Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: generate sboms from binaries (#46)
* add bin command Signed-off-by: nscuro <[email protected]> * add license header Signed-off-by: nscuro <[email protected]> * basic module model + parsing of `go version -m` Signed-off-by: nscuro <[email protected]> * introduce convert package this is the first step of splitting up the sbom package to become more generic. Signed-off-by: nscuro <[email protected]> * convert components in bin command Signed-off-by: nscuro <[email protected]> * add license header Signed-off-by: nscuro <[email protected]> * remove model package Signed-off-by: nscuro <[email protected]> * generate dependency graph Signed-off-by: nscuro <[email protected]> * add compositions; fix depgraph; decode h1 hash; Signed-off-by: nscuro <[email protected]> * add -version flag; add example sbom Signed-off-by: nscuro <[email protected]> * implement generic way of calculating file hashes Signed-off-by: nscuro <[email protected]> * refactor for more code reuse Signed-off-by: nscuro <[email protected]> * fix feature toggle for license resolution Signed-off-by: nscuro <[email protected]> * add more tests Signed-off-by: nscuro <[email protected]> * add binary metadata as properties Signed-off-by: nscuro <[email protected]> * migrate generation logic from sbom to mod package Signed-off-by: nscuro <[email protected]> * move serialnumber handling to cliutil Signed-off-by: nscuro <[email protected]> * more tests Signed-off-by: nscuro <[email protected]> * documentation updates Signed-off-by: nscuro <[email protected]> * fix linter issues Signed-off-by: nscuro <[email protected]> * support replacements Signed-off-by: nscuro <[email protected]> * move common logic into util package Signed-off-by: nscuro <[email protected]> * replace cyclonedx-gomod example sbom with minikube Signed-off-by: nscuro <[email protected]> * refactor: minor tweaks and optimizations Signed-off-by: nscuro <[email protected]> * introduce structured logging Signed-off-by: nscuro <[email protected]> * use str field instead of format string Signed-off-by: nscuro <[email protected]> * don't include caller in debug log Signed-off-by: nscuro <[email protected]> * more logging Signed-off-by: nscuro <[email protected]> * usage examples for `mod` Signed-off-by: nscuro <[email protected]> * add license headers Signed-off-by: nscuro <[email protected]> * more logging Signed-off-by: nscuro <[email protected]> * module sorting Signed-off-by: nscuro <[email protected]> * move compositions creation into its own function Signed-off-by: nscuro <[email protected]> * minor refactoring Signed-off-by: nscuro <[email protected]> * cleanup & add more tests Signed-off-by: nscuro <[email protected]> * remove unneeded test workaround Signed-off-by: nscuro <[email protected]> * move integration tests to e2e package Signed-off-by: nscuro <[email protected]> * simple e2e test for bin cmd Signed-off-by: nscuro <[email protected]> * regenerate example sboms; replace proton-bridge with minikube Signed-off-by: nscuro <[email protected]>
- Loading branch information