-
Notifications
You must be signed in to change notification settings - Fork 10
/
package.go
123 lines (105 loc) · 2.87 KB
/
package.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
// SPDX-License-Identifier: Apache-2.0
package meta
import (
"crypto/sha1"
"crypto/sha256"
"crypto/sha512"
"encoding/hex"
"fmt"
"hash"
"strings"
"github.com/opensbom-generator/parsers/internal/license"
)
// Package is the package abstraction that the parsers return
type Package struct {
Version string `json:"version,omitempty"`
Name string `json:"name"`
Path string `json:"path,omitempty"`
LocalPath string `json:"dir"`
Supplier Supplier
PackageURL string `json:"purl"`
Checksum Checksum
PackageHomePage string `json:"homePage"`
PackageDownloadLocation string `json:"downloadLocation"`
LicenseConcluded string `json:"licenseConcluded"`
LicenseDeclared string `json:"licenseDeclared"`
CommentsLicense string `json:"licenseComments"`
OtherLicense []license.License
Copyright string `json:"copyright"`
PackageComment string `json:"comment"`
Root bool
Packages map[string]*Package
}
// TypeContact ...
type SupplierType string
const (
Person SupplierType = "Person"
Organization SupplierType = "Organization"
)
// Supplier abstracts the supplier of the package
type Supplier struct {
Type SupplierType
Name string
Email string
FuncGetSupplier func() string `json:"-"`
}
func (s *Supplier) emailIsEmpty() bool {
email := strings.ToLower(s.Email)
return (len(s.Email) == 0) ||
(strings.Compare(email, "none") == 0) ||
(strings.Compare(email, "unknown") == 0)
}
// Get default supplier based on Name value or let each plugin build its own logic
func (s *Supplier) Get() string {
if s.FuncGetSupplier != nil {
return s.FuncGetSupplier()
}
if s.Name == "" {
return ""
}
if s.Type == "" {
s.Type = Organization
}
pkgSupplier := fmt.Sprintf("%s: %s", s.Type, s.Name)
if !s.emailIsEmpty() {
pkgSupplier += fmt.Sprintf(" (%s)", s.Email)
}
return pkgSupplier
}
type Checksum struct {
Algorithm HashAlgorithm
Content []byte
Value string
}
func (c *Checksum) String() string {
if c.Value == "" {
c.Value = c.Compute(c.Content)
}
return c.Value
}
func (c *Checksum) Compute(content []byte) string {
var h hash.Hash
switch c.Algorithm {
case HashAlgoSHA256:
h = sha256.New()
case HashAlgoSHA512:
h = sha512.New()
default:
h = sha1.New()
}
h.Write(content)
return hex.EncodeToString(h.Sum(nil))
}
// HashAlgorithm ...
type HashAlgorithm string
const (
HashAlgoSHA1 HashAlgorithm = "SHA1"
HashAlgoSHA224 HashAlgorithm = "SHA224"
HashAlgoSHA256 HashAlgorithm = "SHA256"
HashAlgoSHA384 HashAlgorithm = "SHA384"
HashAlgoSHA512 HashAlgorithm = "SHA512"
HashAlgoMD2 HashAlgorithm = "MD2"
HashAlgoMD4 HashAlgorithm = "MD4"
HashAlgoMD5 HashAlgorithm = "MD5"
HashAlgoMD6 HashAlgorithm = "MD6"
)