/
url.go
64 lines (51 loc) · 1.31 KB
/
url.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
package pkg
import (
"sort"
"strings"
"github.com/nextlinux/packageurl-go"
"github.com/nextlinux/sbom/sbom/linux"
)
const (
PURLQualifierArch = "arch"
PURLQualifierDistro = "distro"
PURLQualifierEpoch = "epoch"
PURLQualifierVCSURL = "vcs_url"
// PURLQualifierUpstream this qualifier is not in the pURL spec, but is used by grype to perform indirect matching based on source information
PURLQualifierUpstream = "upstream"
purlCargoPkgType = "cargo"
purlGradlePkgType = "gradle"
)
func PURLQualifiers(vars map[string]string, release *linux.Release) (q packageurl.Qualifiers) {
keys := make([]string, 0, len(vars))
for k := range vars {
keys = append(keys, k)
}
sort.Strings(keys)
for _, k := range keys {
val := vars[k]
if val == "" {
continue
}
q = append(q, packageurl.Qualifier{
Key: k,
Value: vars[k],
})
}
distroQualifiers := []string{}
if release == nil {
return q
}
if release.ID != "" {
distroQualifiers = append(distroQualifiers, release.ID)
}
if release.VersionID != "" {
distroQualifiers = append(distroQualifiers, release.VersionID)
} else if release.BuildID != "" {
distroQualifiers = append(distroQualifiers, release.BuildID)
}
q = append(q, packageurl.Qualifier{
Key: PURLQualifierDistro,
Value: strings.Join(distroQualifiers, "-"),
})
return q
}