Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Record package hashes in the generated SBOM #620

Merged
merged 9 commits into from
Feb 25, 2024
Merged

Record package hashes in the generated SBOM #620

merged 9 commits into from
Feb 25, 2024

Commits on Feb 18, 2024

  1. Minor refactoring in preparation for adding hash data 

    Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
    @Shnatsel
    Shnatsel committed Feb 18, 2024
    Configuration menu
    Copy the full SHA
    1e47d86 View commit details
    Browse the repository at this point in the history

  2. Add a function to locate the Cargo.lock given the path to Cargo.toml 

    Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
    @Shnatsel
    Shnatsel committed Feb 18, 2024
    Configuration menu
    Copy the full SHA
    999c606 View commit details
    Browse the repository at this point in the history

  3. Actually use the newly added function 

    Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
    @Shnatsel
    Shnatsel committed Feb 18, 2024
    Configuration menu
    Copy the full SHA
    12858b2 View commit details
    Browse the repository at this point in the history

  4. Add cargo-lock crate as a dependency 

    Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
    @Shnatsel
    Shnatsel committed Feb 18, 2024
    Configuration menu
    Copy the full SHA
    303d5a9 View commit details
    Browse the repository at this point in the history

  5. Add a conversion from Cargo.lock to a HashMap of PackageId to Checksum 

    Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
    @Shnatsel
    Shnatsel committed Feb 18, 2024
    Configuration menu
    Copy the full SHA
    c60b728 View commit details
    Browse the repository at this point in the history

  6. Implement conversion from cargo-lock hash format to cyclonedx-bom has… 

    …h format and wire up emitting the data to the final SBOM

Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
    @Shnatsel
    Shnatsel committed Feb 18, 2024
    Configuration menu
    Copy the full SHA
    56ac349 View commit details
    Browse the repository at this point in the history

  7. Add a comment 

    Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
    @Shnatsel
    Shnatsel committed Feb 18, 2024
    Configuration menu
    Copy the full SHA
    d1c9222 View commit details
    Browse the repository at this point in the history

  8. Proper error handling 

    Signed-off-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
    @Shnatsel
    Shnatsel committed Feb 18, 2024
    Configuration menu
    Copy the full SHA
    9ee9c10 View commit details
    Browse the repository at this point in the history

Commits on Feb 19, 2024

  1. Merge branch 'main' into hashes

    @Shnatsel
    Shnatsel committed Feb 19, 2024
    Configuration menu
    Copy the full SHA
    8497bef View commit details
    Browse the repository at this point in the history