURL for the specific java package (see https://github.com/package-url/purl-spec) | ||
func packageURL(p pkg.Package) string { | ||
var groupID = p.Name | ||
groupIDs := cpe.GroupIDsFromJavaPackage(p) | ||
if len(groupIDs) > 0 { | ||
groupID = groupIDs[0] | ||
} | ||
|
||
pURL := packageurl.NewPackageURL( | ||
packageurl.TypeMaven, // TODO: should we filter down by package types here? | ||
groupID, | ||
p.Name, | ||
p.Version, | ||
nil, // TODO: there are probably several qualifiers that can be specified here | ||
"") | ||
return pURL.ToString() | ||
} |
Oops, something went wrong.