From 7821ba9045c374cd839ed5f45c99b7fb5ba85af8 Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Sun, 11 Jun 2023 14:51:22 -0600 Subject: [PATCH 01/12] Updates dependencies --- go.mod | 14 +++++++------- go.sum | 28 ++++++++++++++-------------- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/go.mod b/go.mod index e75826e..8fdf450 100644 --- a/go.mod +++ b/go.mod @@ -5,25 +5,25 @@ go 1.20 require ( github.com/CycloneDX/cyclonedx-go v0.7.1 github.com/briandowns/spinner v1.23.0 - github.com/devops-kung-fu/common v0.2.5 + github.com/devops-kung-fu/common v0.2.6 github.com/gookit/color v1.5.3 github.com/jarcoal/httpmock v1.3.0 github.com/jedib0t/go-pretty/v6 v6.4.6 github.com/kirinlabs/HttpRequest v1.1.1 - github.com/microcosm-cc/bluemonday v1.0.23 + github.com/microcosm-cc/bluemonday v1.0.24 github.com/package-url/packageurl-go v0.1.0 github.com/remeh/sizedwaitgroup v1.0.0 github.com/spf13/afero v1.9.5 github.com/spf13/cobra v1.7.0 github.com/stretchr/testify v1.8.2 - k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 + k8s.io/utils v0.0.0-20230505201702-9f6742963106 ) require ( github.com/kr/pretty v0.3.0 // indirect github.com/rogpeppe/go-internal v1.8.0 // indirect golang.org/x/exp v0.0.0-20230202163644-54bba9f4231b // indirect - golang.org/x/term v0.7.0 // indirect + golang.org/x/term v0.8.0 // indirect ) require ( @@ -34,14 +34,14 @@ require ( github.com/gorilla/css v1.0.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.18 // indirect + github.com/mattn/go-isatty v0.0.19 // indirect github.com/mattn/go-runewidth v0.0.14 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/rivo/uniseg v0.4.4 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect - golang.org/x/net v0.9.0 // indirect - golang.org/x/sys v0.7.0 // indirect + golang.org/x/net v0.10.0 // indirect + golang.org/x/sys v0.8.0 // indirect golang.org/x/text v0.9.0 // indirect gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index 4651ee8..4d76df2 100644 --- a/go.sum +++ b/go.sum @@ -58,8 +58,8 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/devops-kung-fu/common v0.2.5 h1:Ktyp1vsE2iyQPbazSxkQ1CiUq29FblQk/fYPHa09AzA= -github.com/devops-kung-fu/common v0.2.5/go.mod h1:QV51eFibgEaYodlGnZgWd3IcZd+l44VQtULu6EheMV4= +github.com/devops-kung-fu/common v0.2.6 h1:HNL9suXELXHiSg7Ze0VinNkbngrBjovKYWPOckuarKc= +github.com/devops-kung-fu/common v0.2.6/go.mod h1:ZLp6W5ewDWxmx45KF/Oj3IfJ3EhRALBkcfqLQnz23OU= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -158,14 +158,14 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.18 h1:DOKFKCQ7FNG2L1rbrmstDN4QVRdS89Nkh85u68Uwp98= -github.com/mattn/go-isatty v0.0.18/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= +github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/maxatome/go-testdeep v1.12.0 h1:Ql7Go8Tg0C1D/uMMX59LAoYK7LffeJQ6X2T04nTH68g= -github.com/microcosm-cc/bluemonday v1.0.23 h1:SMZe2IGa0NuHvnVNAZ+6B38gsTbi5e4sViiWJyDDqFY= -github.com/microcosm-cc/bluemonday v1.0.23/go.mod h1:mN70sk7UkkF8TUr2IGBpNN0jAgStuPzlK76QuruE/z4= +github.com/microcosm-cc/bluemonday v1.0.24 h1:NGQoPtwGVcbGkKfvyYk1yRqknzBuoMiUrO6R7uFTPlw= +github.com/microcosm-cc/bluemonday v1.0.24/go.mod h1:ArQySAMps0790cHSkdPEJ7bGkF2VePWH773hsJNSHf8= github.com/package-url/packageurl-go v0.1.0 h1:efWBc98O/dBZRg1pw2xiDzovnlMjCa9NPnfaiBduh8I= github.com/package-url/packageurl-go v0.1.0/go.mod h1:C/ApiuWpmbpni4DIOECf6WCjFUZV7O1Fx7VAzrZHgBw= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= @@ -288,8 +288,8 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM= -golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= +golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -347,11 +347,11 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.7.0 h1:BEvjmm5fURWqcfbSKTdpkDXYBrUS1c0m8agp14W48vQ= -golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= +golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols= +golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -520,8 +520,8 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20230505201702-9f6742963106 h1:EObNQ3TW2D+WptiYXlApGNLVy0zm/JIBVY9i+M4wpAU= +k8s.io/utils v0.0.0-20230505201702-9f6742963106/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= From 8e06bc02d30c2a65710b1c07fffa4d6b9b929365 Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Sun, 11 Jun 2023 15:31:41 -0600 Subject: [PATCH 02/12] Flags added, return codes on os.Exit --- .vscode/launch.json | 4 ++-- cmd/scan.go | 9 +++++++-- lib/util.go | 32 +++++++++++++++++++++++++++----- models/constants.go | 11 +++++++++++ 4 files changed, 47 insertions(+), 9 deletions(-) create mode 100644 models/constants.go diff --git a/.vscode/launch.json b/.vscode/launch.json index 0dc6220..90480be 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -32,12 +32,12 @@ "args": ["--provider=ossindex", "--debug=true", "scan", "./_TESTDATA_/sbom"] }, { - "name": "Debug File (OSS Index - juiceshop)", + "name": "Debug File (OSS Index - juiceshop, fail = moderate)", "type": "go", "request": "launch", "mode": "auto", "program": "${workspaceFolder}/main.go", - "args": ["--debug=true", "--provider=ossindex", "scan", "./_TESTDATA_/sbom/juiceshop.cyclonedx.json"] + "args": ["--debug=true", "--fail=moderate", "--provider=ossindex", "scan", "./_TESTDATA_/sbom/juiceshop.cyclonedx.json"] }, { "name": "Debug File (OSV- cargo-valid)", diff --git a/cmd/scan.go b/cmd/scan.go index 8a61c68..42b8e0b 100644 --- a/cmd/scan.go +++ b/cmd/scan.go @@ -29,6 +29,7 @@ var ( renderer models.Renderer provider models.Provider ignoreFile string + failSeverity string // summary, detailed bool scanCmd = &cobra.Command{ @@ -118,8 +119,7 @@ var ( } vulnCount := 0 for _, r := range response { - vulns := len(r.Vulnerabilities) - vulnCount += vulns + vulnCount += len(r.Vulnerabilities) for _, v := range r.Vulnerabilities { lib.AdjustSummary(v.Severity, &severitySummary) } @@ -128,6 +128,10 @@ var ( if err = renderer.Render(results); err != nil { log.Println(err) } + if failSeverity != "" { + log.Printf("fail severity: %x\n", int(lib.ParseFailSeverity(failSeverity))) + os.Exit(int(lib.ParseFailSeverity(failSeverity))) + } } else { util.PrintInfo("No packages were detected. Nothing has been scanned.") @@ -143,4 +147,5 @@ func init() { scanCmd.PersistentFlags().StringVar(&credentials.Token, "token", "", "the API token for the provider being used.") scanCmd.PersistentFlags().StringVar(&providerName, "provider", "osv", "the vulnerability provider (ossindex, osv).") scanCmd.PersistentFlags().StringVar(&ignoreFile, "ignore-file", "", "an optional file containing CVEs to ignore when rendering output.") + scanCmd.PersistentFlags().StringVar(&failSeverity, "fail", "undefined", "anything above this severity will be returned with non-zero error code.") } diff --git a/lib/util.go b/lib/util.go index 08b79a8..4eb07a5 100644 --- a/lib/util.go +++ b/lib/util.go @@ -9,13 +9,15 @@ import ( // Rating takes a CVSS score as input and returns a rating string based on the score func Rating(score float64) string { switch { - case score > 0 && score <= 3.9: + case score == 0.0: + return "UNSPECIFIED" + case score <= 3.9: return "LOW" - case score >= 4.0 && score <= 6.9: + case score <= 6.9: return "MODERATE" - case score >= 7.0 && score <= 8.9: + case score <= 8.9: return "HIGH" - case score >= 9.0 && score <= 10.0: + case score <= 10.0: return "CRITICAL" default: return "UNSPECIFIED" @@ -24,7 +26,9 @@ func Rating(score float64) string { // AdjustSummary takes a severity string and a pointer to a Summary struct as input, and increments the corresponding severity count in the struct. func AdjustSummary(severity string, summary *models.Summary) { - switch strings.ToUpper(severity) { + severity = strings.ToUpper(severity) + + switch severity { case "LOW": summary.Low++ case "MODERATE": @@ -37,3 +41,21 @@ func AdjustSummary(severity string, summary *models.Summary) { summary.Unspecified++ } } + +// ParseFailSeverity takes a string and returns a FailSeverity enum +func ParseFailSeverity(s string) models.FailSeverity { + s = strings.ToLower(s) + + switch s { + case "low": + return models.LOW + case "moderate": + return models.MODERATE + case "high": + return models.HIGH + case "critical": + return models.CRITICAL + default: + return models.UNDEFINED + } +} diff --git a/models/constants.go b/models/constants.go new file mode 100644 index 0000000..cfaa11f --- /dev/null +++ b/models/constants.go @@ -0,0 +1,11 @@ +package models + +type FailSeverity int + +const ( + UNDEFINED FailSeverity = 10 + LOW FailSeverity = 11 + MODERATE FailSeverity = 12 + HIGH FailSeverity = 13 + CRITICAL FailSeverity = 14 +) From fb59d713ff7880379d0ea5cb07edf901f9f0c352 Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Sun, 11 Jun 2023 16:11:46 -0600 Subject: [PATCH 03/12] Filtering done implemented --- .vscode/launch.json | 2 +- cmd/scan.go | 14 ++++++++++++++ lib/enrichment/epss.go | 15 ++++++++------- lib/util.go | 18 ++++++++++++++++++ 4 files changed, 41 insertions(+), 8 deletions(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index 90480be..856d350 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -37,7 +37,7 @@ "request": "launch", "mode": "auto", "program": "${workspaceFolder}/main.go", - "args": ["--debug=true", "--fail=moderate", "--provider=ossindex", "scan", "./_TESTDATA_/sbom/juiceshop.cyclonedx.json"] + "args": ["--debug=true", "--fail=critical", "--provider=ossindex", "scan", "./_TESTDATA_/sbom/juiceshop.cyclonedx.json"] }, { "name": "Debug File (OSV- cargo-valid)", diff --git a/cmd/scan.go b/cmd/scan.go index 42b8e0b..b91e46f 100644 --- a/cmd/scan.go +++ b/cmd/scan.go @@ -100,6 +100,20 @@ var ( } } + //Get rid of the packages that have a vulnerability lower than its fail severity + if failSeverity != "" { + for i, p := range response { + vulns := []models.Vulnerability{} + for _, v := range p.Vulnerabilities { + fs := int(lib.ParseFailSeverity(failSeverity)) + vs := lib.ParseSeverity(v.Severity) + if vs >= fs { + vulns = append(vulns, v) + } + } + response[i].Vulnerabilities = vulns + } + } for i, p := range response { enrichedVulnerabilities, _ := enrichment.Enrich(p.Vulnerabilities) response[i].Vulnerabilities = enrichedVulnerabilities diff --git a/lib/enrichment/epss.go b/lib/enrichment/epss.go index dd2c57f..7594b29 100644 --- a/lib/enrichment/epss.go +++ b/lib/enrichment/epss.go @@ -15,11 +15,12 @@ import ( const epssBaseURL = "https://api.first.org/data/v1/epss?cve=" // Enrich adds epss score data to vulnerabilities -func Enrich(vulnerabilities []models.Vulnerability) (enriched []models.Vulnerability, err error) { - identifiers := []string{} - for _, v := range vulnerabilities { - identifiers = append(identifiers, v.Cve) +func Enrich(vulnerabilities []models.Vulnerability) ([]models.Vulnerability, error) { + identifiers := make([]string, len(vulnerabilities)) + for i, v := range vulnerabilities { + identifiers[i] = v.Cve } + req := HttpRequest.NewRequest() resp, _ := req.JSON().Get(fmt.Sprintf("%s%s", epssBaseURL, strings.Join(identifiers, ","))) defer func() { @@ -31,8 +32,8 @@ func Enrich(vulnerabilities []models.Vulnerability) (enriched []models.Vulnerabi body, _ := resp.Body() if resp.StatusCode() == 200 { var epss models.Epss - if err = json.Unmarshal(body, &epss); err != nil { - return + if err := json.Unmarshal(body, &epss); err != nil { + return nil, err } log.Println("EPSS response total:", epss.Total) @@ -45,5 +46,5 @@ func Enrich(vulnerabilities []models.Vulnerability) (enriched []models.Vulnerabi } return vulnerabilities, nil } - return + return nil, nil } diff --git a/lib/util.go b/lib/util.go index 4eb07a5..5eca455 100644 --- a/lib/util.go +++ b/lib/util.go @@ -42,6 +42,24 @@ func AdjustSummary(severity string, summary *models.Summary) { } } +// ParseSeverity takes a severity string and returns an int +func ParseSeverity(severity string) int { + severity = strings.ToUpper(severity) + + switch severity { + case "LOW": + return 11 + case "MODERATE": + return 12 + case "HIGH": + return 13 + case "CRITICAL": + return 14 + default: + return 10 + } +} + // ParseFailSeverity takes a string and returns a FailSeverity enum func ParseFailSeverity(s string) models.FailSeverity { s = strings.ToLower(s) From 6e230011691c40d748bdd749ea3c994d291619b9 Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Mon, 17 Jul 2023 14:22:02 -0600 Subject: [PATCH 04/12] Adds more test coverage --- .hookz.yaml | 4 ++ go.mod | 14 +++--- go.sum | 28 ++++++------ lib/filters/purl_test.go | 44 +++++++++++++++++++ lib/util_test.go | 88 +++++++++++++++++++++++++++++++++++++ renderers/html/html_test.go | 5 +++ 6 files changed, 162 insertions(+), 21 deletions(-) create mode 100644 lib/filters/purl_test.go diff --git a/.hookz.yaml b/.hookz.yaml index 1510a0e..766d336 100644 --- a/.hookz.yaml +++ b/.hookz.yaml @@ -5,6 +5,7 @@ - source: github.com/kisielk/errcheck@latest - source: honnef.co/go/tools/cmd/staticcheck@latest - source: github.com/fzipp/gocyclo/cmd/gocyclo@latest + - source: golang.org/x/vuln/cmd/govulncheck@latest hooks: - type: pre-commit actions: @@ -26,6 +27,9 @@ - name: "errcheck: Ensure that errors are checked" exec: errcheck args: ["-ignoretests", "./..."] + - name: "govulncheck: Check for vulnerabilities" + exec: govulncheck + args: ["./..."] - name: "gocyclo: Check cyclomatic complexities" exec: gocyclo args: ["-over", "13", "."] diff --git a/go.mod b/go.mod index 8fdf450..ba52b8c 100644 --- a/go.mod +++ b/go.mod @@ -11,26 +11,26 @@ require ( github.com/jedib0t/go-pretty/v6 v6.4.6 github.com/kirinlabs/HttpRequest v1.1.1 github.com/microcosm-cc/bluemonday v1.0.24 - github.com/package-url/packageurl-go v0.1.0 + github.com/package-url/packageurl-go v0.1.1 github.com/remeh/sizedwaitgroup v1.0.0 github.com/spf13/afero v1.9.5 github.com/spf13/cobra v1.7.0 github.com/stretchr/testify v1.8.2 - k8s.io/utils v0.0.0-20230505201702-9f6742963106 + k8s.io/utils v0.0.0-20230711102312-30195339c3c7 ) require ( github.com/kr/pretty v0.3.0 // indirect github.com/rogpeppe/go-internal v1.8.0 // indirect golang.org/x/exp v0.0.0-20230202163644-54bba9f4231b // indirect - golang.org/x/term v0.8.0 // indirect + golang.org/x/term v0.10.0 // indirect ) require ( github.com/aymerick/douceur v0.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/fatih/color v1.15.0 // indirect - github.com/gomarkdown/markdown v0.0.0-20230322041520-c84983bdbf2a + github.com/gomarkdown/markdown v0.0.0-20230716120725-531d2d74bc12 github.com/gorilla/css v1.0.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect @@ -40,9 +40,9 @@ require ( github.com/rivo/uniseg v0.4.4 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect - golang.org/x/net v0.10.0 // indirect - golang.org/x/sys v0.8.0 // indirect - golang.org/x/text v0.9.0 // indirect + golang.org/x/net v0.12.0 // indirect + golang.org/x/sys v0.10.0 // indirect + golang.org/x/text v0.11.0 // indirect gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 4d76df2..31509e3 100644 --- a/go.sum +++ b/go.sum @@ -96,8 +96,8 @@ github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvq github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/gomarkdown/markdown v0.0.0-20230322041520-c84983bdbf2a h1:AWZzzFrqyjYlRloN6edwTLTUbKxf5flLXNuTBDm3Ews= -github.com/gomarkdown/markdown v0.0.0-20230322041520-c84983bdbf2a/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA= +github.com/gomarkdown/markdown v0.0.0-20230716120725-531d2d74bc12 h1:uK3X/2mt4tbSGoHvbLBHUny7CKiuwUip3MArtukol4E= +github.com/gomarkdown/markdown v0.0.0-20230716120725-531d2d74bc12/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -166,8 +166,8 @@ github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh github.com/maxatome/go-testdeep v1.12.0 h1:Ql7Go8Tg0C1D/uMMX59LAoYK7LffeJQ6X2T04nTH68g= github.com/microcosm-cc/bluemonday v1.0.24 h1:NGQoPtwGVcbGkKfvyYk1yRqknzBuoMiUrO6R7uFTPlw= github.com/microcosm-cc/bluemonday v1.0.24/go.mod h1:ArQySAMps0790cHSkdPEJ7bGkF2VePWH773hsJNSHf8= -github.com/package-url/packageurl-go v0.1.0 h1:efWBc98O/dBZRg1pw2xiDzovnlMjCa9NPnfaiBduh8I= -github.com/package-url/packageurl-go v0.1.0/go.mod h1:C/ApiuWpmbpni4DIOECf6WCjFUZV7O1Fx7VAzrZHgBw= +github.com/package-url/packageurl-go v0.1.1 h1:KTRE0bK3sKbFKAk3yy63DpeskU7Cvs/x/Da5l+RtzyU= +github.com/package-url/packageurl-go v0.1.1/go.mod h1:uQd4a7Rh3ZsVg5j0lNyAfyxIeGde9yrlhjF78GzeW0c= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/profile v1.6.0/go.mod h1:qBsxPvzyUincmltOk6iyRVxHYg4adc0OFOv72ZdLa18= @@ -288,8 +288,8 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50= +golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -347,11 +347,11 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA= +golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= +golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c= +golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -360,8 +360,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4= +golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -520,8 +520,8 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/utils v0.0.0-20230505201702-9f6742963106 h1:EObNQ3TW2D+WptiYXlApGNLVy0zm/JIBVY9i+M4wpAU= -k8s.io/utils v0.0.0-20230505201702-9f6742963106/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20230711102312-30195339c3c7 h1:ZgnF1KZsYxWIifwSNZFZgNtWE89WI5yiP5WwlfDoIyc= +k8s.io/utils v0.0.0-20230711102312-30195339c3c7/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/lib/filters/purl_test.go b/lib/filters/purl_test.go new file mode 100644 index 0000000..f7506a6 --- /dev/null +++ b/lib/filters/purl_test.go @@ -0,0 +1,44 @@ +package filters + +import ( + "testing" + + "github.com/stretchr/testify/assert" + + "github.com/devops-kung-fu/bomber/models" +) + +func TestSanitize(t *testing.T) { + // Input test data + purls := []string{ + "pkg:github.com/user/repo", + "file:/path/to/file", + "pkg:github.com/user/repo/file", + "file:/path/to/another/file", + } + + // Expected output + expectedSanitized := []string{ + "pkg:github.com/user/repo", + "pkg:github.com/user/repo/file", + } + expectedIssues := []models.Issue{ + { + IssueType: "InvalidPackageURL", + Message: "Ignoring an invalid package URL", + Purl: "file:/path/to/file", + }, + { + IssueType: "InvalidPackageURL", + Message: "Ignoring an invalid package URL", + Purl: "file:/path/to/another/file", + }, + } + + // Call the function + sanitized, issues := Sanitize(purls) + + // Assert the results + assert.ElementsMatch(t, expectedSanitized, sanitized) + assert.ElementsMatch(t, expectedIssues, issues) +} diff --git a/lib/util_test.go b/lib/util_test.go index 921349c..68a2979 100644 --- a/lib/util_test.go +++ b/lib/util_test.go @@ -48,3 +48,91 @@ func TestAdjustSummary(t *testing.T) { AdjustSummary("UNSPECIFIED", &summary) assert.Equal(t, summary.Unspecified, 2) } + +func TestParseSeverity(t *testing.T) { + t.Run("Valid severity: low", func(t *testing.T) { + severity := "low" + expected := 11 + result := ParseSeverity(severity) + assert.Equal(t, expected, result) + }) + + t.Run("Valid severity: moderate", func(t *testing.T) { + severity := "moderate" + expected := 12 + result := ParseSeverity(severity) + assert.Equal(t, expected, result) + }) + + t.Run("Valid severity: high", func(t *testing.T) { + severity := "high" + expected := 13 + result := ParseSeverity(severity) + assert.Equal(t, expected, result) + }) + + t.Run("Valid severity: critical", func(t *testing.T) { + severity := "critical" + expected := 14 + result := ParseSeverity(severity) + assert.Equal(t, expected, result) + }) + + t.Run("Invalid severity: undefined", func(t *testing.T) { + severity := "invalid" + expected := 10 + result := ParseSeverity(severity) + assert.Equal(t, expected, result) + }) + + t.Run("Mixed case severity: moderate", func(t *testing.T) { + severity := "MoDerAte" + expected := 12 + result := ParseSeverity(severity) + assert.Equal(t, expected, result) + }) +} + +func TestParseFailSeverity(t *testing.T) { + t.Run("Valid severity: low", func(t *testing.T) { + s := "low" + expected := models.LOW + result := ParseFailSeverity(s) + assert.Equal(t, expected, result) + }) + + t.Run("Valid severity: moderate", func(t *testing.T) { + s := "moderate" + expected := models.MODERATE + result := ParseFailSeverity(s) + assert.Equal(t, expected, result) + }) + + t.Run("Valid severity: high", func(t *testing.T) { + s := "high" + expected := models.HIGH + result := ParseFailSeverity(s) + assert.Equal(t, expected, result) + }) + + t.Run("Valid severity: critical", func(t *testing.T) { + s := "critical" + expected := models.CRITICAL + result := ParseFailSeverity(s) + assert.Equal(t, expected, result) + }) + + t.Run("Invalid severity: undefined", func(t *testing.T) { + s := "invalid" + expected := models.UNDEFINED + result := ParseFailSeverity(s) + assert.Equal(t, expected, result) + }) + + t.Run("Mixed case severity: moderate", func(t *testing.T) { + s := "MoDerAte" + expected := models.MODERATE + result := ParseFailSeverity(s) + assert.Equal(t, expected, result) + }) +} diff --git a/renderers/html/html_test.go b/renderers/html/html_test.go index ebc4771..dcb0094 100644 --- a/renderers/html/html_test.go +++ b/renderers/html/html_test.go @@ -2,6 +2,7 @@ package html import ( "fmt" + "os" "testing" "github.com/devops-kung-fu/common/util" @@ -20,6 +21,10 @@ func Test_writeTemplate(t *testing.T) { b, err := afs.ReadFile("test.html") assert.NotNil(t, b) assert.NoError(t, err) + + info, err := afs.Stat("test.html") + assert.NoError(t, err) + assert.Equal(t, os.FileMode(0777), info.Mode().Perm()) } func Test_genTemplate(t *testing.T) { From 59ccb061b20b1343a65edfea674024f0d06cd8e4 Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Wed, 18 Oct 2023 19:57:54 -0600 Subject: [PATCH 05/12] Fixes snyk test issues --- .github/workflows/release.yml | 2 +- .hookz.yaml | 6 --- go.mod | 34 +++++++++-------- go.sum | 72 +++++++++++++++++++---------------- providers/snyk/vulns_test.go | 4 +- 5 files changed, 60 insertions(+), 58 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 33bf774..e905c7f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,7 +21,7 @@ jobs: name: Set up Go uses: actions/setup-go@v4 with: - go-version: '1.20' + go-version: '1.21' check-latest: true - run: go version - diff --git a/.hookz.yaml b/.hookz.yaml index 766d336..b596788 100644 --- a/.hookz.yaml +++ b/.hookz.yaml @@ -1,6 +1,5 @@ version: 2.4.0 sources: - - source: github.com/anchore/syft/cmd/syft@latest - source: github.com/devops-kung-fu/hinge@latest - source: github.com/kisielk/errcheck@latest - source: honnef.co/go/tools/cmd/staticcheck@latest @@ -45,11 +44,6 @@ - name: "go: Test coverage" exec: go args: ["tool", "cover", "-func=coverage.out"] - # - name: "syft: Generate a Software Bill of Materials (SBoM)" - # script: " - # #!/bin/bash \n - # syft . -o cyclonedx-json=sbom/bomber.cyclonedx.json &> /dev/null \n - # " - name: "git: Add all changed files during the pre-commit stage" exec: git args: ["add", "."] \ No newline at end of file diff --git a/go.mod b/go.mod index ba52b8c..36513c3 100644 --- a/go.mod +++ b/go.mod @@ -1,48 +1,50 @@ module github.com/devops-kung-fu/bomber -go 1.20 +go 1.21 + +toolchain go1.21.3 require ( - github.com/CycloneDX/cyclonedx-go v0.7.1 + github.com/CycloneDX/cyclonedx-go v0.7.2 github.com/briandowns/spinner v1.23.0 github.com/devops-kung-fu/common v0.2.6 - github.com/gookit/color v1.5.3 + github.com/gookit/color v1.5.4 github.com/jarcoal/httpmock v1.3.0 - github.com/jedib0t/go-pretty/v6 v6.4.6 + github.com/jedib0t/go-pretty/v6 v6.4.8 github.com/kirinlabs/HttpRequest v1.1.1 - github.com/microcosm-cc/bluemonday v1.0.24 - github.com/package-url/packageurl-go v0.1.1 + github.com/microcosm-cc/bluemonday v1.0.26 + github.com/package-url/packageurl-go v0.1.2 github.com/remeh/sizedwaitgroup v1.0.0 - github.com/spf13/afero v1.9.5 + github.com/spf13/afero v1.10.0 github.com/spf13/cobra v1.7.0 - github.com/stretchr/testify v1.8.2 - k8s.io/utils v0.0.0-20230711102312-30195339c3c7 + github.com/stretchr/testify v1.8.4 + k8s.io/utils v0.0.0-20230726121419-3b25d923346b ) require ( github.com/kr/pretty v0.3.0 // indirect github.com/rogpeppe/go-internal v1.8.0 // indirect golang.org/x/exp v0.0.0-20230202163644-54bba9f4231b // indirect - golang.org/x/term v0.10.0 // indirect + golang.org/x/term v0.13.0 // indirect ) require ( github.com/aymerick/douceur v0.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/fatih/color v1.15.0 // indirect - github.com/gomarkdown/markdown v0.0.0-20230716120725-531d2d74bc12 + github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386 github.com/gorilla/css v1.0.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.19 // indirect - github.com/mattn/go-runewidth v0.0.14 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-runewidth v0.0.15 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/rivo/uniseg v0.4.4 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect - golang.org/x/net v0.12.0 // indirect - golang.org/x/sys v0.10.0 // indirect - golang.org/x/text v0.11.0 // indirect + golang.org/x/net v0.17.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 31509e3..e66d339 100644 --- a/go.sum +++ b/go.sum @@ -38,11 +38,12 @@ cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3f dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/CycloneDX/cyclonedx-go v0.7.1 h1:5w1SxjGm9MTMNTuRbEPyw21ObdbaagTWF/KfF0qHTRE= -github.com/CycloneDX/cyclonedx-go v0.7.1/go.mod h1:N/nrdWQI2SIjaACyyDs/u7+ddCkyl/zkNs8xFsHF2Ps= +github.com/CycloneDX/cyclonedx-go v0.7.2 h1:kKQ0t1dPOlugSIYVOMiMtFqeXI2wp/f5DBIdfux8gnQ= +github.com/CycloneDX/cyclonedx-go v0.7.2/go.mod h1:K2bA+324+Og0X84fA8HhN2X066K7Bxz4rpMQ4ZhjtSk= github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk= github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4= github.com/bradleyjkemp/cupaloy/v2 v2.8.0 h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M= +github.com/bradleyjkemp/cupaloy/v2 v2.8.0/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0= github.com/briandowns/spinner v1.23.0 h1:alDF2guRWqa/FOZZYWjlMIx2L6H0wyewPxo/CH4Pt2A= github.com/briandowns/spinner v1.23.0/go.mod h1:rPG4gmXeN3wQV/TsAY4w8lPdIM6RX3yqeBQJSrbXjuE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= @@ -96,8 +97,8 @@ github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvq github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/gomarkdown/markdown v0.0.0-20230716120725-531d2d74bc12 h1:uK3X/2mt4tbSGoHvbLBHUny7CKiuwUip3MArtukol4E= -github.com/gomarkdown/markdown v0.0.0-20230716120725-531d2d74bc12/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA= +github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386 h1:EcQR3gusLHN46TAD+G+EbaaqJArt5vHhNpXAa12PQf4= +github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -127,8 +128,8 @@ github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= -github.com/gookit/color v1.5.3 h1:twfIhZs4QLCtimkP7MOxlF3A0U/5cDPseRT9M/+2SCE= -github.com/gookit/color v1.5.3/go.mod h1:NUzwzeehUfl7GIb36pqId+UGmRfQcU/WiiyTTeNjHtE= +github.com/gookit/color v1.5.4 h1:FZmqs7XOyGgCAxmWyPslpiok1k05wmY3SJTytgvYFs0= +github.com/gookit/color v1.5.4/go.mod h1:pZJOeOS8DM43rXbp4AZo1n9zCU2qjpcRko0b6/QJi9w= github.com/gorilla/css v1.0.0 h1:BQqNyPTi50JCFMTw/b67hByjMVXZRwGha6wxVGkeihY= github.com/gorilla/css v1.0.0/go.mod h1:Dn721qIggHpt4+EFCcTLTU/vk5ySda2ReITrtgBl60c= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= @@ -139,8 +140,8 @@ github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jarcoal/httpmock v1.3.0 h1:2RJ8GP0IIaWwcC9Fp2BmVi8Kog3v2Hn7VXM3fTd+nuc= github.com/jarcoal/httpmock v1.3.0/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg= -github.com/jedib0t/go-pretty/v6 v6.4.6 h1:v6aG9h6Uby3IusSSEjHaZNXpHFhzqMmjXcPq1Rjl9Jw= -github.com/jedib0t/go-pretty/v6 v6.4.6/go.mod h1:Ndk3ase2CkQbXLLNf5QDHoYb6J9WtVfmHZu9n8rk2xs= +github.com/jedib0t/go-pretty/v6 v6.4.8 h1:HiNzyMSEpsBaduKhmK+CwcpulEeBrTmxutz4oX/oWkg= +github.com/jedib0t/go-pretty/v6 v6.4.8/go.mod h1:Ndk3ase2CkQbXLLNf5QDHoYb6J9WtVfmHZu9n8rk2xs= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/kirinlabs/HttpRequest v1.1.1 h1:eBbFzpRd/Y7vQhRY30frHK3yAJiT1wDlB31Ryzyklc0= @@ -158,16 +159,17 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= -github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= -github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= -github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= +github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/maxatome/go-testdeep v1.12.0 h1:Ql7Go8Tg0C1D/uMMX59LAoYK7LffeJQ6X2T04nTH68g= -github.com/microcosm-cc/bluemonday v1.0.24 h1:NGQoPtwGVcbGkKfvyYk1yRqknzBuoMiUrO6R7uFTPlw= -github.com/microcosm-cc/bluemonday v1.0.24/go.mod h1:ArQySAMps0790cHSkdPEJ7bGkF2VePWH773hsJNSHf8= -github.com/package-url/packageurl-go v0.1.1 h1:KTRE0bK3sKbFKAk3yy63DpeskU7Cvs/x/Da5l+RtzyU= -github.com/package-url/packageurl-go v0.1.1/go.mod h1:uQd4a7Rh3ZsVg5j0lNyAfyxIeGde9yrlhjF78GzeW0c= +github.com/maxatome/go-testdeep v1.12.0/go.mod h1:lPZc/HAcJMP92l7yI6TRz1aZN5URwUBUAfUNvrclaNM= +github.com/microcosm-cc/bluemonday v1.0.26 h1:xbqSvqzQMeEHCqMi64VAs4d8uy6Mequs3rQ0k/Khz58= +github.com/microcosm-cc/bluemonday v1.0.26/go.mod h1:JyzOCs9gkyQyjs+6h10UEVSe02CGwkhd72Xdqh78TWs= +github.com/package-url/packageurl-go v0.1.2 h1:0H2DQt6DHd/NeRlVwW4EZ4oEI6Bn40XlNPRqegcxuo4= +github.com/package-url/packageurl-go v0.1.2/go.mod h1:uQd4a7Rh3ZsVg5j0lNyAfyxIeGde9yrlhjF78GzeW0c= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/profile v1.6.0/go.mod h1:qBsxPvzyUincmltOk6iyRVxHYg4adc0OFOv72ZdLa18= @@ -185,23 +187,29 @@ github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTE github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8= github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/spf13/afero v1.9.5 h1:stMpOSZFs//0Lv29HduCmli3GUfpFoF3Y1Q/aXj/wVM= -github.com/spf13/afero v1.9.5/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= +github.com/spf13/afero v1.10.0 h1:EaGW2JJh15aKOejeuJ+wpFSHnbd7GE6Wvp3TsNhb6LY= +github.com/spf13/afero v1.10.0/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.4/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= -github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/terminalstatic/go-xsd-validate v0.1.5 h1:RqpJnf6HGE2CB/lZB1A8BYguk8uRtcvYAPLCF15qguo= +github.com/terminalstatic/go-xsd-validate v0.1.5/go.mod h1:18lsvYFofBflqCrvo1umpABZ99+GneNTw2kEEc8UPJw= +github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f h1:J9EGpcZtP0E/raorCMxlFGSTBrsSlaDGf3jU/qvAE2c= +github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= +github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= +github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no= github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -288,8 +296,8 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50= -golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -347,11 +355,11 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA= -golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c= -golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= +golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -360,8 +368,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4= -golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -520,8 +528,8 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/utils v0.0.0-20230711102312-30195339c3c7 h1:ZgnF1KZsYxWIifwSNZFZgNtWE89WI5yiP5WwlfDoIyc= -k8s.io/utils v0.0.0-20230711102312-30195339c3c7/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/providers/snyk/vulns_test.go b/providers/snyk/vulns_test.go index 021c2cb..74007ab 100644 --- a/providers/snyk/vulns_test.go +++ b/providers/snyk/vulns_test.go @@ -75,7 +75,6 @@ func TestGetVulnsForPurlInvalidPurl(t *testing.T) { vulns, err := getVulnsForPurl("foobar", newClient(&models.Credentials{}), orgID) assert.Error(t, err) - assert.Equal(t, "invalid purl: scheme is missing", err.Error()) assert.Nil(t, vulns) } @@ -186,8 +185,7 @@ func TestSnykIssueToBomberVulnOtherSeverity(t *testing.T) { func TestValidatePurl(t *testing.T) { t.Run("should raise error for invalid purl", func(t *testing.T) { err := validatePurl("foobar") - - assert.Equal(t, "invalid purl: scheme is missing", err.Error()) + assert.Error(t, err) }) t.Run("should not raise error for valid purl", func(t *testing.T) { From d44063f0a2bde7da90ae02873c4af5aebee3d464 Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Mon, 23 Oct 2023 19:33:38 -0600 Subject: [PATCH 06/12] Changes to OSV API --- providers/osv/osv.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/providers/osv/osv.go b/providers/osv/osv.go index cbd1dc8..d1bef84 100644 --- a/providers/osv/osv.go +++ b/providers/osv/osv.go @@ -19,7 +19,6 @@ type Provider struct{} // Query is used for the request sent to the OSV type Query struct { - Version string `json:"version"` Package PackageClass `json:"package"` } @@ -56,9 +55,7 @@ type AffectedDatabaseSpecific struct { } type PackageClass struct { - Name string `json:"name,omitempty"` - Ecosystem string `json:"ecosystem,omitempty"` - Purl string `json:"purl,omitempty"` + Purl string `json:"purl,omitempty"` } type Range struct { @@ -127,10 +124,12 @@ func (Provider) Scan(purls []string, credentials *models.Credentials) (packages return } if len(response.Vulns) > 0 { + log.Print("*** Vulnerabilities detected...") pkg := models.Package{ Purl: pp, } for _, v := range response.Vulns { + log.Printf("*** %s...", v.Summary) vuln := models.Vulnerability{ ID: strings.Join(v.Aliases, ","), Title: v.Summary, From d2b3934ec046028e98d9fc4ec27872265728a5bb Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Mon, 23 Oct 2023 19:46:40 -0600 Subject: [PATCH 07/12] Fixes issue with OSV provider API call --- providers/osv/osv.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/providers/osv/osv.go b/providers/osv/osv.go index d1bef84..9ffc420 100644 --- a/providers/osv/osv.go +++ b/providers/osv/osv.go @@ -129,7 +129,7 @@ func (Provider) Scan(purls []string, credentials *models.Credentials) (packages Purl: pp, } for _, v := range response.Vulns { - log.Printf("*** %s...", v.Summary) + log.Printf("*** %s - %s...", strings.Join(v.Aliases, ","), v.Summary) vuln := models.Vulnerability{ ID: strings.Join(v.Aliases, ","), Title: v.Summary, From b0e499fce53562859ff4c5587f7cf8677cd3d71d Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Mon, 23 Oct 2023 19:50:22 -0600 Subject: [PATCH 08/12] Fixes workflow for go 1.21 --- .github/workflows/go-quality.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/go-quality.yml b/.github/workflows/go-quality.yml index 149db14..c13754a 100644 --- a/.github/workflows/go-quality.yml +++ b/.github/workflows/go-quality.yml @@ -11,7 +11,7 @@ jobs: name: Setup Go uses: actions/setup-go@v4 with: - go-version: '1.20' + go-version: '1.21' - name: Install Dependencies run: | From 20440110764e79e6a30347b38c5f6f5ce8a93a65 Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Mon, 23 Oct 2023 19:56:52 -0600 Subject: [PATCH 09/12] Temporarily removes CodeQL tests --- .github/workflows/codeql-analysis.yml | 67 --------------------------- 1 file changed, 67 deletions(-) delete mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index c76fb8a..0000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,67 +0,0 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -# -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. -# -name: "CodeQL" - -on: - push: - branches: [ main ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ main ] - schedule: - - cron: '32 16 * * 1' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - - strategy: - fail-fast: false - matrix: - language: [ 'go' ] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] - # Learn more: - # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 From 9edf4a2fcfaa963e34c1a8dea82ef095b3b91606 Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Mon, 23 Oct 2023 19:57:31 -0600 Subject: [PATCH 10/12] Removes stale SBOM --- sbom/bomber.cyclonedx.json | 12916 ----------------------------------- 1 file changed, 12916 deletions(-) delete mode 100644 sbom/bomber.cyclonedx.json diff --git a/sbom/bomber.cyclonedx.json b/sbom/bomber.cyclonedx.json deleted file mode 100644 index 9340e2c..0000000 --- a/sbom/bomber.cyclonedx.json +++ /dev/null @@ -1,12916 +0,0 @@ -{ - "bomFormat": "CycloneDX", - "specVersion": "1.4", - "serialNumber": "urn:uuid:7a0624d7-b482-41fc-9b2b-df94ecc2294e", - "version": 1, - "metadata": { - "timestamp": "2023-03-03T09:06:11-07:00", - "tools": [ - { - "vendor": "anchore", - "name": "syft", - "version": "[not provided]" - } - ], - "component": { - "bom-ref": "af63bd4c8601b7f1", - "type": "file", - "name": "." - } - }, - "components": [ - { - "bom-ref": "pkg:deb/ubuntu/adduser@3.118ubuntu5?arch=all&distro=ubuntu-22.04&package-id=c0d462d69434fdb8", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "adduser", - "version": "3.118ubuntu5", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:adduser:adduser:3.118ubuntu5:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/adduser@3.118ubuntu5?arch=all&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:adduser:adduser:3.118ubuntu5:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/apt@2.4.6?arch=amd64&distro=ubuntu-22.04&package-id=d10e7bfa8c262f5", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "apt", - "version": "2.4.6", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:apt:apt:2.4.6:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/apt@2.4.6?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:apt:apt:2.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/base-files@12ubuntu4.2?arch=amd64&distro=ubuntu-22.04&package-id=9368e450e6499ef", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "base-files", - "version": "12ubuntu4.2", - "cpe": "cpe:2.3:a:base-files:base-files:12ubuntu4.2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/base-files@12ubuntu4.2?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base-files:base_files:12ubuntu4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base-files:12ubuntu4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base_files:12ubuntu4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base-files:12ubuntu4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base_files:12ubuntu4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base-files:base-files:12ubuntu4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base-files:base_files:12ubuntu4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base-files:12ubuntu4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base_files:base_files:12ubuntu4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base-files:12ubuntu4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base_files:12ubuntu4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/base-passwd@3.5.52build1?arch=amd64&distro=ubuntu-22.04&package-id=f478a94858d204c0", - "type": "library", - "publisher": "Colin Watson ", - "name": "base-passwd", - "version": "3.5.52build1", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:base-passwd:base-passwd:3.5.52build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/base-passwd@3.5.52build1?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base-passwd:base_passwd:3.5.52build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base_passwd:base-passwd:3.5.52build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base_passwd:base_passwd:3.5.52build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base-passwd:3.5.52build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base_passwd:3.5.52build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base-passwd:base-passwd:3.5.52build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base-passwd:base_passwd:3.5.52build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base_passwd:base-passwd:3.5.52build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base_passwd:base_passwd:3.5.52build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base-passwd:3.5.52build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:base:base_passwd:3.5.52build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/bash@5.1-6ubuntu1?arch=amd64&distro=ubuntu-22.04&package-id=91dfe28fa6952934", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "bash", - "version": "5.1-6ubuntu1", - "licenses": [ - { - "license": { - "id": "GPL-3.0-only" - } - } - ], - "cpe": "cpe:2.3:a:bash:bash:5.1-6ubuntu1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/bash@5.1-6ubuntu1?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:bash:bash:5.1-6ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/bsdutils@1:2.37.2-4ubuntu3?arch=amd64&upstream=util-linux%402.37.2-4ubuntu3&distro=ubuntu-22.04&package-id=e4a24bef29b7f028", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "bsdutils", - "version": "1:2.37.2-4ubuntu3", - "licenses": [ - { - "license": { - "id": "BSD-2-Clause" - } - }, - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "BSD-4-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - }, - { - "license": { - "id": "LGPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-3.0-or-later" - } - }, - { - "license": { - "id": "MIT" - } - } - ], - "cpe": "cpe:2.3:a:bsdutils:bsdutils:1\\:2.37.2-4ubuntu3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/bsdutils@1:2.37.2-4ubuntu3?arch=amd64&upstream=util-linux%402.37.2-4ubuntu3&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:bsdutils:bsdutils:1\\:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "util-linux" - }, - { - "name": "syft:metadata:sourceVersion", - "value": "2.37.2-4ubuntu3" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/coreutils@8.32-4.1ubuntu1?arch=amd64&distro=ubuntu-22.04&package-id=838c861fb6c3f838", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "coreutils", - "version": "8.32-4.1ubuntu1", - "licenses": [ - { - "license": { - "id": "GPL-3.0-only" - } - } - ], - "cpe": "cpe:2.3:a:coreutils:coreutils:8.32-4.1ubuntu1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/coreutils@8.32-4.1ubuntu1?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:coreutils:coreutils:8.32-4.1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/dash@0.5.11+git20210903+057cd650a4ed-3build1?arch=amd64&distro=ubuntu-22.04&package-id=ca8019720bad3c8c", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "dash", - "version": "0.5.11+git20210903+057cd650a4ed-3build1", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "FSFUL" - } - }, - { - "license": { - "id": "FSFULLR" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:dash:dash:0.5.11\\+git20210903\\+057cd650a4ed-3build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/dash@0.5.11+git20210903+057cd650a4ed-3build1?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:dash:dash:0.5.11\\+git20210903\\+057cd650a4ed-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/debconf@1.5.79ubuntu1?arch=all&distro=ubuntu-22.04&package-id=7db09787e00ce19c", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "debconf", - "version": "1.5.79ubuntu1", - "licenses": [ - { - "license": { - "id": "BSD-2-Clause" - } - } - ], - "cpe": "cpe:2.3:a:debconf:debconf:1.5.79ubuntu1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/debconf@1.5.79ubuntu1?arch=all&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:debconf:debconf:1.5.79ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/debianutils@5.5-1ubuntu2?arch=amd64&distro=ubuntu-22.04&package-id=796ac34a1017c440", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "debianutils", - "version": "5.5-1ubuntu2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:debianutils:debianutils:5.5-1ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/debianutils@5.5-1ubuntu2?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:debianutils:debianutils:5.5-1ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/diffutils@1:3.8-0ubuntu2?arch=amd64&distro=ubuntu-22.04&package-id=e3c48c8d5d749bf2", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "diffutils", - "version": "1:3.8-0ubuntu2", - "cpe": "cpe:2.3:a:diffutils:diffutils:1\\:3.8-0ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/diffutils@1:3.8-0ubuntu2?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:diffutils:diffutils:1\\:3.8-0ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/dpkg@1.21.1ubuntu2.1?arch=amd64&distro=ubuntu-22.04&package-id=8dd6062619578286", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "dpkg", - "version": "1.21.1ubuntu2.1", - "licenses": [ - { - "license": { - "id": "BSD-2-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:dpkg:dpkg:1.21.1ubuntu2.1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/dpkg@1.21.1ubuntu2.1?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:dpkg:dpkg:1.21.1ubuntu2.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/e2fsprogs@1.46.5-2ubuntu1.1?arch=amd64&distro=ubuntu-22.04&package-id=fc79c1c77fe6391", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "e2fsprogs", - "version": "1.46.5-2ubuntu1.1", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:e2fsprogs:e2fsprogs:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/e2fsprogs@1.46.5-2ubuntu1.1?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:e2fsprogs:e2fsprogs:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/findutils@4.8.0-1ubuntu3?arch=amd64&distro=ubuntu-22.04&package-id=6776f316f7f20ef7", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "findutils", - "version": "4.8.0-1ubuntu3", - "licenses": [ - { - "license": { - "id": "GFDL-1.3-only" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - } - ], - "cpe": "cpe:2.3:a:findutils:findutils:4.8.0-1ubuntu3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/findutils@4.8.0-1ubuntu3?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:findutils:findutils:4.8.0-1ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/gcc-12-base@12-20220319-1ubuntu1?arch=amd64&upstream=gcc-12&distro=ubuntu-22.04&package-id=d44a89ab53bd36b8", - "type": "library", - "publisher": "Ubuntu Core developers ", - "name": "gcc-12-base", - "version": "12-20220319-1ubuntu1", - "licenses": [ - { - "license": { - "id": "GFDL-1.2-only" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - } - ], - "cpe": "cpe:2.3:a:gcc-12-base:gcc-12-base:12-20220319-1ubuntu1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/gcc-12-base@12-20220319-1ubuntu1?arch=amd64&upstream=gcc-12&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc-12-base:gcc_12_base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc_12_base:gcc-12-base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc_12_base:gcc_12_base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc-12:gcc-12-base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc-12:gcc_12_base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc_12:gcc-12-base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc_12:gcc_12_base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc:gcc-12-base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc:gcc_12_base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc-12-base:gcc-12-base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc-12-base:gcc_12_base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc_12_base:gcc-12-base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc_12_base:gcc_12_base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc-12:gcc-12-base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc-12:gcc_12_base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc_12:gcc-12-base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc_12:gcc_12_base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc:gcc-12-base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gcc:gcc_12_base:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "gcc-12" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/cyclonedx/cyclonedx-go@v0.7.0?package-id=68a5f1520e0b099c", - "type": "library", - "name": "github.com/CycloneDX/cyclonedx-go", - "version": "v0.7.0", - "cpe": "cpe:2.3:a:CycloneDX:cyclonedx-go:v0.7.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/cyclonedx/cyclonedx-go@v0.7.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:CycloneDX:cyclonedx_go:v0.7.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:CycloneDX:cyclonedx-go:v0.7.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:CycloneDX:cyclonedx_go:v0.7.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/cyclonedx/cyclonedx-go@v0.7.0?package-id=5b640ab5743c8eb8", - "type": "library", - "name": "github.com/CycloneDX/cyclonedx-go", - "version": "v0.7.0", - "cpe": "cpe:2.3:a:CycloneDX:cyclonedx-go:v0.7.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/CycloneDX/cyclonedx-go@v0.7.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:CycloneDX:cyclonedx_go:v0.7.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:CycloneDX:cyclonedx-go:v0.7.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:CycloneDX:cyclonedx_go:v0.7.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/cyclonedx/cyclonedx-go@v0.7.0?package-id=16a25d640f4898b6", - "type": "library", - "name": "github.com/CycloneDX/cyclonedx-go", - "version": "v0.7.0", - "cpe": "cpe:2.3:a:CycloneDX:cyclonedx-go:v0.7.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/CycloneDX/cyclonedx-go@v0.7.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:CycloneDX:cyclonedx_go:v0.7.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:CycloneDX:cyclonedx-go:v0.7.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:CycloneDX:cyclonedx_go:v0.7.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:jNxp8hL7UpcvPDFXjY+Y1ibFtsW+e5zyF9QoSmhK/zg=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/cyclonedx/cyclonedx-go@v0.7.0?package-id=7910e9a5be7aae8a", - "type": "library", - "name": "github.com/CycloneDX/cyclonedx-go", - "version": "v0.7.0", - "cpe": "cpe:2.3:a:CycloneDX:cyclonedx-go:v0.7.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/CycloneDX/cyclonedx-go@v0.7.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:CycloneDX:cyclonedx_go:v0.7.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:jNxp8hL7UpcvPDFXjY+Y1ibFtsW+e5zyF9QoSmhK/zg=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/cyclonedx/cyclonedx-go@v0.7.0?package-id=480b6e0f9915add2", - "type": "library", - "name": "github.com/CycloneDX/cyclonedx-go", - "version": "v0.7.0", - "cpe": "cpe:2.3:a:CycloneDX:cyclonedx-go:v0.7.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/CycloneDX/cyclonedx-go@v0.7.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:CycloneDX:cyclonedx_go:v0.7.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:jNxp8hL7UpcvPDFXjY+Y1ibFtsW+e5zyF9QoSmhK/zg=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/aymerick/douceur@v0.2.0?package-id=85399a8559f0fea5", - "type": "library", - "name": "github.com/aymerick/douceur", - "version": "v0.2.0", - "cpe": "cpe:2.3:a:aymerick:douceur:v0.2.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/aymerick/douceur@v0.2.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/aymerick/douceur@v0.2.0?package-id=b881fbfd59c7bf96", - "type": "library", - "name": "github.com/aymerick/douceur", - "version": "v0.2.0", - "cpe": "cpe:2.3:a:aymerick:douceur:v0.2.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/aymerick/douceur@v0.2.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/briandowns/spinner@v1.19.0?package-id=423c7fc505f569a9", - "type": "library", - "name": "github.com/briandowns/spinner", - "version": "v1.19.0", - "cpe": "cpe:2.3:a:briandowns:spinner:v1.19.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/briandowns/spinner@v1.19.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:briandowns:spinner:v1.19.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/briandowns/spinner@v1.19.0?package-id=a587e16923fd5657", - "type": "library", - "name": "github.com/briandowns/spinner", - "version": "v1.19.0", - "cpe": "cpe:2.3:a:briandowns:spinner:v1.19.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/briandowns/spinner@v1.19.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:briandowns:spinner:v1.19.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/briandowns/spinner@v1.19.0?package-id=511bf3b717951ffb", - "type": "library", - "name": "github.com/briandowns/spinner", - "version": "v1.19.0", - "cpe": "cpe:2.3:a:briandowns:spinner:v1.19.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/briandowns/spinner@v1.19.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:briandowns:spinner:v1.19.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:s8aq38H+Qju89yhp89b4iIiMzMm8YN3p6vGpwyh/a8E=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/briandowns/spinner@v1.22.0?package-id=29a3183a568536b", - "type": "library", - "name": "github.com/briandowns/spinner", - "version": "v1.22.0", - "cpe": "cpe:2.3:a:briandowns:spinner:v1.22.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/briandowns/spinner@v1.22.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:fJ/7tyeM2q9ebM57kGfjnUSrgPJBsULk+/s61UpMGrw=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/briandowns/spinner@v1.22.0?package-id=266c1879349c6d2b", - "type": "library", - "name": "github.com/briandowns/spinner", - "version": "v1.22.0", - "cpe": "cpe:2.3:a:briandowns:spinner:v1.22.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/briandowns/spinner@v1.22.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:fJ/7tyeM2q9ebM57kGfjnUSrgPJBsULk+/s61UpMGrw=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=400d5e580d04b9d2", - "type": "library", - "name": "github.com/davecgh/go-spew", - "version": "v1.1.1", - "cpe": "cpe:2.3:a:davecgh:go-spew:v1.1.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/davecgh/go-spew@v1.1.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:davecgh:go_spew:v1.1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:davecgh:go-spew:v1.1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:davecgh:go_spew:v1.1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=82cf8b15f7c32de3", - "type": "library", - "name": "github.com/davecgh/go-spew", - "version": "v1.1.1", - "cpe": "cpe:2.3:a:davecgh:go-spew:v1.1.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/davecgh/go-spew@v1.1.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:davecgh:go_spew:v1.1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:davecgh:go-spew:v1.1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:davecgh:go_spew:v1.1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/davecgh/go-spew@v1.1.1?package-id=e69c0beffd356805", - "type": "library", - "name": "github.com/davecgh/go-spew", - "version": "v1.1.1", - "cpe": "cpe:2.3:a:davecgh:go-spew:v1.1.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/davecgh/go-spew@v1.1.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:davecgh:go_spew:v1.1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/devops-kung-fu/bomber@v0.0.0-20220928224516-b8b2d4abd421?package-id=a2ad7d1bc3317fd9", - "type": "library", - "name": "github.com/devops-kung-fu/bomber", - "version": "v0.0.0-20220928224516-b8b2d4abd421", - "cpe": "cpe:2.3:a:devops-kung-fu:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/devops-kung-fu/bomber@v0.0.0-20220928224516-b8b2d4abd421", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung-fu:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/devops-kung-fu/bomber@v0.0.0-20220928224516-b8b2d4abd421?package-id=4a14f3963ec4f23b", - "type": "library", - "name": "github.com/devops-kung-fu/bomber", - "version": "v0.0.0-20220928224516-b8b2d4abd421", - "cpe": "cpe:2.3:a:devops-kung-fu:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/devops-kung-fu/bomber@v0.0.0-20220928224516-b8b2d4abd421", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung-fu:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:bomber:v0.0.0-20220928224516-b8b2d4abd421:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goBuildSettings:-compiler", - "value": "gc" - }, - { - "name": "syft:metadata:goBuildSettings:CGO_ENABLED", - "value": "1" - }, - { - "name": "syft:metadata:goBuildSettings:GOAMD64", - "value": "v1" - }, - { - "name": "syft:metadata:goBuildSettings:GOARCH", - "value": "amd64" - }, - { - "name": "syft:metadata:goBuildSettings:GOOS", - "value": "darwin" - }, - { - "name": "syft:metadata:goBuildSettings:vcs", - "value": "git" - }, - { - "name": "syft:metadata:goBuildSettings:vcs.modified", - "value": "true" - }, - { - "name": "syft:metadata:goBuildSettings:vcs.revision", - "value": "b8b2d4abd421f6ff6a706b70ce7167422bacd8b1" - }, - { - "name": "syft:metadata:goBuildSettings:vcs.time", - "value": "2022-09-28T22:45:16Z" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/devops-kung-fu/bomber@v0.0.0-20230303151648-579b39b61438?package-id=94db220fdeac9720", - "type": "library", - "name": "github.com/devops-kung-fu/bomber", - "version": "v0.0.0-20230303151648-579b39b61438", - "cpe": "cpe:2.3:a:devops-kung-fu:bomber:v0.0.0-20230303151648-579b39b61438:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/devops-kung-fu/bomber@v0.0.0-20230303151648-579b39b61438", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:bomber:v0.0.0-20230303151648-579b39b61438:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:bomber:v0.0.0-20230303151648-579b39b61438:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:bomber:v0.0.0-20230303151648-579b39b61438:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:bomber:v0.0.0-20230303151648-579b39b61438:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goBuildSettings:-buildmode", - "value": "exe" - }, - { - "name": "syft:metadata:goBuildSettings:-compiler", - "value": "gc" - }, - { - "name": "syft:metadata:goBuildSettings:CGO_ENABLED", - "value": "1" - }, - { - "name": "syft:metadata:goBuildSettings:GOAMD64", - "value": "v1" - }, - { - "name": "syft:metadata:goBuildSettings:GOARCH", - "value": "amd64" - }, - { - "name": "syft:metadata:goBuildSettings:GOOS", - "value": "darwin" - }, - { - "name": "syft:metadata:goBuildSettings:vcs", - "value": "git" - }, - { - "name": "syft:metadata:goBuildSettings:vcs.modified", - "value": "true" - }, - { - "name": "syft:metadata:goBuildSettings:vcs.revision", - "value": "579b39b61438d698cc10ec959877b0a743930d34" - }, - { - "name": "syft:metadata:goBuildSettings:vcs.time", - "value": "2023-03-03T15:16:48Z" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/devops-kung-fu/common@v0.2.5?package-id=fe8b2d3511c7cca", - "type": "library", - "name": "github.com/devops-kung-fu/common", - "version": "v0.2.5", - "cpe": "cpe:2.3:a:devops-kung-fu:common:v0.2.5:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/devops-kung-fu/common@v0.2.5", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung-fu:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/devops-kung-fu/common@v0.2.5?package-id=f95acdc3523b68eb", - "type": "library", - "name": "github.com/devops-kung-fu/common", - "version": "v0.2.5", - "cpe": "cpe:2.3:a:devops-kung-fu:common:v0.2.5:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/devops-kung-fu/common@v0.2.5", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung-fu:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/devops-kung-fu/common@v0.2.5?package-id=e737358807949deb", - "type": "library", - "name": "github.com/devops-kung-fu/common", - "version": "v0.2.5", - "cpe": "cpe:2.3:a:devops-kung-fu:common:v0.2.5:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/devops-kung-fu/common@v0.2.5", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung-fu:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:Ktyp1vsE2iyQPbazSxkQ1CiUq29FblQk/fYPHa09AzA=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/devops-kung-fu/common@v0.2.5?package-id=9f8b4c5e4837a7a8", - "type": "library", - "name": "github.com/devops-kung-fu/common", - "version": "v0.2.5", - "cpe": "cpe:2.3:a:devops-kung-fu:common:v0.2.5:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/devops-kung-fu/common@v0.2.5", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:Ktyp1vsE2iyQPbazSxkQ1CiUq29FblQk/fYPHa09AzA=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/devops-kung-fu/common@v0.2.5?package-id=f57dfa880b70947e", - "type": "library", - "name": "github.com/devops-kung-fu/common", - "version": "v0.2.5", - "cpe": "cpe:2.3:a:devops-kung-fu:common:v0.2.5:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/devops-kung-fu/common@v0.2.5", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung_fu:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops-kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops_kung:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:devops:common:v0.2.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:Ktyp1vsE2iyQPbazSxkQ1CiUq29FblQk/fYPHa09AzA=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/fatih/color@v1.13.0?package-id=d04543eab24f84ba", - "type": "library", - "name": "github.com/fatih/color", - "version": "v1.13.0", - "cpe": "cpe:2.3:a:fatih:color:v1.13.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/fatih/color@v1.13.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:fatih:color:v1.13.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/fatih/color@v1.13.0?package-id=80c1029bb6d1a558", - "type": "library", - "name": "github.com/fatih/color", - "version": "v1.13.0", - "cpe": "cpe:2.3:a:fatih:color:v1.13.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/fatih/color@v1.13.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:fatih:color:v1.13.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/fatih/color@v1.13.0?package-id=e672e0542614a2ce", - "type": "library", - "name": "github.com/fatih/color", - "version": "v1.13.0", - "cpe": "cpe:2.3:a:fatih:color:v1.13.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/fatih/color@v1.13.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:fatih:color:v1.13.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/fatih/color@v1.14.1?package-id=ba1b8e0710a95e00", - "type": "library", - "name": "github.com/fatih/color", - "version": "v1.14.1", - "cpe": "cpe:2.3:a:fatih:color:v1.14.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/fatih/color@v1.14.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/fatih/color@v1.14.1?package-id=720b52a6a57a3f26", - "type": "library", - "name": "github.com/fatih/color", - "version": "v1.14.1", - "cpe": "cpe:2.3:a:fatih:color:v1.14.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/fatih/color@v1.14.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/gomarkdown/markdown@v0.0.0-20221013030248-663e2500819c?package-id=1f0560c18e6efbe", - "type": "library", - "name": "github.com/gomarkdown/markdown", - "version": "v0.0.0-20221013030248-663e2500819c", - "cpe": "cpe:2.3:a:gomarkdown:markdown:v0.0.0-20221013030248-663e2500819c:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/gomarkdown/markdown@v0.0.0-20221013030248-663e2500819c", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:iyaGYbCmcYK0Ja9a3OUa2Fo+EaN0cbLu0eKpBwPFzc8=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/gomarkdown/markdown@v0.0.0-20221013030248-663e2500819c?package-id=b746260877c32650", - "type": "library", - "name": "github.com/gomarkdown/markdown", - "version": "v0.0.0-20221013030248-663e2500819c", - "cpe": "cpe:2.3:a:gomarkdown:markdown:v0.0.0-20221013030248-663e2500819c:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/gomarkdown/markdown@v0.0.0-20221013030248-663e2500819c", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:iyaGYbCmcYK0Ja9a3OUa2Fo+EaN0cbLu0eKpBwPFzc8=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/gookit/color@v1.5.2?package-id=ec229cbce40c2350", - "type": "library", - "name": "github.com/gookit/color", - "version": "v1.5.2", - "cpe": "cpe:2.3:a:gookit:color:v1.5.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/gookit/color@v1.5.2", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gookit:color:v1.5.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/gookit/color@v1.5.2?package-id=44050d118a02707c", - "type": "library", - "name": "github.com/gookit/color", - "version": "v1.5.2", - "cpe": "cpe:2.3:a:gookit:color:v1.5.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/gookit/color@v1.5.2", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gookit:color:v1.5.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/gookit/color@v1.5.2?package-id=5bc7ca708105bff9", - "type": "library", - "name": "github.com/gookit/color", - "version": "v1.5.2", - "cpe": "cpe:2.3:a:gookit:color:v1.5.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/gookit/color@v1.5.2", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gookit:color:v1.5.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:uLnfXcaFjlrDnQDT+NCBcfhrXqYTx/rcCa6xn01Y8yI=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/gookit/color@v1.5.2?package-id=326d802956bbfb3e", - "type": "library", - "name": "github.com/gookit/color", - "version": "v1.5.2", - "cpe": "cpe:2.3:a:gookit:color:v1.5.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/gookit/color@v1.5.2", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:uLnfXcaFjlrDnQDT+NCBcfhrXqYTx/rcCa6xn01Y8yI=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/gookit/color@v1.5.2?package-id=427b5c1152b1b8ec", - "type": "library", - "name": "github.com/gookit/color", - "version": "v1.5.2", - "cpe": "cpe:2.3:a:gookit:color:v1.5.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/gookit/color@v1.5.2", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:uLnfXcaFjlrDnQDT+NCBcfhrXqYTx/rcCa6xn01Y8yI=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/gorilla/css@v1.0.0?package-id=9d6f71cd67bb062", - "type": "library", - "name": "github.com/gorilla/css", - "version": "v1.0.0", - "cpe": "cpe:2.3:a:gorilla:css:v1.0.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/gorilla/css@v1.0.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:BQqNyPTi50JCFMTw/b67hByjMVXZRwGha6wxVGkeihY=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/gorilla/css@v1.0.0?package-id=9118229cebfeccfd", - "type": "library", - "name": "github.com/gorilla/css", - "version": "v1.0.0", - "cpe": "cpe:2.3:a:gorilla:css:v1.0.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/gorilla/css@v1.0.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:BQqNyPTi50JCFMTw/b67hByjMVXZRwGha6wxVGkeihY=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/inconshreveable/mousetrap@v1.0.1?package-id=5ded5ef8b6fb5de1", - "type": "library", - "name": "github.com/inconshreveable/mousetrap", - "version": "v1.0.1", - "cpe": "cpe:2.3:a:inconshreveable:mousetrap:v1.0.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/inconshreveable/mousetrap@v1.0.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:inconshreveable:mousetrap:v1.0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/inconshreveable/mousetrap@v1.0.1?package-id=85cf4669a7b55c3", - "type": "library", - "name": "github.com/inconshreveable/mousetrap", - "version": "v1.0.1", - "cpe": "cpe:2.3:a:inconshreveable:mousetrap:v1.0.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/inconshreveable/mousetrap@v1.0.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:inconshreveable:mousetrap:v1.0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/inconshreveable/mousetrap@v1.1.0?package-id=37c82ad2116f18d1", - "type": "library", - "name": "github.com/inconshreveable/mousetrap", - "version": "v1.1.0", - "cpe": "cpe:2.3:a:inconshreveable:mousetrap:v1.1.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/inconshreveable/mousetrap@v1.1.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/jarcoal/httpmock@v1.2.0?package-id=c9821ae33b7f3676", - "type": "library", - "name": "github.com/jarcoal/httpmock", - "version": "v1.2.0", - "cpe": "cpe:2.3:a:jarcoal:httpmock:v1.2.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/jarcoal/httpmock@v1.2.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jarcoal:httpmock:v1.2.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/jarcoal/httpmock@v1.2.0?package-id=f469f5e014abf07c", - "type": "library", - "name": "github.com/jarcoal/httpmock", - "version": "v1.2.0", - "cpe": "cpe:2.3:a:jarcoal:httpmock:v1.2.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/jarcoal/httpmock@v1.2.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jarcoal:httpmock:v1.2.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/jarcoal/httpmock@v1.3.0?package-id=7c36f9ebfcab6095", - "type": "library", - "name": "github.com/jarcoal/httpmock", - "version": "v1.3.0", - "cpe": "cpe:2.3:a:jarcoal:httpmock:v1.3.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/jarcoal/httpmock@v1.3.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:2RJ8GP0IIaWwcC9Fp2BmVi8Kog3v2Hn7VXM3fTd+nuc=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/jedib0t/go-pretty/v6@v6.3.9?package-id=6638c0579c2644c", - "type": "library", - "name": "github.com/jedib0t/go-pretty/v6", - "version": "v6.3.9", - "cpe": "cpe:2.3:a:jedib0t:go-pretty\\/v6:v6.3.9:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/jedib0t/go-pretty/v6@v6.3.9", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jedib0t:go_pretty\\/v6:v6.3.9:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jedib0t:go-pretty\\/v6:v6.3.9:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jedib0t:go_pretty\\/v6:v6.3.9:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/jedib0t/go-pretty/v6@v6.3.9?package-id=3f31a45ad263f1f5", - "type": "library", - "name": "github.com/jedib0t/go-pretty/v6", - "version": "v6.3.9", - "cpe": "cpe:2.3:a:jedib0t:go-pretty\\/v6:v6.3.9:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/jedib0t/go-pretty/v6@v6.3.9", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jedib0t:go_pretty\\/v6:v6.3.9:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jedib0t:go-pretty\\/v6:v6.3.9:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jedib0t:go_pretty\\/v6:v6.3.9:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/jedib0t/go-pretty/v6@v6.3.9?package-id=bef81ed97b8c35b9", - "type": "library", - "name": "github.com/jedib0t/go-pretty/v6", - "version": "v6.3.9", - "cpe": "cpe:2.3:a:jedib0t:go-pretty\\/v6:v6.3.9:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/jedib0t/go-pretty/v6@v6.3.9", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jedib0t:go_pretty\\/v6:v6.3.9:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jedib0t:go-pretty\\/v6:v6.3.9:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jedib0t:go_pretty\\/v6:v6.3.9:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:GAK/1WJY9WVVrKd601HGB89ihLBDfJnUIJye31PY+uk=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/jedib0t/go-pretty/v6@v6.4.6?package-id=b348f6af92bb626", - "type": "library", - "name": "github.com/jedib0t/go-pretty/v6", - "version": "v6.4.6", - "cpe": "cpe:2.3:a:jedib0t:go-pretty\\/v6:v6.4.6:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/jedib0t/go-pretty/v6@v6.4.6", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jedib0t:go_pretty\\/v6:v6.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:v6aG9h6Uby3IusSSEjHaZNXpHFhzqMmjXcPq1Rjl9Jw=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/jedib0t/go-pretty/v6@v6.4.6?package-id=1bdfd6de86debe26", - "type": "library", - "name": "github.com/jedib0t/go-pretty/v6", - "version": "v6.4.6", - "cpe": "cpe:2.3:a:jedib0t:go-pretty\\/v6:v6.4.6:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/jedib0t/go-pretty/v6@v6.4.6", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:jedib0t:go_pretty\\/v6:v6.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:v6aG9h6Uby3IusSSEjHaZNXpHFhzqMmjXcPq1Rjl9Jw=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/kirinlabs/httprequest@v1.1.1?package-id=a66019c35c93202e", - "type": "library", - "name": "github.com/kirinlabs/HttpRequest", - "version": "v1.1.1", - "cpe": "cpe:2.3:a:kirinlabs:HttpRequest:v1.1.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/kirinlabs/httprequest@v1.1.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:kirinlabs:HttpRequest:v1.1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/kirinlabs/httprequest@v1.1.1?package-id=72b49980430445f0", - "type": "library", - "name": "github.com/kirinlabs/HttpRequest", - "version": "v1.1.1", - "cpe": "cpe:2.3:a:kirinlabs:HttpRequest:v1.1.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/kirinlabs/HttpRequest@v1.1.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:kirinlabs:HttpRequest:v1.1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/kirinlabs/httprequest@v1.1.1?package-id=5f684bc33f43ed95", - "type": "library", - "name": "github.com/kirinlabs/HttpRequest", - "version": "v1.1.1", - "cpe": "cpe:2.3:a:kirinlabs:HttpRequest:v1.1.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/kirinlabs/HttpRequest@v1.1.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:kirinlabs:HttpRequest:v1.1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:eBbFzpRd/Y7vQhRY30frHK3yAJiT1wDlB31Ryzyklc0=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/kirinlabs/httprequest@v1.1.1?package-id=e64e8266455c74f4", - "type": "library", - "name": "github.com/kirinlabs/HttpRequest", - "version": "v1.1.1", - "cpe": "cpe:2.3:a:kirinlabs:HttpRequest:v1.1.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/kirinlabs/HttpRequest@v1.1.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:eBbFzpRd/Y7vQhRY30frHK3yAJiT1wDlB31Ryzyklc0=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/kirinlabs/httprequest@v1.1.1?package-id=29a2501d4672058", - "type": "library", - "name": "github.com/kirinlabs/HttpRequest", - "version": "v1.1.1", - "cpe": "cpe:2.3:a:kirinlabs:HttpRequest:v1.1.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/kirinlabs/HttpRequest@v1.1.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:eBbFzpRd/Y7vQhRY30frHK3yAJiT1wDlB31Ryzyklc0=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/kr/text@v0.2.0?package-id=3fd084beae3f05c7", - "type": "library", - "name": "github.com/kr/text", - "version": "v0.2.0", - "cpe": "cpe:2.3:a:kr:text:v0.2.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/kr/text@v0.2.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:kr:text:v0.2.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/kr/text@v0.2.0?package-id=fa656dfee261bcc9", - "type": "library", - "name": "github.com/kr/text", - "version": "v0.2.0", - "cpe": "cpe:2.3:a:kr:text:v0.2.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/kr/text@v0.2.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:kr:text:v0.2.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/kr/text@v0.2.0?package-id=f0f8091ed4379f33", - "type": "library", - "name": "github.com/kr/text", - "version": "v0.2.0", - "cpe": "cpe:2.3:a:kr:text:v0.2.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/kr/text@v0.2.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-colorable@v0.1.13?package-id=53932a067fbdad4", - "type": "library", - "name": "github.com/mattn/go-colorable", - "version": "v0.1.13", - "cpe": "cpe:2.3:a:mattn:go-colorable:v0.1.13:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-colorable@v0.1.13", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_colorable:v0.1.13:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go-colorable:v0.1.13:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_colorable:v0.1.13:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-colorable@v0.1.13?package-id=dbe335cdb67f7fce", - "type": "library", - "name": "github.com/mattn/go-colorable", - "version": "v0.1.13", - "cpe": "cpe:2.3:a:mattn:go-colorable:v0.1.13:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-colorable@v0.1.13", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_colorable:v0.1.13:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go-colorable:v0.1.13:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_colorable:v0.1.13:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-colorable@v0.1.13?package-id=76f94dce3957d82", - "type": "library", - "name": "github.com/mattn/go-colorable", - "version": "v0.1.13", - "cpe": "cpe:2.3:a:mattn:go-colorable:v0.1.13:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-colorable@v0.1.13", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_colorable:v0.1.13:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go-colorable:v0.1.13:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_colorable:v0.1.13:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-colorable@v0.1.13?package-id=e1c9fe3c3b17c8c6", - "type": "library", - "name": "github.com/mattn/go-colorable", - "version": "v0.1.13", - "cpe": "cpe:2.3:a:mattn:go-colorable:v0.1.13:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-colorable@v0.1.13", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_colorable:v0.1.13:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-colorable@v0.1.13?package-id=ceddf32254e255a9", - "type": "library", - "name": "github.com/mattn/go-colorable", - "version": "v0.1.13", - "cpe": "cpe:2.3:a:mattn:go-colorable:v0.1.13:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-colorable@v0.1.13", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_colorable:v0.1.13:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-isatty@v0.0.16?package-id=27e68721137e045a", - "type": "library", - "name": "github.com/mattn/go-isatty", - "version": "v0.0.16", - "cpe": "cpe:2.3:a:mattn:go-isatty:v0.0.16:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-isatty@v0.0.16", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_isatty:v0.0.16:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go-isatty:v0.0.16:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_isatty:v0.0.16:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-isatty@v0.0.16?package-id=c8e8fc0677d71755", - "type": "library", - "name": "github.com/mattn/go-isatty", - "version": "v0.0.16", - "cpe": "cpe:2.3:a:mattn:go-isatty:v0.0.16:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-isatty@v0.0.16", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_isatty:v0.0.16:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go-isatty:v0.0.16:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_isatty:v0.0.16:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-isatty@v0.0.16?package-id=76782c25d49570d0", - "type": "library", - "name": "github.com/mattn/go-isatty", - "version": "v0.0.16", - "cpe": "cpe:2.3:a:mattn:go-isatty:v0.0.16:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-isatty@v0.0.16", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_isatty:v0.0.16:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go-isatty:v0.0.16:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_isatty:v0.0.16:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-isatty@v0.0.17?package-id=216271451acdaaf", - "type": "library", - "name": "github.com/mattn/go-isatty", - "version": "v0.0.17", - "cpe": "cpe:2.3:a:mattn:go-isatty:v0.0.17:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-isatty@v0.0.17", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_isatty:v0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-isatty@v0.0.17?package-id=4be395b49de5ae74", - "type": "library", - "name": "github.com/mattn/go-isatty", - "version": "v0.0.17", - "cpe": "cpe:2.3:a:mattn:go-isatty:v0.0.17:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-isatty@v0.0.17", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_isatty:v0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-runewidth@v0.0.14?package-id=c5486f7675c321e0", - "type": "library", - "name": "github.com/mattn/go-runewidth", - "version": "v0.0.14", - "cpe": "cpe:2.3:a:mattn:go-runewidth:v0.0.14:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-runewidth@v0.0.14", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_runewidth:v0.0.14:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go-runewidth:v0.0.14:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_runewidth:v0.0.14:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-runewidth@v0.0.14?package-id=a9ab049df129a3b2", - "type": "library", - "name": "github.com/mattn/go-runewidth", - "version": "v0.0.14", - "cpe": "cpe:2.3:a:mattn:go-runewidth:v0.0.14:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-runewidth@v0.0.14", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_runewidth:v0.0.14:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go-runewidth:v0.0.14:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_runewidth:v0.0.14:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-runewidth@v0.0.14?package-id=43dd6a8df09a63c1", - "type": "library", - "name": "github.com/mattn/go-runewidth", - "version": "v0.0.14", - "cpe": "cpe:2.3:a:mattn:go-runewidth:v0.0.14:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-runewidth@v0.0.14", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_runewidth:v0.0.14:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go-runewidth:v0.0.14:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_runewidth:v0.0.14:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-runewidth@v0.0.14?package-id=7b5e49af85362bb2", - "type": "library", - "name": "github.com/mattn/go-runewidth", - "version": "v0.0.14", - "cpe": "cpe:2.3:a:mattn:go-runewidth:v0.0.14:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-runewidth@v0.0.14", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_runewidth:v0.0.14:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/mattn/go-runewidth@v0.0.14?package-id=c45a0032148e8e8b", - "type": "library", - "name": "github.com/mattn/go-runewidth", - "version": "v0.0.14", - "cpe": "cpe:2.3:a:mattn:go-runewidth:v0.0.14:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/mattn/go-runewidth@v0.0.14", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mattn:go_runewidth:v0.0.14:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/microcosm-cc/bluemonday@v1.0.22?package-id=6c05e5b0ffe6dde8", - "type": "library", - "name": "github.com/microcosm-cc/bluemonday", - "version": "v1.0.22", - "cpe": "cpe:2.3:a:microcosm-cc:bluemonday:v1.0.22:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/microcosm-cc/bluemonday@v1.0.22", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:microcosm_cc:bluemonday:v1.0.22:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:microcosm:bluemonday:v1.0.22:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:p2tT7RNzRdCi0qmwxG+HbqD6ILkmwter1ZwVZn1oTxA=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/microcosm-cc/bluemonday@v1.0.22?package-id=1e9a2b16e8ea10cc", - "type": "library", - "name": "github.com/microcosm-cc/bluemonday", - "version": "v1.0.22", - "cpe": "cpe:2.3:a:microcosm-cc:bluemonday:v1.0.22:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/microcosm-cc/bluemonday@v1.0.22", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:microcosm_cc:bluemonday:v1.0.22:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:microcosm:bluemonday:v1.0.22:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:p2tT7RNzRdCi0qmwxG+HbqD6ILkmwter1ZwVZn1oTxA=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/niemeyer/pretty@v0.0.0-20200227124842-a10e7caefd8e?package-id=2719b10f688bbb36", - "type": "library", - "name": "github.com/niemeyer/pretty", - "version": "v0.0.0-20200227124842-a10e7caefd8e", - "cpe": "cpe:2.3:a:niemeyer:pretty:v0.0.0-20200227124842-a10e7caefd8e:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/niemeyer/pretty@v0.0.0-20200227124842-a10e7caefd8e", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:niemeyer:pretty:v0.0.0-20200227124842-a10e7caefd8e:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/niemeyer/pretty@v0.0.0-20200227124842-a10e7caefd8e?package-id=47c05d039289eaf2", - "type": "library", - "name": "github.com/niemeyer/pretty", - "version": "v0.0.0-20200227124842-a10e7caefd8e", - "cpe": "cpe:2.3:a:niemeyer:pretty:v0.0.0-20200227124842-a10e7caefd8e:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/niemeyer/pretty@v0.0.0-20200227124842-a10e7caefd8e", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:niemeyer:pretty:v0.0.0-20200227124842-a10e7caefd8e:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/niemeyer/pretty@v0.0.0-20200227124842-a10e7caefd8e?package-id=344855762208652a", - "type": "library", - "name": "github.com/niemeyer/pretty", - "version": "v0.0.0-20200227124842-a10e7caefd8e", - "cpe": "cpe:2.3:a:niemeyer:pretty:v0.0.0-20200227124842-a10e7caefd8e:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/niemeyer/pretty@v0.0.0-20200227124842-a10e7caefd8e", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/package-url/packageurl-go@v0.1.0?package-id=3d1b69b1eff949c9", - "type": "library", - "name": "github.com/package-url/packageurl-go", - "version": "v0.1.0", - "cpe": "cpe:2.3:a:package-url:packageurl-go:v0.1.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/package-url/packageurl-go@v0.1.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package-url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package-url:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package-url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/package-url/packageurl-go@v0.1.0?package-id=ae2962f4eea88e78", - "type": "library", - "name": "github.com/package-url/packageurl-go", - "version": "v0.1.0", - "cpe": "cpe:2.3:a:package-url:packageurl-go:v0.1.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/package-url/packageurl-go@v0.1.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package-url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package-url:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package-url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/package-url/packageurl-go@v0.1.0?package-id=d460d9705e8bb159", - "type": "library", - "name": "github.com/package-url/packageurl-go", - "version": "v0.1.0", - "cpe": "cpe:2.3:a:package-url:packageurl-go:v0.1.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/package-url/packageurl-go@v0.1.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package-url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package-url:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package-url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:efWBc98O/dBZRg1pw2xiDzovnlMjCa9NPnfaiBduh8I=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/package-url/packageurl-go@v0.1.0?package-id=5f40359d3d91377b", - "type": "library", - "name": "github.com/package-url/packageurl-go", - "version": "v0.1.0", - "cpe": "cpe:2.3:a:package-url:packageurl-go:v0.1.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/package-url/packageurl-go@v0.1.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package-url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:efWBc98O/dBZRg1pw2xiDzovnlMjCa9NPnfaiBduh8I=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/package-url/packageurl-go@v0.1.0?package-id=fa612e2da9ecafd7", - "type": "library", - "name": "github.com/package-url/packageurl-go", - "version": "v0.1.0", - "cpe": "cpe:2.3:a:package-url:packageurl-go:v0.1.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/package-url/packageurl-go@v0.1.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package-url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package_url:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl-go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:package:packageurl_go:v0.1.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:efWBc98O/dBZRg1pw2xiDzovnlMjCa9NPnfaiBduh8I=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/pmezard/go-difflib@v1.0.0?package-id=38036babf1a1d261", - "type": "library", - "name": "github.com/pmezard/go-difflib", - "version": "v1.0.0", - "cpe": "cpe:2.3:a:pmezard:go-difflib:v1.0.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/pmezard/go-difflib@v1.0.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:pmezard:go_difflib:v1.0.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:pmezard:go-difflib:v1.0.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:pmezard:go_difflib:v1.0.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/pmezard/go-difflib@v1.0.0?package-id=fc0265ef2c7b8e50", - "type": "library", - "name": "github.com/pmezard/go-difflib", - "version": "v1.0.0", - "cpe": "cpe:2.3:a:pmezard:go-difflib:v1.0.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/pmezard/go-difflib@v1.0.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:pmezard:go_difflib:v1.0.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:pmezard:go-difflib:v1.0.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:pmezard:go_difflib:v1.0.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/pmezard/go-difflib@v1.0.0?package-id=1503003a9cee31be", - "type": "library", - "name": "github.com/pmezard/go-difflib", - "version": "v1.0.0", - "cpe": "cpe:2.3:a:pmezard:go-difflib:v1.0.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/pmezard/go-difflib@v1.0.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:pmezard:go_difflib:v1.0.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/remeh/sizedwaitgroup@v1.0.0?package-id=ce32757941cef5f4", - "type": "library", - "name": "github.com/remeh/sizedwaitgroup", - "version": "v1.0.0", - "cpe": "cpe:2.3:a:remeh:sizedwaitgroup:v1.0.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/remeh/sizedwaitgroup@v1.0.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:VNGGFwNo/R5+MJBf6yrsr110p0m4/OX4S3DCy7Kyl5E=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/remeh/sizedwaitgroup@v1.0.0?package-id=6fd65958c67ad909", - "type": "library", - "name": "github.com/remeh/sizedwaitgroup", - "version": "v1.0.0", - "cpe": "cpe:2.3:a:remeh:sizedwaitgroup:v1.0.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/remeh/sizedwaitgroup@v1.0.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:VNGGFwNo/R5+MJBf6yrsr110p0m4/OX4S3DCy7Kyl5E=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/rivo/uniseg@v0.4.2?package-id=1e47a0841b351d35", - "type": "library", - "name": "github.com/rivo/uniseg", - "version": "v0.4.2", - "cpe": "cpe:2.3:a:rivo:uniseg:v0.4.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/rivo/uniseg@v0.4.2", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:rivo:uniseg:v0.4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/rivo/uniseg@v0.4.2?package-id=dd1a597435c54e5c", - "type": "library", - "name": "github.com/rivo/uniseg", - "version": "v0.4.2", - "cpe": "cpe:2.3:a:rivo:uniseg:v0.4.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/rivo/uniseg@v0.4.2", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:rivo:uniseg:v0.4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/rivo/uniseg@v0.4.2?package-id=5066e1d78d9f8151", - "type": "library", - "name": "github.com/rivo/uniseg", - "version": "v0.4.2", - "cpe": "cpe:2.3:a:rivo:uniseg:v0.4.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/rivo/uniseg@v0.4.2", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:rivo:uniseg:v0.4.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:YwD0ulJSJytLpiaWua0sBDusfsCZohxjxzVTYjwxfV8=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/rivo/uniseg@v0.4.4?package-id=f0c7bc9e60875e43", - "type": "library", - "name": "github.com/rivo/uniseg", - "version": "v0.4.4", - "cpe": "cpe:2.3:a:rivo:uniseg:v0.4.4:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/rivo/uniseg@v0.4.4", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/rivo/uniseg@v0.4.4?package-id=bcfc864b206a884", - "type": "library", - "name": "github.com/rivo/uniseg", - "version": "v0.4.4", - "cpe": "cpe:2.3:a:rivo:uniseg:v0.4.4:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/rivo/uniseg@v0.4.4", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/afero@v1.9.2?package-id=91ff9ed526244aed", - "type": "library", - "name": "github.com/spf13/afero", - "version": "v1.9.2", - "cpe": "cpe:2.3:a:spf13:afero:v1.9.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/afero@v1.9.2", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:spf13:afero:v1.9.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/afero@v1.9.2?package-id=1ab8d71708e8ef0a", - "type": "library", - "name": "github.com/spf13/afero", - "version": "v1.9.2", - "cpe": "cpe:2.3:a:spf13:afero:v1.9.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/afero@v1.9.2", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:spf13:afero:v1.9.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/afero@v1.9.2?package-id=fbd1fa246ebeafb1", - "type": "library", - "name": "github.com/spf13/afero", - "version": "v1.9.2", - "cpe": "cpe:2.3:a:spf13:afero:v1.9.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/afero@v1.9.2", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:spf13:afero:v1.9.2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:j49Hj62F0n+DaZ1dDCvhABaPNSGNkt32oRFxI33IEMw=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/afero@v1.9.4?package-id=f1405cb3a8cc3f14", - "type": "library", - "name": "github.com/spf13/afero", - "version": "v1.9.4", - "cpe": "cpe:2.3:a:spf13:afero:v1.9.4:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/afero@v1.9.4", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:Sd43wM1IWz/s1aVXdOBkjJvuP8UdyqioeE4AmM0QsBs=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/afero@v1.9.4?package-id=84363a420a2c751c", - "type": "library", - "name": "github.com/spf13/afero", - "version": "v1.9.4", - "cpe": "cpe:2.3:a:spf13:afero:v1.9.4:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/afero@v1.9.4", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:Sd43wM1IWz/s1aVXdOBkjJvuP8UdyqioeE4AmM0QsBs=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.5.0?package-id=bbe88b91ed2d2774", - "type": "library", - "name": "github.com/spf13/cobra", - "version": "v1.5.0", - "cpe": "cpe:2.3:a:spf13:cobra:v1.5.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/cobra@v1.5.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:spf13:cobra:v1.5.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.5.0?package-id=a34663c05b4edc16", - "type": "library", - "name": "github.com/spf13/cobra", - "version": "v1.5.0", - "cpe": "cpe:2.3:a:spf13:cobra:v1.5.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/cobra@v1.5.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:spf13:cobra:v1.5.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.5.0?package-id=4e15d105faa0ea6a", - "type": "library", - "name": "github.com/spf13/cobra", - "version": "v1.5.0", - "cpe": "cpe:2.3:a:spf13:cobra:v1.5.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/cobra@v1.5.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:spf13:cobra:v1.5.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:X+jTBEBqF0bHN+9cSMgmfuvv2VHJ9ezmFNf9Y/XstYU=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.6.1?package-id=7c411756451958e4", - "type": "library", - "name": "github.com/spf13/cobra", - "version": "v1.6.1", - "cpe": "cpe:2.3:a:spf13:cobra:v1.6.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/cobra@v1.6.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/cobra@v1.6.1?package-id=b2efb378db79518c", - "type": "library", - "name": "github.com/spf13/cobra", - "version": "v1.6.1", - "cpe": "cpe:2.3:a:spf13:cobra:v1.6.1:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/cobra@v1.6.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=4c76e82934a0e6d5", - "type": "library", - "name": "github.com/spf13/pflag", - "version": "v1.0.5", - "cpe": "cpe:2.3:a:spf13:pflag:v1.0.5:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/pflag@v1.0.5", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:spf13:pflag:v1.0.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=b5f60d334205548", - "type": "library", - "name": "github.com/spf13/pflag", - "version": "v1.0.5", - "cpe": "cpe:2.3:a:spf13:pflag:v1.0.5:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/pflag@v1.0.5", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:spf13:pflag:v1.0.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=33a71a320a9b86d4", - "type": "library", - "name": "github.com/spf13/pflag", - "version": "v1.0.5", - "cpe": "cpe:2.3:a:spf13:pflag:v1.0.5:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/pflag@v1.0.5", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:spf13:pflag:v1.0.5:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=272d510d1a48d911", - "type": "library", - "name": "github.com/spf13/pflag", - "version": "v1.0.5", - "cpe": "cpe:2.3:a:spf13:pflag:v1.0.5:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/pflag@v1.0.5", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/spf13/pflag@v1.0.5?package-id=54d28db4ae4c8937", - "type": "library", - "name": "github.com/spf13/pflag", - "version": "v1.0.5", - "cpe": "cpe:2.3:a:spf13:pflag:v1.0.5:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/spf13/pflag@v1.0.5", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/stretchr/testify@v1.8.0?package-id=b751659714791326", - "type": "library", - "name": "github.com/stretchr/testify", - "version": "v1.8.0", - "cpe": "cpe:2.3:a:stretchr:testify:v1.8.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/stretchr/testify@v1.8.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:stretchr:testify:v1.8.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/stretchr/testify@v1.8.0?package-id=384b2b91069c12ca", - "type": "library", - "name": "github.com/stretchr/testify", - "version": "v1.8.0", - "cpe": "cpe:2.3:a:stretchr:testify:v1.8.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/stretchr/testify@v1.8.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:stretchr:testify:v1.8.0:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/stretchr/testify@v1.8.2?package-id=e129ca3f1531b021", - "type": "library", - "name": "github.com/stretchr/testify", - "version": "v1.8.2", - "cpe": "cpe:2.3:a:stretchr:testify:v1.8.2:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/stretchr/testify@v1.8.2", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/xo/terminfo@v0.0.0-20220910002029-abceb7e1c41e?package-id=20ac5e54725671b3", - "type": "library", - "name": "github.com/xo/terminfo", - "version": "v0.0.0-20220910002029-abceb7e1c41e", - "cpe": "cpe:2.3:a:xo:terminfo:v0.0.0-20220910002029-abceb7e1c41e:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/xo/terminfo@v0.0.0-20220910002029-abceb7e1c41e", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:xo:terminfo:v0.0.0-20220910002029-abceb7e1c41e:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/xo/terminfo@v0.0.0-20220910002029-abceb7e1c41e?package-id=b516433ce4c71aa5", - "type": "library", - "name": "github.com/xo/terminfo", - "version": "v0.0.0-20220910002029-abceb7e1c41e", - "cpe": "cpe:2.3:a:xo:terminfo:v0.0.0-20220910002029-abceb7e1c41e:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/xo/terminfo@v0.0.0-20220910002029-abceb7e1c41e", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:xo:terminfo:v0.0.0-20220910002029-abceb7e1c41e:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/xo/terminfo@v0.0.0-20220910002029-abceb7e1c41e?package-id=24e5ccfe9f22d359", - "type": "library", - "name": "github.com/xo/terminfo", - "version": "v0.0.0-20220910002029-abceb7e1c41e", - "cpe": "cpe:2.3:a:xo:terminfo:v0.0.0-20220910002029-abceb7e1c41e:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/xo/terminfo@v0.0.0-20220910002029-abceb7e1c41e", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:xo:terminfo:v0.0.0-20220910002029-abceb7e1c41e:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/xo/terminfo@v0.0.0-20220910002029-abceb7e1c41e?package-id=98ab8862cb7d031e", - "type": "library", - "name": "github.com/xo/terminfo", - "version": "v0.0.0-20220910002029-abceb7e1c41e", - "cpe": "cpe:2.3:a:xo:terminfo:v0.0.0-20220910002029-abceb7e1c41e:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/xo/terminfo@v0.0.0-20220910002029-abceb7e1c41e", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/github.com/xo/terminfo@v0.0.0-20220910002029-abceb7e1c41e?package-id=d3f5ed2384e5d7e5", - "type": "library", - "name": "github.com/xo/terminfo", - "version": "v0.0.0-20220910002029-abceb7e1c41e", - "cpe": "cpe:2.3:a:xo:terminfo:v0.0.0-20220910002029-abceb7e1c41e:*:*:*:*:*:*:*", - "purl": "pkg:golang/github.com/xo/terminfo@v0.0.0-20220910002029-abceb7e1c41e", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no=" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/net@v0.7.0?package-id=9b6fe456f50ff089", - "type": "library", - "name": "golang.org/x/net", - "version": "v0.7.0", - "cpe": "cpe:2.3:a:golang:x\\/net:v0.7.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/net@v0.7.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/net@v0.7.0?package-id=282d4afef2b5985d", - "type": "library", - "name": "golang.org/x/net", - "version": "v0.7.0", - "cpe": "cpe:2.3:a:golang:x\\/net:v0.7.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/net@v0.7.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/sys@v0.0.0-20220928140112-f11e5e49a4ec?package-id=c677433060a84b6e", - "type": "library", - "name": "golang.org/x/sys", - "version": "v0.0.0-20220928140112-f11e5e49a4ec", - "cpe": "cpe:2.3:a:golang:x\\/sys:v0.0.0-20220928140112-f11e5e49a4ec:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/sys@v0.0.0-20220928140112-f11e5e49a4ec", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:golang:x\\/sys:v0.0.0-20220928140112-f11e5e49a4ec:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/sys@v0.0.0-20220928140112-f11e5e49a4ec?package-id=b20fbdb4227283bf", - "type": "library", - "name": "golang.org/x/sys", - "version": "v0.0.0-20220928140112-f11e5e49a4ec", - "cpe": "cpe:2.3:a:golang:x\\/sys:v0.0.0-20220928140112-f11e5e49a4ec:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/sys@v0.0.0-20220928140112-f11e5e49a4ec", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:golang:x\\/sys:v0.0.0-20220928140112-f11e5e49a4ec:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/sys@v0.0.0-20220928140112-f11e5e49a4ec?package-id=2254481be4e4c138", - "type": "library", - "name": "golang.org/x/sys", - "version": "v0.0.0-20220928140112-f11e5e49a4ec", - "cpe": "cpe:2.3:a:golang:x\\/sys:v0.0.0-20220928140112-f11e5e49a4ec:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/sys@v0.0.0-20220928140112-f11e5e49a4ec", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:golang:x\\/sys:v0.0.0-20220928140112-f11e5e49a4ec:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:BkDtF2Ih9xZ7le9ndzTA7KJow28VbQW3odyk/8drmuI=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/sys@v0.5.0?package-id=62f968e9e4d5052e", - "type": "library", - "name": "golang.org/x/sys", - "version": "v0.5.0", - "cpe": "cpe:2.3:a:golang:x\\/sys:v0.5.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/sys@v0.5.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/sys@v0.5.0?package-id=b3ee3a94fe8b0428", - "type": "library", - "name": "golang.org/x/sys", - "version": "v0.5.0", - "cpe": "cpe:2.3:a:golang:x\\/sys:v0.5.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/sys@v0.5.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/term@v0.5.0?package-id=9b3b0bce69258a6c", - "type": "library", - "name": "golang.org/x/term", - "version": "v0.5.0", - "cpe": "cpe:2.3:a:golang:x\\/term:v0.5.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/term@v0.5.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/term@v0.5.0?package-id=5bac34eaa298bc55", - "type": "library", - "name": "golang.org/x/term", - "version": "v0.5.0", - "cpe": "cpe:2.3:a:golang:x\\/term:v0.5.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/term@v0.5.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY=" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/text@v0.3.7?package-id=d359038d99f64aec", - "type": "library", - "name": "golang.org/x/text", - "version": "v0.3.7", - "cpe": "cpe:2.3:a:golang:x\\/text:v0.3.7:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/text@v0.3.7", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:golang:x\\/text:v0.3.7:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/text@v0.3.7?package-id=ae70283ea710ca92", - "type": "library", - "name": "golang.org/x/text", - "version": "v0.3.7", - "cpe": "cpe:2.3:a:golang:x\\/text:v0.3.7:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/text@v0.3.7", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:golang:x\\/text:v0.3.7:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/text@v0.3.7?package-id=aede29b9184a1572", - "type": "library", - "name": "golang.org/x/text", - "version": "v0.3.7", - "cpe": "cpe:2.3:a:golang:x\\/text:v0.3.7:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/text@v0.3.7", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:golang:x\\/text:v0.3.7:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/text@v0.7.0?package-id=e22194836cfac443", - "type": "library", - "name": "golang.org/x/text", - "version": "v0.7.0", - "cpe": "cpe:2.3:a:golang:x\\/text:v0.7.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/text@v0.7.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/golang.org/x/text@v0.7.0?package-id=d47e267b79a17b04", - "type": "library", - "name": "golang.org/x/text", - "version": "v0.7.0", - "cpe": "cpe:2.3:a:golang:x\\/text:v0.7.0:*:*:*:*:*:*:*", - "purl": "pkg:golang/golang.org/x/text@v0.7.0", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=" - } - ] - }, - { - "bom-ref": "pkg:golang/gopkg.in/check.v1@v1.0.0-20200227125254-8fa46927fb4f?package-id=91ef508321667305", - "type": "library", - "name": "gopkg.in/check.v1", - "version": "v1.0.0-20200227125254-8fa46927fb4f", - "purl": "pkg:golang/gopkg.in/check.v1@v1.0.0-20200227125254-8fa46927fb4f", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/gopkg.in/check.v1@v1.0.0-20200227125254-8fa46927fb4f?package-id=51ab5298e5a61ec4", - "type": "library", - "name": "gopkg.in/check.v1", - "version": "v1.0.0-20200227125254-8fa46927fb4f", - "purl": "pkg:golang/gopkg.in/check.v1@v1.0.0-20200227125254-8fa46927fb4f", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/gopkg.in/check.v1@v1.0.0-20200227125254-8fa46927fb4f?package-id=f98199e4d95502dc", - "type": "library", - "name": "gopkg.in/check.v1", - "version": "v1.0.0-20200227125254-8fa46927fb4f", - "purl": "pkg:golang/gopkg.in/check.v1@v1.0.0-20200227125254-8fa46927fb4f", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=" - } - ] - }, - { - "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=7cdb11590526bba3", - "type": "library", - "name": "gopkg.in/yaml.v3", - "version": "v3.0.1", - "purl": "pkg:golang/gopkg.in/yaml.v3@v3.0.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=7d36a1c0c358a2f8", - "type": "library", - "name": "gopkg.in/yaml.v3", - "version": "v3.0.1", - "purl": "pkg:golang/gopkg.in/yaml.v3@v3.0.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/gopkg.in/yaml.v3@v3.0.1?package-id=c6e1240d23bf190f", - "type": "library", - "name": "gopkg.in/yaml.v3", - "version": "v3.0.1", - "purl": "pkg:golang/gopkg.in/yaml.v3@v3.0.1", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64&upstream=gnupg2&distro=ubuntu-22.04&package-id=43190ec1753195bd", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "gpgv", - "version": "2.2.27-3ubuntu2.1", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "CC0-1.0" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - }, - { - "license": { - "id": "LGPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-3.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:gpgv:gpgv:2.2.27-3ubuntu2.1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/gpgv@2.2.27-3ubuntu2.1?arch=amd64&upstream=gnupg2&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gpgv:gpgv:2.2.27-3ubuntu2.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "gnupg2" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/grep@3.7-1build1?arch=amd64&distro=ubuntu-22.04&package-id=d1ba275190b45ccf", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "grep", - "version": "3.7-1build1", - "licenses": [ - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:grep:grep:3.7-1build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/grep@3.7-1build1?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:grep:grep:3.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/gzip@1.10-4ubuntu4?arch=amd64&distro=ubuntu-22.04&package-id=6cc501d5cf5a481e", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "gzip", - "version": "1.10-4ubuntu4", - "licenses": [ - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:gzip:gzip:1.10-4ubuntu4:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/gzip@1.10-4ubuntu4?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:gzip:gzip:1.10-4ubuntu4:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/hostname@3.23ubuntu2?arch=amd64&distro=ubuntu-22.04&package-id=1ffc7e6e34b35fd3", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "hostname", - "version": "3.23ubuntu2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:hostname:hostname:3.23ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/hostname@3.23ubuntu2?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:hostname:hostname:3.23ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/init-system-helpers@1.62?arch=all&distro=ubuntu-22.04&package-id=813a70fcf364add1", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "init-system-helpers", - "version": "1.62", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:init-system-helpers:init-system-helpers:1.62:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/init-system-helpers@1.62?arch=all&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init-system-helpers:init_system_helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init_system_helpers:init-system-helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init_system_helpers:init_system_helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init-system:init-system-helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init-system:init_system_helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init_system:init-system-helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init_system:init_system_helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init:init-system-helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init:init_system_helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init-system-helpers:init-system-helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init-system-helpers:init_system_helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init_system_helpers:init-system-helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init_system_helpers:init_system_helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init-system:init-system-helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init-system:init_system_helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init_system:init-system-helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init_system:init_system_helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init:init-system-helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:init:init_system_helpers:1.62:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20220922133306-665eaaec4324?package-id=340e658e98abae49", - "type": "library", - "name": "k8s.io/utils", - "version": "v0.0.0-20220922133306-665eaaec4324", - "purl": "pkg:golang/k8s.io/utils@v0.0.0-20220922133306-665eaaec4324", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.spdx.json" - } - ] - }, - { - "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20220922133306-665eaaec4324?package-id=ad8efbc649b48ff4", - "type": "library", - "name": "k8s.io/utils", - "version": "v0.0.0-20220922133306-665eaaec4324", - "purl": "pkg:golang/k8s.io/utils@v0.0.0-20220922133306-665eaaec4324", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - } - ] - }, - { - "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20220922133306-665eaaec4324?package-id=370584a60fedc24b", - "type": "library", - "name": "k8s.io/utils", - "version": "v0.0.0-20220922133306-665eaaec4324", - "purl": "pkg:golang/k8s.io/utils@v0.0.0-20220922133306-665eaaec4324", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/bomber.syft.json" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.19" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:i+xdFemcSNuJvIfBlaYuXgRondKxK4z4prVPKzEaelI=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20230220204549-a5ecb0141aa5?package-id=49b8446cc68271cd", - "type": "library", - "name": "k8s.io/utils", - "version": "v0.0.0-20230220204549-a5ecb0141aa5", - "purl": "pkg:golang/k8s.io/utils@v0.0.0-20230220204549-a5ecb0141aa5", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-module-binary-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangBinMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "bomber" - }, - { - "name": "syft:metadata:architecture", - "value": "amd64" - }, - { - "name": "syft:metadata:goCompiledVersion", - "value": "go1.20" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:kmDqav+P+/5e1i9tFfHq1qcF3sOrDp+YEkVDAHu7Jwk=" - }, - { - "name": "syft:metadata:mainModule", - "value": "github.com/devops-kung-fu/bomber" - } - ] - }, - { - "bom-ref": "pkg:golang/k8s.io/utils@v0.0.0-20230220204549-a5ecb0141aa5?package-id=dd90ac2fc792edcc", - "type": "library", - "name": "k8s.io/utils", - "version": "v0.0.0-20230220204549-a5ecb0141aa5", - "purl": "pkg:golang/k8s.io/utils@v0.0.0-20230220204549-a5ecb0141aa5", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "go-mod-file-cataloger" - }, - { - "name": "syft:package:language", - "value": "go" - }, - { - "name": "syft:package:metadataType", - "value": "GolangModMetadata" - }, - { - "name": "syft:package:type", - "value": "go-module" - }, - { - "name": "syft:location:0:path", - "value": "go.mod" - }, - { - "name": "syft:metadata:h1Digest", - "value": "h1:kmDqav+P+/5e1i9tFfHq1qcF3sOrDp+YEkVDAHu7Jwk=" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libacl1@2.3.1-1?arch=amd64&upstream=acl&distro=ubuntu-22.04&package-id=982938b582ecdf53", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libacl1", - "version": "2.3.1-1", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - } - ], - "cpe": "cpe:2.3:a:libacl1:libacl1:2.3.1-1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libacl1@2.3.1-1?arch=amd64&upstream=acl&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libacl1:libacl1:2.3.1-1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "acl" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libapt-pkg6.0@2.4.6?arch=amd64&upstream=apt&distro=ubuntu-22.04&package-id=9efdc704a7d7e372", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libapt-pkg6.0", - "version": "2.4.6", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libapt-pkg6.0:libapt-pkg6.0:2.4.6:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libapt-pkg6.0@2.4.6?arch=amd64&upstream=apt&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libapt-pkg6.0:libapt_pkg6.0:2.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libapt_pkg6.0:libapt-pkg6.0:2.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libapt_pkg6.0:libapt_pkg6.0:2.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libapt:libapt-pkg6.0:2.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libapt:libapt_pkg6.0:2.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libapt-pkg6.0:libapt-pkg6.0:2.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libapt-pkg6.0:libapt_pkg6.0:2.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libapt_pkg6.0:libapt-pkg6.0:2.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libapt_pkg6.0:libapt_pkg6.0:2.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libapt:libapt-pkg6.0:2.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libapt:libapt_pkg6.0:2.4.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "apt" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libattr1@1:2.5.1-1build1?arch=amd64&upstream=attr&distro=ubuntu-22.04&package-id=9fd6cd11cbf40904", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libattr1", - "version": "1:2.5.1-1build1", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - } - ], - "cpe": "cpe:2.3:a:libattr1:libattr1:1\\:2.5.1-1build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libattr1@1:2.5.1-1build1?arch=amd64&upstream=attr&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libattr1:libattr1:1\\:2.5.1-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "attr" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libaudit-common@1:3.0.7-1build1?arch=all&upstream=audit&distro=ubuntu-22.04&package-id=a652d5fad61e79d8", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libaudit-common", - "version": "1:3.0.7-1build1", - "licenses": [ - { - "license": { - "id": "GPL-1.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - } - ], - "cpe": "cpe:2.3:a:libaudit-common:libaudit-common:1\\:3.0.7-1build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libaudit-common@1:3.0.7-1build1?arch=all&upstream=audit&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libaudit-common:libaudit_common:1\\:3.0.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libaudit_common:libaudit-common:1\\:3.0.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libaudit_common:libaudit_common:1\\:3.0.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libaudit:libaudit-common:1\\:3.0.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libaudit:libaudit_common:1\\:3.0.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libaudit-common:libaudit-common:1\\:3.0.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libaudit-common:libaudit_common:1\\:3.0.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libaudit_common:libaudit-common:1\\:3.0.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libaudit_common:libaudit_common:1\\:3.0.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libaudit:libaudit-common:1\\:3.0.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libaudit:libaudit_common:1\\:3.0.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "audit" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libaudit1@1:3.0.7-1build1?arch=amd64&upstream=audit&distro=ubuntu-22.04&package-id=855ce8069c278298", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libaudit1", - "version": "1:3.0.7-1build1", - "licenses": [ - { - "license": { - "id": "GPL-1.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - } - ], - "cpe": "cpe:2.3:a:libaudit1:libaudit1:1\\:3.0.7-1build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libaudit1@1:3.0.7-1build1?arch=amd64&upstream=audit&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libaudit1:libaudit1:1\\:3.0.7-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "audit" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libblkid1@2.37.2-4ubuntu3?arch=amd64&upstream=util-linux&distro=ubuntu-22.04&package-id=350e1e8f89abb782", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libblkid1", - "version": "2.37.2-4ubuntu3", - "licenses": [ - { - "license": { - "id": "BSD-2-Clause" - } - }, - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "BSD-4-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - }, - { - "license": { - "id": "LGPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-3.0-or-later" - } - }, - { - "license": { - "id": "MIT" - } - } - ], - "cpe": "cpe:2.3:a:libblkid1:libblkid1:2.37.2-4ubuntu3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libblkid1@2.37.2-4ubuntu3?arch=amd64&upstream=util-linux&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libblkid1:libblkid1:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "util-linux" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libbz2-1.0@1.0.8-5build1?arch=amd64&upstream=bzip2&distro=ubuntu-22.04&package-id=3fba764521c39aeb", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libbz2-1.0", - "version": "1.0.8-5build1", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libbz2-1.0:libbz2-1.0:1.0.8-5build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libbz2-1.0@1.0.8-5build1?arch=amd64&upstream=bzip2&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libbz2-1.0:libbz2_1.0:1.0.8-5build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libbz2_1.0:libbz2-1.0:1.0.8-5build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libbz2_1.0:libbz2_1.0:1.0.8-5build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libbz2:libbz2-1.0:1.0.8-5build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libbz2:libbz2_1.0:1.0.8-5build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libbz2-1.0:libbz2-1.0:1.0.8-5build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libbz2-1.0:libbz2_1.0:1.0.8-5build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libbz2_1.0:libbz2-1.0:1.0.8-5build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libbz2_1.0:libbz2_1.0:1.0.8-5build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libbz2:libbz2-1.0:1.0.8-5build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libbz2:libbz2_1.0:1.0.8-5build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "bzip2" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64&upstream=glibc&distro=ubuntu-22.04&package-id=8dfe1e0c3b6831ff", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libc-bin", - "version": "2.35-0ubuntu3.1", - "licenses": [ - { - "license": { - "id": "GFDL-1.3-only" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - } - ], - "cpe": "cpe:2.3:a:libc-bin:libc-bin:2.35-0ubuntu3.1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libc-bin@2.35-0ubuntu3.1?arch=amd64&upstream=glibc&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libc-bin:libc_bin:2.35-0ubuntu3.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libc_bin:libc-bin:2.35-0ubuntu3.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libc_bin:libc_bin:2.35-0ubuntu3.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libc:libc-bin:2.35-0ubuntu3.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libc:libc_bin:2.35-0ubuntu3.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libc-bin:libc-bin:2.35-0ubuntu3.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libc-bin:libc_bin:2.35-0ubuntu3.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libc_bin:libc-bin:2.35-0ubuntu3.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libc_bin:libc_bin:2.35-0ubuntu3.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libc:libc-bin:2.35-0ubuntu3.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libc:libc_bin:2.35-0ubuntu3.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "glibc" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=amd64&upstream=glibc&distro=ubuntu-22.04&package-id=60aa624823d26ac3", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libc6", - "version": "2.35-0ubuntu3.1", - "licenses": [ - { - "license": { - "id": "GFDL-1.3-only" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - } - ], - "cpe": "cpe:2.3:a:libc6:libc6:2.35-0ubuntu3.1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libc6@2.35-0ubuntu3.1?arch=amd64&upstream=glibc&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libc6:libc6:2.35-0ubuntu3.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "glibc" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libcap-ng0@0.7.9-2.2build3?arch=amd64&upstream=libcap-ng&distro=ubuntu-22.04&package-id=c32753e936cd4317", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libcap-ng0", - "version": "0.7.9-2.2build3", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - } - ], - "cpe": "cpe:2.3:a:libcap-ng0:libcap-ng0:0.7.9-2.2build3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libcap-ng0@0.7.9-2.2build3?arch=amd64&upstream=libcap-ng&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcap-ng0:libcap_ng0:0.7.9-2.2build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcap_ng0:libcap-ng0:0.7.9-2.2build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcap_ng0:libcap_ng0:0.7.9-2.2build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcap:libcap-ng0:0.7.9-2.2build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcap:libcap_ng0:0.7.9-2.2build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcap-ng0:libcap-ng0:0.7.9-2.2build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcap-ng0:libcap_ng0:0.7.9-2.2build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcap_ng0:libcap-ng0:0.7.9-2.2build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcap_ng0:libcap_ng0:0.7.9-2.2build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcap:libcap-ng0:0.7.9-2.2build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcap:libcap_ng0:0.7.9-2.2build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libcap-ng" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libcap2@1:2.44-1build3?arch=amd64&distro=ubuntu-22.04&package-id=5fa8956b49f1d96b", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libcap2", - "version": "1:2.44-1build3", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:libcap2:libcap2:1\\:2.44-1build3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libcap2@1:2.44-1build3?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcap2:libcap2:1\\:2.44-1build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libcom-err2@1.46.5-2ubuntu1.1?arch=amd64&upstream=e2fsprogs&distro=ubuntu-22.04&package-id=d7cebf8f3822715c", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libcom-err2", - "version": "1.46.5-2ubuntu1.1", - "cpe": "cpe:2.3:a:libcom-err2:libcom-err2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libcom-err2@1.46.5-2ubuntu1.1?arch=amd64&upstream=e2fsprogs&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcom-err2:libcom_err2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcom_err2:libcom-err2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcom_err2:libcom_err2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcom:libcom-err2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcom:libcom_err2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcom-err2:libcom-err2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcom-err2:libcom_err2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcom_err2:libcom-err2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcom_err2:libcom_err2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcom:libcom-err2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcom:libcom_err2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "e2fsprogs" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libcrypt1@1:4.4.27-1?arch=amd64&upstream=libxcrypt&distro=ubuntu-22.04&package-id=925106fcef3e7c96", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libcrypt1", - "version": "1:4.4.27-1", - "cpe": "cpe:2.3:a:libcrypt1:libcrypt1:1\\:4.4.27-1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libcrypt1@1:4.4.27-1?arch=amd64&upstream=libxcrypt&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libcrypt1:libcrypt1:1\\:4.4.27-1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libxcrypt" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libdb5.3@5.3.28+dfsg1-0.8ubuntu3?arch=amd64&upstream=db5.3&distro=ubuntu-22.04&package-id=cdf887923912a7ef", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libdb5.3", - "version": "5.3.28+dfsg1-0.8ubuntu3", - "cpe": "cpe:2.3:a:libdb5.3:libdb5.3:5.3.28\\+dfsg1-0.8ubuntu3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libdb5.3@5.3.28+dfsg1-0.8ubuntu3?arch=amd64&upstream=db5.3&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libdb5.3:libdb5.3:5.3.28\\+dfsg1-0.8ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "db5.3" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libdebconfclient0@0.261ubuntu1?arch=amd64&upstream=cdebconf&distro=ubuntu-22.04&package-id=ef3424a4d62890ee", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libdebconfclient0", - "version": "0.261ubuntu1", - "cpe": "cpe:2.3:a:libdebconfclient0:libdebconfclient0:0.261ubuntu1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libdebconfclient0@0.261ubuntu1?arch=amd64&upstream=cdebconf&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libdebconfclient0:libdebconfclient0:0.261ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "cdebconf" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libext2fs2@1.46.5-2ubuntu1.1?arch=amd64&upstream=e2fsprogs&distro=ubuntu-22.04&package-id=ddb9d33d83193f7e", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libext2fs2", - "version": "1.46.5-2ubuntu1.1", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libext2fs2:libext2fs2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libext2fs2@1.46.5-2ubuntu1.1?arch=amd64&upstream=e2fsprogs&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libext2fs2:libext2fs2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "e2fsprogs" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libffi8@3.4.2-4?arch=amd64&upstream=libffi&distro=ubuntu-22.04&package-id=97c6285c1a417995", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libffi8", - "version": "3.4.2-4", - "cpe": "cpe:2.3:a:libffi8:libffi8:3.4.2-4:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libffi8@3.4.2-4?arch=amd64&upstream=libffi&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libffi8:libffi8:3.4.2-4:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libffi" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libgcc-s1@12-20220319-1ubuntu1?arch=amd64&upstream=gcc-12&distro=ubuntu-22.04&package-id=8dcf05abceff819e", - "type": "library", - "publisher": "Ubuntu Core developers ", - "name": "libgcc-s1", - "version": "12-20220319-1ubuntu1", - "licenses": [ - { - "license": { - "id": "GFDL-1.2-only" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libgcc-s1:libgcc-s1:12-20220319-1ubuntu1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libgcc-s1@12-20220319-1ubuntu1?arch=amd64&upstream=gcc-12&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgcc-s1:libgcc_s1:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgcc_s1:libgcc-s1:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgcc_s1:libgcc_s1:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgcc:libgcc-s1:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgcc:libgcc_s1:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgcc-s1:libgcc-s1:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgcc-s1:libgcc_s1:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgcc_s1:libgcc-s1:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgcc_s1:libgcc_s1:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgcc:libgcc-s1:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgcc:libgcc_s1:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "gcc-12" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libgcrypt20@1.9.4-3ubuntu3?arch=amd64&distro=ubuntu-22.04&package-id=5670051b2fbac5b5", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libgcrypt20", - "version": "1.9.4-3ubuntu3", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libgcrypt20:libgcrypt20:1.9.4-3ubuntu3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libgcrypt20@1.9.4-3ubuntu3?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgcrypt20:libgcrypt20:1.9.4-3ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libgmp10@2:6.2.1+dfsg-3ubuntu1?arch=amd64&upstream=gmp&distro=ubuntu-22.04&package-id=822e3f074ddbe98c", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libgmp10", - "version": "2:6.2.1+dfsg-3ubuntu1", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-3.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libgmp10:libgmp10:2\\:6.2.1\\+dfsg-3ubuntu1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libgmp10@2:6.2.1+dfsg-3ubuntu1?arch=amd64&upstream=gmp&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgmp10:libgmp10:2\\:6.2.1\\+dfsg-3ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "gmp" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1?arch=amd64&upstream=gnutls28&distro=ubuntu-22.04&package-id=a9b9456cd67b9904", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libgnutls30", - "version": "3.7.3-4ubuntu1", - "licenses": [ - { - "license": { - "id": "Apache-2.0" - } - }, - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "GFDL-1.3-only" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-3.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libgnutls30:libgnutls30:3.7.3-4ubuntu1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libgnutls30@3.7.3-4ubuntu1?arch=amd64&upstream=gnutls28&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgnutls30:libgnutls30:3.7.3-4ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "gnutls28" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libgpg-error0@1.43-3?arch=amd64&upstream=libgpg-error&distro=ubuntu-22.04&package-id=a428be9a7999438d", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libgpg-error0", - "version": "1.43-3", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - } - ], - "cpe": "cpe:2.3:a:libgpg-error0:libgpg-error0:1.43-3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libgpg-error0@1.43-3?arch=amd64&upstream=libgpg-error&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgpg-error0:libgpg_error0:1.43-3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgpg_error0:libgpg-error0:1.43-3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgpg_error0:libgpg_error0:1.43-3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgpg:libgpg-error0:1.43-3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgpg:libgpg_error0:1.43-3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgpg-error0:libgpg-error0:1.43-3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgpg-error0:libgpg_error0:1.43-3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgpg_error0:libgpg-error0:1.43-3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgpg_error0:libgpg_error0:1.43-3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgpg:libgpg-error0:1.43-3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgpg:libgpg_error0:1.43-3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libgpg-error" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2?arch=amd64&upstream=krb5&distro=ubuntu-22.04&package-id=9a936c850412fc9c", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libgssapi-krb5-2", - "version": "1.19.2-2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libgssapi-krb5-2:libgssapi-krb5-2:1.19.2-2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libgssapi-krb5-2@1.19.2-2?arch=amd64&upstream=krb5&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi-krb5-2:libgssapi_krb5_2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi_krb5_2:libgssapi-krb5-2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi_krb5_2:libgssapi_krb5_2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi-krb5:libgssapi-krb5-2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi-krb5:libgssapi_krb5_2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi_krb5:libgssapi-krb5-2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi_krb5:libgssapi_krb5_2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi:libgssapi-krb5-2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi:libgssapi_krb5_2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi-krb5-2:libgssapi-krb5-2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi-krb5-2:libgssapi_krb5_2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi_krb5_2:libgssapi-krb5-2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi_krb5_2:libgssapi_krb5_2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi-krb5:libgssapi-krb5-2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi-krb5:libgssapi_krb5_2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi_krb5:libgssapi-krb5-2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi_krb5:libgssapi_krb5_2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi:libgssapi-krb5-2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libgssapi:libgssapi_krb5_2:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "krb5" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libhogweed6@3.7.3-1build2?arch=amd64&upstream=nettle&distro=ubuntu-22.04&package-id=a881b05dc09e25ad", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libhogweed6", - "version": "3.7.3-1build2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-3.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:libhogweed6:libhogweed6:3.7.3-1build2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libhogweed6@3.7.3-1build2?arch=amd64&upstream=nettle&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libhogweed6:libhogweed6:3.7.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "nettle" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libidn2-0@2.3.2-2build1?arch=amd64&upstream=libidn2&distro=ubuntu-22.04&package-id=af47d97b7ae1161f", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libidn2-0", - "version": "2.3.2-2build1", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-3.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:libidn2-0:libidn2-0:2.3.2-2build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libidn2-0@2.3.2-2build1?arch=amd64&upstream=libidn2&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libidn2-0:libidn2_0:2.3.2-2build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libidn2_0:libidn2-0:2.3.2-2build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libidn2_0:libidn2_0:2.3.2-2build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libidn2:libidn2-0:2.3.2-2build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libidn2:libidn2_0:2.3.2-2build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libidn2-0:libidn2-0:2.3.2-2build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libidn2-0:libidn2_0:2.3.2-2build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libidn2_0:libidn2-0:2.3.2-2build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libidn2_0:libidn2_0:2.3.2-2build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libidn2:libidn2-0:2.3.2-2build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libidn2:libidn2_0:2.3.2-2build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libidn2" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2?arch=amd64&upstream=krb5&distro=ubuntu-22.04&package-id=583e748627760a6f", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libk5crypto3", - "version": "1.19.2-2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libk5crypto3:libk5crypto3:1.19.2-2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libk5crypto3@1.19.2-2?arch=amd64&upstream=krb5&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libk5crypto3:libk5crypto3:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "krb5" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libkeyutils1@1.6.1-2ubuntu3?arch=amd64&upstream=keyutils&distro=ubuntu-22.04&package-id=d52d60e0918dbb18", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libkeyutils1", - "version": "1.6.1-2ubuntu3", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:libkeyutils1:libkeyutils1:1.6.1-2ubuntu3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libkeyutils1@1.6.1-2ubuntu3?arch=amd64&upstream=keyutils&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkeyutils1:libkeyutils1:1.6.1-2ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "keyutils" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2?arch=amd64&upstream=krb5&distro=ubuntu-22.04&package-id=e0e8455a40299660", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libkrb5-3", - "version": "1.19.2-2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libkrb5-3:libkrb5-3:1.19.2-2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libkrb5-3@1.19.2-2?arch=amd64&upstream=krb5&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkrb5-3:libkrb5_3:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkrb5_3:libkrb5-3:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkrb5_3:libkrb5_3:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkrb5:libkrb5-3:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkrb5:libkrb5_3:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkrb5-3:libkrb5-3:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkrb5-3:libkrb5_3:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkrb5_3:libkrb5-3:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkrb5_3:libkrb5_3:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkrb5:libkrb5-3:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkrb5:libkrb5_3:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "krb5" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2?arch=amd64&upstream=krb5&distro=ubuntu-22.04&package-id=3588993c45926476", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libkrb5support0", - "version": "1.19.2-2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libkrb5support0:libkrb5support0:1.19.2-2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libkrb5support0@1.19.2-2?arch=amd64&upstream=krb5&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libkrb5support0:libkrb5support0:1.19.2-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "krb5" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/liblz4-1@1.9.3-2build2?arch=amd64&upstream=lz4&distro=ubuntu-22.04&package-id=1200fb9b248e46ab", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "liblz4-1", - "version": "1.9.3-2build2", - "licenses": [ - { - "license": { - "id": "BSD-2-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:liblz4-1:liblz4-1:1.9.3-2build2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/liblz4-1@1.9.3-2build2?arch=amd64&upstream=lz4&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:liblz4-1:liblz4_1:1.9.3-2build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:liblz4_1:liblz4-1:1.9.3-2build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:liblz4_1:liblz4_1:1.9.3-2build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:liblz4:liblz4-1:1.9.3-2build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:liblz4:liblz4_1:1.9.3-2build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:liblz4-1:liblz4-1:1.9.3-2build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:liblz4-1:liblz4_1:1.9.3-2build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:liblz4_1:liblz4-1:1.9.3-2build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:liblz4_1:liblz4_1:1.9.3-2build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:liblz4:liblz4-1:1.9.3-2build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:liblz4:liblz4_1:1.9.3-2build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "lz4" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/liblzma5@5.2.5-2ubuntu1?arch=amd64&upstream=xz-utils&distro=ubuntu-22.04&package-id=c63c142f4ae1a683", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "liblzma5", - "version": "5.2.5-2ubuntu1", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - } - ], - "cpe": "cpe:2.3:a:liblzma5:liblzma5:5.2.5-2ubuntu1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/liblzma5@5.2.5-2ubuntu1?arch=amd64&upstream=xz-utils&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:liblzma5:liblzma5:5.2.5-2ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "xz-utils" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libmount1@2.37.2-4ubuntu3?arch=amd64&upstream=util-linux&distro=ubuntu-22.04&package-id=ea8ad5871724dfa8", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libmount1", - "version": "2.37.2-4ubuntu3", - "licenses": [ - { - "license": { - "id": "BSD-2-Clause" - } - }, - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "BSD-4-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - }, - { - "license": { - "id": "LGPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-3.0-or-later" - } - }, - { - "license": { - "id": "MIT" - } - } - ], - "cpe": "cpe:2.3:a:libmount1:libmount1:2.37.2-4ubuntu3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libmount1@2.37.2-4ubuntu3?arch=amd64&upstream=util-linux&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libmount1:libmount1:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "util-linux" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64&upstream=ncurses&distro=ubuntu-22.04&package-id=aa13087fa3a40fad", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libncurses6", - "version": "6.3-2", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "X11" - } - } - ], - "cpe": "cpe:2.3:a:libncurses6:libncurses6:6.3-2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libncurses6@6.3-2?arch=amd64&upstream=ncurses&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libncurses6:libncurses6:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "ncurses" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64&upstream=ncurses&distro=ubuntu-22.04&package-id=6b2b737fd0f24176", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libncursesw6", - "version": "6.3-2", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "X11" - } - } - ], - "cpe": "cpe:2.3:a:libncursesw6:libncursesw6:6.3-2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libncursesw6@6.3-2?arch=amd64&upstream=ncurses&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libncursesw6:libncursesw6:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "ncurses" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libnettle8@3.7.3-1build2?arch=amd64&upstream=nettle&distro=ubuntu-22.04&package-id=15f804750a0a0f4c", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libnettle8", - "version": "3.7.3-1build2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-3.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:libnettle8:libnettle8:3.7.3-1build2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libnettle8@3.7.3-1build2?arch=amd64&upstream=nettle&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libnettle8:libnettle8:3.7.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "nettle" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libnsl2@1.3.0-2build2?arch=amd64&upstream=libnsl&distro=ubuntu-22.04&package-id=407d133ecda16a93", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libnsl2", - "version": "1.3.0-2build2", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - }, - { - "license": { - "id": "MIT" - } - } - ], - "cpe": "cpe:2.3:a:libnsl2:libnsl2:1.3.0-2build2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libnsl2@1.3.0-2build2?arch=amd64&upstream=libnsl&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libnsl2:libnsl2:1.3.0-2build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libnsl" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libp11-kit0@0.24.0-6build1?arch=amd64&upstream=p11-kit&distro=ubuntu-22.04&package-id=7580eb2a25d0afc6", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libp11-kit0", - "version": "0.24.0-6build1", - "licenses": [ - { - "license": { - "id": "Apache-2.0" - } - }, - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "ISC" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - } - ], - "cpe": "cpe:2.3:a:libp11-kit0:libp11-kit0:0.24.0-6build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libp11-kit0@0.24.0-6build1?arch=amd64&upstream=p11-kit&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libp11-kit0:libp11_kit0:0.24.0-6build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libp11_kit0:libp11-kit0:0.24.0-6build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libp11_kit0:libp11_kit0:0.24.0-6build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libp11:libp11-kit0:0.24.0-6build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libp11:libp11_kit0:0.24.0-6build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libp11-kit0:libp11-kit0:0.24.0-6build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libp11-kit0:libp11_kit0:0.24.0-6build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libp11_kit0:libp11-kit0:0.24.0-6build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libp11_kit0:libp11_kit0:0.24.0-6build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libp11:libp11-kit0:0.24.0-6build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libp11:libp11_kit0:0.24.0-6build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "p11-kit" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2?arch=amd64&upstream=pam&distro=ubuntu-22.04&package-id=2a3642aaf3fe2945", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libpam-modules", - "version": "1.4.0-11ubuntu2", - "cpe": "cpe:2.3:a:libpam-modules:libpam-modules:1.4.0-11ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libpam-modules@1.4.0-11ubuntu2?arch=amd64&upstream=pam&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-modules:libpam_modules:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_modules:libpam-modules:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_modules:libpam_modules:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam:libpam-modules:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam:libpam_modules:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-modules:libpam-modules:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-modules:libpam_modules:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_modules:libpam-modules:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_modules:libpam_modules:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam:libpam-modules:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam:libpam_modules:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "pam" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2?arch=amd64&upstream=pam&distro=ubuntu-22.04&package-id=33e0b9ebbc7f9f2d", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libpam-modules-bin", - "version": "1.4.0-11ubuntu2", - "cpe": "cpe:2.3:a:libpam-modules-bin:libpam-modules-bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libpam-modules-bin@1.4.0-11ubuntu2?arch=amd64&upstream=pam&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-modules-bin:libpam_modules_bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_modules_bin:libpam-modules-bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_modules_bin:libpam_modules_bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-modules:libpam-modules-bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-modules:libpam_modules_bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_modules:libpam-modules-bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_modules:libpam_modules_bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam:libpam-modules-bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam:libpam_modules_bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-modules-bin:libpam-modules-bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-modules-bin:libpam_modules_bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_modules_bin:libpam-modules-bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_modules_bin:libpam_modules_bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-modules:libpam-modules-bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-modules:libpam_modules_bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_modules:libpam-modules-bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_modules:libpam_modules_bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam:libpam-modules-bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam:libpam_modules_bin:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "pam" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2?arch=all&upstream=pam&distro=ubuntu-22.04&package-id=2dc3ee90a24bb8d0", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libpam-runtime", - "version": "1.4.0-11ubuntu2", - "cpe": "cpe:2.3:a:libpam-runtime:libpam-runtime:1.4.0-11ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libpam-runtime@1.4.0-11ubuntu2?arch=all&upstream=pam&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-runtime:libpam_runtime:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_runtime:libpam-runtime:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_runtime:libpam_runtime:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam:libpam-runtime:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam:libpam_runtime:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-runtime:libpam-runtime:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam-runtime:libpam_runtime:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_runtime:libpam-runtime:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam_runtime:libpam_runtime:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam:libpam-runtime:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam:libpam_runtime:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "pam" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2?arch=amd64&upstream=pam&distro=ubuntu-22.04&package-id=8f71852547717044", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libpam0g", - "version": "1.4.0-11ubuntu2", - "cpe": "cpe:2.3:a:libpam0g:libpam0g:1.4.0-11ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libpam0g@1.4.0-11ubuntu2?arch=amd64&upstream=pam&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpam0g:libpam0g:1.4.0-11ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "pam" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libpcre2-8-0@10.39-3build1?arch=amd64&upstream=pcre2&distro=ubuntu-22.04&package-id=de9f5c153ca2420b", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libpcre2-8-0", - "version": "10.39-3build1", - "cpe": "cpe:2.3:a:libpcre2-8-0:libpcre2-8-0:10.39-3build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libpcre2-8-0@10.39-3build1?arch=amd64&upstream=pcre2&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2-8-0:libpcre2_8_0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2_8_0:libpcre2-8-0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2_8_0:libpcre2_8_0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2-8:libpcre2-8-0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2-8:libpcre2_8_0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2_8:libpcre2-8-0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2_8:libpcre2_8_0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2:libpcre2-8-0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2:libpcre2_8_0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2-8-0:libpcre2-8-0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2-8-0:libpcre2_8_0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2_8_0:libpcre2-8-0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2_8_0:libpcre2_8_0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2-8:libpcre2-8-0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2-8:libpcre2_8_0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2_8:libpcre2-8-0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2_8:libpcre2_8_0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2:libpcre2-8-0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre2:libpcre2_8_0:10.39-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "pcre2" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libpcre3@2:8.39-13ubuntu0.22.04.1?arch=amd64&upstream=pcre3&distro=ubuntu-22.04&package-id=fe371b16c10fe70", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libpcre3", - "version": "2:8.39-13ubuntu0.22.04.1", - "cpe": "cpe:2.3:a:libpcre3:libpcre3:2\\:8.39-13ubuntu0.22.04.1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libpcre3@2:8.39-13ubuntu0.22.04.1?arch=amd64&upstream=pcre3&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libpcre3:libpcre3:2\\:8.39-13ubuntu0.22.04.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "pcre3" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libprocps8@2:3.3.17-6ubuntu2?arch=amd64&upstream=procps&distro=ubuntu-22.04&package-id=914cc67c94824918", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libprocps8", - "version": "2:3.3.17-6ubuntu2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - } - ], - "cpe": "cpe:2.3:a:libprocps8:libprocps8:2\\:3.3.17-6ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libprocps8@2:3.3.17-6ubuntu2?arch=amd64&upstream=procps&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libprocps8:libprocps8:2\\:3.3.17-6ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "procps" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libseccomp2@2.5.3-2ubuntu2?arch=amd64&upstream=libseccomp&distro=ubuntu-22.04&package-id=b9be0b58633f57ba", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libseccomp2", - "version": "2.5.3-2ubuntu2", - "licenses": [ - { - "license": { - "id": "LGPL-2.1-only" - } - } - ], - "cpe": "cpe:2.3:a:libseccomp2:libseccomp2:2.5.3-2ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libseccomp2@2.5.3-2ubuntu2?arch=amd64&upstream=libseccomp&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libseccomp2:libseccomp2:2.5.3-2ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libseccomp" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libselinux1@3.3-1build2?arch=amd64&upstream=libselinux&distro=ubuntu-22.04&package-id=65bf519d14c15ab", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libselinux1", - "version": "3.3-1build2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - } - ], - "cpe": "cpe:2.3:a:libselinux1:libselinux1:3.3-1build2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libselinux1@3.3-1build2?arch=amd64&upstream=libselinux&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libselinux1:libselinux1:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libselinux" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libsemanage-common@3.3-1build2?arch=all&upstream=libsemanage&distro=ubuntu-22.04&package-id=a36fb22365780f25", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libsemanage-common", - "version": "3.3-1build2", - "cpe": "cpe:2.3:a:libsemanage-common:libsemanage-common:3.3-1build2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libsemanage-common@3.3-1build2?arch=all&upstream=libsemanage&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsemanage-common:libsemanage_common:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsemanage_common:libsemanage-common:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsemanage_common:libsemanage_common:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsemanage:libsemanage-common:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsemanage:libsemanage_common:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsemanage-common:libsemanage-common:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsemanage-common:libsemanage_common:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsemanage_common:libsemanage-common:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsemanage_common:libsemanage_common:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsemanage:libsemanage-common:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsemanage:libsemanage_common:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libsemanage" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libsemanage2@3.3-1build2?arch=amd64&upstream=libsemanage&distro=ubuntu-22.04&package-id=fe3264f5924e0157", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libsemanage2", - "version": "3.3-1build2", - "cpe": "cpe:2.3:a:libsemanage2:libsemanage2:3.3-1build2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libsemanage2@3.3-1build2?arch=amd64&upstream=libsemanage&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsemanage2:libsemanage2:3.3-1build2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libsemanage" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libsepol2@3.3-1build1?arch=amd64&upstream=libsepol&distro=ubuntu-22.04&package-id=fff7b3f04042566e", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libsepol2", - "version": "3.3-1build1", - "cpe": "cpe:2.3:a:libsepol2:libsepol2:3.3-1build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libsepol2@3.3-1build1?arch=amd64&upstream=libsepol&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsepol2:libsepol2:3.3-1build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libsepol" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libsmartcols1@2.37.2-4ubuntu3?arch=amd64&upstream=util-linux&distro=ubuntu-22.04&package-id=22c4458992e9781b", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libsmartcols1", - "version": "2.37.2-4ubuntu3", - "licenses": [ - { - "license": { - "id": "BSD-2-Clause" - } - }, - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "BSD-4-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - }, - { - "license": { - "id": "LGPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-3.0-or-later" - } - }, - { - "license": { - "id": "MIT" - } - } - ], - "cpe": "cpe:2.3:a:libsmartcols1:libsmartcols1:2.37.2-4ubuntu3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libsmartcols1@2.37.2-4ubuntu3?arch=amd64&upstream=util-linux&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsmartcols1:libsmartcols1:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "util-linux" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libss2@1.46.5-2ubuntu1.1?arch=amd64&upstream=e2fsprogs&distro=ubuntu-22.04&package-id=8abe8e06c642d1b8", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libss2", - "version": "1.46.5-2ubuntu1.1", - "cpe": "cpe:2.3:a:libss2:libss2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libss2@1.46.5-2ubuntu1.1?arch=amd64&upstream=e2fsprogs&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libss2:libss2:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "e2fsprogs" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.6?arch=amd64&upstream=openssl&distro=ubuntu-22.04&package-id=a18146b0ab664fa", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libssl3", - "version": "3.0.2-0ubuntu1.6", - "licenses": [ - { - "license": { - "id": "Apache-2.0" - } - }, - { - "license": { - "id": "GPL-1.0-only" - } - }, - { - "license": { - "id": "GPL-1.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:libssl3:libssl3:3.0.2-0ubuntu1.6:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libssl3@3.0.2-0ubuntu1.6?arch=amd64&upstream=openssl&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libssl3:libssl3:3.0.2-0ubuntu1.6:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "openssl" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libstdc++6@12-20220319-1ubuntu1?arch=amd64&upstream=gcc-12&distro=ubuntu-22.04&package-id=65254fabd72afa51", - "type": "library", - "publisher": "Ubuntu Core developers ", - "name": "libstdc++6", - "version": "12-20220319-1ubuntu1", - "licenses": [ - { - "license": { - "id": "GFDL-1.2-only" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libstdc\\+\\+6:libstdc\\+\\+6:12-20220319-1ubuntu1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libstdc++6@12-20220319-1ubuntu1?arch=amd64&upstream=gcc-12&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libstdc\\+\\+6:libstdc\\+\\+6:12-20220319-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "gcc-12" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.4?arch=amd64&upstream=systemd&distro=ubuntu-22.04&package-id=44c2a17d5207f995", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libsystemd0", - "version": "249.11-0ubuntu3.4", - "licenses": [ - { - "license": { - "id": "CC0-1.0" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - } - ], - "cpe": "cpe:2.3:a:libsystemd0:libsystemd0:249.11-0ubuntu3.4:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libsystemd0@249.11-0ubuntu3.4?arch=amd64&upstream=systemd&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libsystemd0:libsystemd0:249.11-0ubuntu3.4:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "systemd" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64&distro=ubuntu-22.04&package-id=84045cf77dd1e03f", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libtasn1-6", - "version": "4.18.0-4build1", - "licenses": [ - { - "license": { - "id": "GFDL-1.3-only" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - } - ], - "cpe": "cpe:2.3:a:libtasn1-6:libtasn1-6:4.18.0-4build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libtasn1-6@4.18.0-4build1?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtasn1-6:libtasn1_6:4.18.0-4build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtasn1_6:libtasn1-6:4.18.0-4build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtasn1_6:libtasn1_6:4.18.0-4build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtasn1:libtasn1-6:4.18.0-4build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtasn1:libtasn1_6:4.18.0-4build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtasn1-6:libtasn1-6:4.18.0-4build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtasn1-6:libtasn1_6:4.18.0-4build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtasn1_6:libtasn1-6:4.18.0-4build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtasn1_6:libtasn1_6:4.18.0-4build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtasn1:libtasn1-6:4.18.0-4build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtasn1:libtasn1_6:4.18.0-4build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=amd64&upstream=ncurses&distro=ubuntu-22.04&package-id=dbed952d6f75cf53", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libtinfo6", - "version": "6.3-2", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "X11" - } - } - ], - "cpe": "cpe:2.3:a:libtinfo6:libtinfo6:6.3-2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libtinfo6@6.3-2?arch=amd64&upstream=ncurses&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtinfo6:libtinfo6:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "ncurses" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libtirpc-common@1.3.2-2ubuntu0.1?arch=all&upstream=libtirpc&distro=ubuntu-22.04&package-id=cc43144d4b5bda8b", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libtirpc-common", - "version": "1.3.2-2ubuntu0.1", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - } - ], - "cpe": "cpe:2.3:a:libtirpc-common:libtirpc-common:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libtirpc-common@1.3.2-2ubuntu0.1?arch=all&upstream=libtirpc&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtirpc-common:libtirpc_common:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtirpc_common:libtirpc-common:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtirpc_common:libtirpc_common:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtirpc:libtirpc-common:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtirpc:libtirpc_common:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtirpc-common:libtirpc-common:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtirpc-common:libtirpc_common:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtirpc_common:libtirpc-common:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtirpc_common:libtirpc_common:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtirpc:libtirpc-common:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtirpc:libtirpc_common:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libtirpc" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libtirpc3@1.3.2-2ubuntu0.1?arch=amd64&upstream=libtirpc&distro=ubuntu-22.04&package-id=cbe9360395c7b33", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libtirpc3", - "version": "1.3.2-2ubuntu0.1", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - } - ], - "cpe": "cpe:2.3:a:libtirpc3:libtirpc3:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libtirpc3@1.3.2-2ubuntu0.1?arch=amd64&upstream=libtirpc&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libtirpc3:libtirpc3:1.3.2-2ubuntu0.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libtirpc" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.4?arch=amd64&upstream=systemd&distro=ubuntu-22.04&package-id=c057b6905b125c85", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libudev1", - "version": "249.11-0ubuntu3.4", - "licenses": [ - { - "license": { - "id": "CC0-1.0" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - } - ], - "cpe": "cpe:2.3:a:libudev1:libudev1:249.11-0ubuntu3.4:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libudev1@249.11-0ubuntu3.4?arch=amd64&upstream=systemd&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libudev1:libudev1:249.11-0ubuntu3.4:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "systemd" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libunistring2@1.0-1?arch=amd64&upstream=libunistring&distro=ubuntu-22.04&package-id=b0ebdb4a897a50e2", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libunistring2", - "version": "1.0-1", - "licenses": [ - { - "license": { - "id": "GFDL-1.2-only" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-3.0-or-later" - } - }, - { - "license": { - "id": "MIT" - } - } - ], - "cpe": "cpe:2.3:a:libunistring2:libunistring2:1.0-1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libunistring2@1.0-1?arch=amd64&upstream=libunistring&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libunistring2:libunistring2:1.0-1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libunistring" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libuuid1@2.37.2-4ubuntu3?arch=amd64&upstream=util-linux&distro=ubuntu-22.04&package-id=7c20a0a6002108da", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libuuid1", - "version": "2.37.2-4ubuntu3", - "licenses": [ - { - "license": { - "id": "BSD-2-Clause" - } - }, - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "BSD-4-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - }, - { - "license": { - "id": "LGPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-3.0-or-later" - } - }, - { - "license": { - "id": "MIT" - } - } - ], - "cpe": "cpe:2.3:a:libuuid1:libuuid1:2.37.2-4ubuntu3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libuuid1@2.37.2-4ubuntu3?arch=amd64&upstream=util-linux&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libuuid1:libuuid1:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "util-linux" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libxxhash0@0.8.1-1?arch=amd64&upstream=xxhash&distro=ubuntu-22.04&package-id=e101cf8e114a04b", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libxxhash0", - "version": "0.8.1-1", - "licenses": [ - { - "license": { - "id": "BSD-2-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:libxxhash0:libxxhash0:0.8.1-1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libxxhash0@0.8.1-1?arch=amd64&upstream=xxhash&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libxxhash0:libxxhash0:0.8.1-1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "xxhash" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/libzstd1@1.4.8+dfsg-3build1?arch=amd64&upstream=libzstd&distro=ubuntu-22.04&package-id=b82b4fc2268117c7", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "libzstd1", - "version": "1.4.8+dfsg-3build1", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "Zlib" - } - } - ], - "cpe": "cpe:2.3:a:libzstd1:libzstd1:1.4.8\\+dfsg-3build1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/libzstd1@1.4.8+dfsg-3build1?arch=amd64&upstream=libzstd&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:libzstd1:libzstd1:1.4.8\\+dfsg-3build1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "libzstd" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/login@1:4.8.1-2ubuntu2?arch=amd64&upstream=shadow&distro=ubuntu-22.04&package-id=fe10382d4faa3862", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "login", - "version": "1:4.8.1-2ubuntu2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:login:login:1\\:4.8.1-2ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/login@1:4.8.1-2ubuntu2?arch=amd64&upstream=shadow&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:login:login:1\\:4.8.1-2ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "shadow" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/logsave@1.46.5-2ubuntu1.1?arch=amd64&upstream=e2fsprogs&distro=ubuntu-22.04&package-id=36d25d8c03d61a26", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "logsave", - "version": "1.46.5-2ubuntu1.1", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:logsave:logsave:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/logsave@1.46.5-2ubuntu1.1?arch=amd64&upstream=e2fsprogs&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:logsave:logsave:1.46.5-2ubuntu1.1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "e2fsprogs" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/lsb-base@11.1.0ubuntu4?arch=all&upstream=lsb&distro=ubuntu-22.04&package-id=66a2d579c9f63afe", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "lsb-base", - "version": "11.1.0ubuntu4", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:lsb-base:lsb-base:11.1.0ubuntu4:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/lsb-base@11.1.0ubuntu4?arch=all&upstream=lsb&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:lsb-base:lsb_base:11.1.0ubuntu4:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:lsb_base:lsb-base:11.1.0ubuntu4:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:lsb_base:lsb_base:11.1.0ubuntu4:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:lsb:lsb-base:11.1.0ubuntu4:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:lsb:lsb_base:11.1.0ubuntu4:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:lsb-base:lsb-base:11.1.0ubuntu4:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:lsb-base:lsb_base:11.1.0ubuntu4:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:lsb_base:lsb-base:11.1.0ubuntu4:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:lsb_base:lsb_base:11.1.0ubuntu4:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:lsb:lsb-base:11.1.0ubuntu4:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:lsb:lsb_base:11.1.0ubuntu4:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "lsb" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/mawk@1.3.4.20200120-3?arch=amd64&distro=ubuntu-22.04&package-id=cf68883326882718", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "mawk", - "version": "1.3.4.20200120-3", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:mawk:mawk:1.3.4.20200120-3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/mawk@1.3.4.20200120-3?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mawk:mawk:1.3.4.20200120-3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/mount@2.37.2-4ubuntu3?arch=amd64&upstream=util-linux&distro=ubuntu-22.04&package-id=dc0c96359b3ddffb", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "mount", - "version": "2.37.2-4ubuntu3", - "licenses": [ - { - "license": { - "id": "BSD-2-Clause" - } - }, - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "BSD-4-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - }, - { - "license": { - "id": "LGPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-3.0-or-later" - } - }, - { - "license": { - "id": "MIT" - } - } - ], - "cpe": "cpe:2.3:a:mount:mount:2.37.2-4ubuntu3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/mount@2.37.2-4ubuntu3?arch=amd64&upstream=util-linux&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:mount:mount:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "util-linux" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all&upstream=ncurses&distro=ubuntu-22.04&package-id=dbc60e5c9abc541d", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "ncurses-base", - "version": "6.3-2", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "X11" - } - } - ], - "cpe": "cpe:2.3:a:ncurses-base:ncurses-base:6.3-2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/ncurses-base@6.3-2?arch=all&upstream=ncurses&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses-base:ncurses_base:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses_base:ncurses-base:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses_base:ncurses_base:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses:ncurses-base:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses:ncurses_base:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses-base:ncurses-base:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses-base:ncurses_base:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses_base:ncurses-base:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses_base:ncurses_base:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses:ncurses-base:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses:ncurses_base:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "ncurses" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64&upstream=ncurses&distro=ubuntu-22.04&package-id=259b39b5bac3ea8e", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "ncurses-bin", - "version": "6.3-2", - "licenses": [ - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "X11" - } - } - ], - "cpe": "cpe:2.3:a:ncurses-bin:ncurses-bin:6.3-2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/ncurses-bin@6.3-2?arch=amd64&upstream=ncurses&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses-bin:ncurses_bin:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses_bin:ncurses-bin:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses_bin:ncurses_bin:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses:ncurses-bin:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses:ncurses_bin:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses-bin:ncurses-bin:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses-bin:ncurses_bin:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses_bin:ncurses-bin:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses_bin:ncurses_bin:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses:ncurses-bin:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ncurses:ncurses_bin:6.3-2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "ncurses" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/passwd@1:4.8.1-2ubuntu2?arch=amd64&upstream=shadow&distro=ubuntu-22.04&package-id=a4220e56633f12ae", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "passwd", - "version": "1:4.8.1-2ubuntu2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:passwd:passwd:1\\:4.8.1-2ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/passwd@1:4.8.1-2ubuntu2?arch=amd64&upstream=shadow&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:passwd:passwd:1\\:4.8.1-2ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "shadow" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1?arch=amd64&upstream=perl&distro=ubuntu-22.04&package-id=9fea07c12c390ba5", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "perl-base", - "version": "5.34.0-3ubuntu1", - "licenses": [ - { - "license": { - "id": "Artistic-2.0" - } - }, - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "GPL-1.0-only" - } - }, - { - "license": { - "id": "GPL-1.0-or-later" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "Zlib" - } - } - ], - "cpe": "cpe:2.3:a:perl-base:perl-base:5.34.0-3ubuntu1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/perl-base@5.34.0-3ubuntu1?arch=amd64&upstream=perl&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:perl-base:perl_base:5.34.0-3ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:perl_base:perl-base:5.34.0-3ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:perl_base:perl_base:5.34.0-3ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:perl:perl-base:5.34.0-3ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:perl:perl_base:5.34.0-3ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:perl-base:perl-base:5.34.0-3ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:perl-base:perl_base:5.34.0-3ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:perl_base:perl-base:5.34.0-3ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:perl_base:perl_base:5.34.0-3ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:perl:perl-base:5.34.0-3ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:perl:perl_base:5.34.0-3ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "perl" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/procps@2:3.3.17-6ubuntu2?arch=amd64&distro=ubuntu-22.04&package-id=5e3c5bc9760804e7", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "procps", - "version": "2:3.3.17-6ubuntu2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - } - ], - "cpe": "cpe:2.3:a:procps:procps:2\\:3.3.17-6ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/procps@2:3.3.17-6ubuntu2?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:procps:procps:2\\:3.3.17-6ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/sed@4.8-1ubuntu2?arch=amd64&distro=ubuntu-22.04&package-id=ac02aad07cf71d3e", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "sed", - "version": "4.8-1ubuntu2", - "licenses": [ - { - "license": { - "id": "GPL-3.0-only" - } - } - ], - "cpe": "cpe:2.3:a:sed:sed:4.8-1ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/sed@4.8-1ubuntu2?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sed:sed:4.8-1ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/sensible-utils@0.0.17?arch=all&distro=ubuntu-22.04&package-id=8e8d0dfc3f014c53", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "sensible-utils", - "version": "0.0.17", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:sensible-utils:sensible-utils:0.0.17:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/sensible-utils@0.0.17?arch=all&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sensible-utils:sensible_utils:0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sensible_utils:sensible-utils:0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sensible_utils:sensible_utils:0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sensible:sensible-utils:0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sensible:sensible_utils:0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sensible-utils:sensible-utils:0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sensible-utils:sensible_utils:0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sensible_utils:sensible-utils:0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sensible_utils:sensible_utils:0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sensible:sensible-utils:0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sensible:sensible_utils:0.0.17:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/sysvinit-utils@3.01-1ubuntu1?arch=amd64&upstream=sysvinit&distro=ubuntu-22.04&package-id=48869c26be549374", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "sysvinit-utils", - "version": "3.01-1ubuntu1", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - } - ], - "cpe": "cpe:2.3:a:sysvinit-utils:sysvinit-utils:3.01-1ubuntu1:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/sysvinit-utils@3.01-1ubuntu1?arch=amd64&upstream=sysvinit&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sysvinit-utils:sysvinit_utils:3.01-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sysvinit_utils:sysvinit-utils:3.01-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sysvinit_utils:sysvinit_utils:3.01-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sysvinit:sysvinit-utils:3.01-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sysvinit:sysvinit_utils:3.01-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sysvinit-utils:sysvinit-utils:3.01-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sysvinit-utils:sysvinit_utils:3.01-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sysvinit_utils:sysvinit-utils:3.01-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sysvinit_utils:sysvinit_utils:3.01-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sysvinit:sysvinit-utils:3.01-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:sysvinit:sysvinit_utils:3.01-1ubuntu1:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "sysvinit" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/tar@1.34+dfsg-1build3?arch=amd64&distro=ubuntu-22.04&package-id=f5145c91152cfbd6", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "tar", - "version": "1.34+dfsg-1build3", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - } - ], - "cpe": "cpe:2.3:a:tar:tar:1.34\\+dfsg-1build3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/tar@1.34+dfsg-1build3?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:tar:tar:1.34\\+dfsg-1build3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/ubuntu-keyring@2021.03.26?arch=all&distro=ubuntu-22.04&package-id=f6e8f005d6ed41b4", - "type": "library", - "publisher": "Dimitri John Ledkov ", - "name": "ubuntu-keyring", - "version": "2021.03.26", - "cpe": "cpe:2.3:a:ubuntu-keyring:ubuntu-keyring:2021.03.26:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/ubuntu-keyring@2021.03.26?arch=all&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ubuntu-keyring:ubuntu_keyring:2021.03.26:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ubuntu_keyring:ubuntu-keyring:2021.03.26:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ubuntu_keyring:ubuntu_keyring:2021.03.26:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ubuntu:ubuntu-keyring:2021.03.26:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ubuntu:ubuntu_keyring:2021.03.26:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ubuntu-keyring:ubuntu-keyring:2021.03.26:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ubuntu-keyring:ubuntu_keyring:2021.03.26:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ubuntu_keyring:ubuntu-keyring:2021.03.26:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ubuntu_keyring:ubuntu_keyring:2021.03.26:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ubuntu:ubuntu-keyring:2021.03.26:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:ubuntu:ubuntu_keyring:2021.03.26:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/usrmerge@25ubuntu2?arch=all&distro=ubuntu-22.04&package-id=ce0ac606345b9580", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "usrmerge", - "version": "25ubuntu2", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "cpe": "cpe:2.3:a:usrmerge:usrmerge:25ubuntu2:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/usrmerge@25ubuntu2?arch=all&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:usrmerge:usrmerge:25ubuntu2:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/util-linux@2.37.2-4ubuntu3?arch=amd64&distro=ubuntu-22.04&package-id=af3c4b0e7e59cf09", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "util-linux", - "version": "2.37.2-4ubuntu3", - "licenses": [ - { - "license": { - "id": "BSD-2-Clause" - } - }, - { - "license": { - "id": "BSD-3-Clause" - } - }, - { - "license": { - "id": "BSD-4-Clause" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-3.0-only" - } - }, - { - "license": { - "id": "GPL-3.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-only" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.1-only" - } - }, - { - "license": { - "id": "LGPL-2.1-or-later" - } - }, - { - "license": { - "id": "LGPL-3.0-only" - } - }, - { - "license": { - "id": "LGPL-3.0-or-later" - } - }, - { - "license": { - "id": "MIT" - } - } - ], - "cpe": "cpe:2.3:a:util-linux:util-linux:2.37.2-4ubuntu3:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/util-linux@2.37.2-4ubuntu3?arch=amd64&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:util-linux:util_linux:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:util_linux:util-linux:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:util_linux:util_linux:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:util:util-linux:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:util:util_linux:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:util-linux:util-linux:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:util-linux:util_linux:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:util_linux:util-linux:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:util_linux:util_linux:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:util:util-linux:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:util:util_linux:2.37.2-4ubuntu3:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - } - ] - }, - { - "bom-ref": "pkg:deb/ubuntu/zlib1g@1:1.2.11.dfsg-2ubuntu9?arch=amd64&upstream=zlib&distro=ubuntu-22.04&package-id=68f81b5068e2ed7f", - "type": "library", - "publisher": "Ubuntu Developers ", - "name": "zlib1g", - "version": "1:1.2.11.dfsg-2ubuntu9", - "licenses": [ - { - "license": { - "id": "Zlib" - } - } - ], - "cpe": "cpe:2.3:a:zlib1g:zlib1g:1\\:1.2.11.dfsg-2ubuntu9:*:*:*:*:*:*:*", - "purl": "pkg:deb/ubuntu/zlib1g@1:1.2.11.dfsg-2ubuntu9?arch=amd64&upstream=zlib&distro=ubuntu-22.04", - "properties": [ - { - "name": "syft:package:foundBy", - "value": "sbom-cataloger" - }, - { - "name": "syft:package:metadataType", - "value": "DpkgMetadata" - }, - { - "name": "syft:package:type", - "value": "deb" - }, - { - "name": "syft:cpe23", - "value": "cpe:2.3:a:zlib1g:zlib1g:1\\:1.2.11.dfsg-2ubuntu9:*:*:*:*:*:*:*" - }, - { - "name": "syft:location:0:path", - "value": "_TESTDATA_/sbom/ubuntu-latest.spdx.json" - }, - { - "name": "syft:metadata:installedSize", - "value": "0" - }, - { - "name": "syft:metadata:source", - "value": "zlib" - } - ] - } - ] -} From dca41ca2f9f7f81564adc900134af64ca153e5a7 Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Mon, 23 Oct 2023 20:09:54 -0600 Subject: [PATCH 11/12] Trigger commit and PR tests --- providers/providerfactory.go | 1 + 1 file changed, 1 insertion(+) diff --git a/providers/providerfactory.go b/providers/providerfactory.go index 51c4c0b..5f46685 100644 --- a/providers/providerfactory.go +++ b/providers/providerfactory.go @@ -20,6 +20,7 @@ func NewProvider(name string) (provider models.Provider, err error) { case "snyk": provider = snyk.Provider{} default: + err = fmt.Errorf("%s is not a valid provider type", name) } return From ce9797687cf19707db20db6ba9e5cd6e9890f031 Mon Sep 17 00:00:00 2001 From: DJ Schleen Date: Mon, 23 Oct 2023 20:16:44 -0600 Subject: [PATCH 12/12] Another attempt at triggering the right PR workflows --- lib/filters/purl.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/filters/purl.go b/lib/filters/purl.go index a9c5a32..dac1248 100644 --- a/lib/filters/purl.go +++ b/lib/filters/purl.go @@ -23,6 +23,6 @@ func Sanitize(purls []string) (sanitized []string, issues []models.Issue) { Purl: p, }) } - } + } // return }