From 375e8442c3afb2e638f4b90b927cf263f171f816 Mon Sep 17 00:00:00 2001 From: Niklas Date: Mon, 27 Sep 2021 19:22:02 +0200 Subject: [PATCH] feat: prune graph edges to indirect dependencies for main module (#72) * prune edges to indirect dependencies of main module Signed-off-by: nscuro * regenerate example sboms Signed-off-by: nscuro (partly) addresses #64 --- examples/app_minikube-v1.23.1.bom.json | 95 ++---------------- examples/bin_minikube-v1.23.1.bom.json | 16 ++-- examples/mod_minikube-v1.23.1.bom.json | 127 ++----------------------- internal/gomod/graph.go | 8 ++ internal/gomod/module.go | 11 ++- 5 files changed, 40 insertions(+), 217 deletions(-) diff --git a/examples/app_minikube-v1.23.1.bom.json b/examples/app_minikube-v1.23.1.bom.json index e4a2a973..0cba60b5 100644 --- a/examples/app_minikube-v1.23.1.bom.json +++ b/examples/app_minikube-v1.23.1.bom.json @@ -1,35 +1,35 @@ { "bomFormat": "CycloneDX", "specVersion": "1.3", - "serialNumber": "urn:uuid:2df66088-ff65-4895-b7ed-8b980e6c677f", + "serialNumber": "urn:uuid:155657e1-9ae0-45d5-8db7-14eca53413c7", "version": 1, "metadata": { - "timestamp": "2021-09-25T19:52:57Z", + "timestamp": "2021-09-27T17:10:57Z", "tools": [ { "vendor": "CycloneDX", "name": "cyclonedx-gomod", - "version": "v0.0.0-20210925214913-cdaccfe30cb0", + "version": "v0.0.0-20210927190843-0fa2b0329ce6", "hashes": [ { "alg": "MD5", - "content": "d6c2bf92f7d13841ed21d9c409cf7cf4" + "content": "386bf2fe173bceda949b2191cc47f2ef" }, { "alg": "SHA-1", - "content": "cf9246e05f2416552edbf4b40ef8c3df259ed751" + "content": "b43fb8be929ea96235f675dbf1136e52f409d1f9" }, { "alg": "SHA-256", - "content": "890a85574c7f68b950f5bc5c08e5a3c32c06e8103de168d5721ec2dcc49fd3b9" + "content": "30d6e73c56ab47946ef0e659a9e5f8f8360a32dde54f51b62484e0b705cd1ce7" }, { "alg": "SHA-384", - "content": "04d28e89523d14fc7dd32c54c4bdbbe99ac12fee427ff69d56ff3f9d98bde3880ab2b77520ff19fd620ab84d39920380" + "content": "3141646e7a6d7e789a6aa4bbb74076a5139ce69a10574483c7fd29ded9a9947678f2003e62669339b99318a683785955" }, { "alg": "SHA-512", - "content": "ddfce73b8949a2d7878f1e9154cfc1228cb16cf55c6a7e57583cdc9ac286e653e8e285a64fda677bd8bc5d83dc85e1c1c54b630f2ab31c69881b1c09bf68538b" + "content": "3a3718c77815501e08d4757def4ea4f3a0f7fe4c7a913ede8b5b6c0696a2dc64d92e6ca1b362ac7c4d8256ea3bfa2b76e4dafee198012fe34a2bfaf42e7ed416" } ] } @@ -3734,131 +3734,57 @@ { "ref": "pkg:golang/k8s.io/minikube@v1.23.1#cmd/minikube", "dependsOn": [ - "pkg:golang/cloud.google.com/go@v0.93.3", "pkg:golang/cloud.google.com/go/storage@v1.16.1", - "pkg:golang/cloud.google.com/go/trace@v0.1.0", "pkg:golang/github.com/Delta456/box-cli-maker/v2@v2.2.2", "pkg:golang/github.com/GoogleCloudPlatform/docker-credential-gcr@v0.0.0-20210713212222-faed5e8b8ca2", "pkg:golang/github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/trace@v0.16.0", - "pkg:golang/github.com/MakeNowJust/heredoc@v0.0.0-20170808103936-bb23615498cd", - "pkg:golang/github.com/VividCortex/ewma@v1.1.1", "pkg:golang/github.com/VividCortex/godaemon@v1.0.0", "pkg:golang/github.com/alonyb/spinner@v1.12.7", - "pkg:golang/github.com/aws/aws-sdk-go@v1.35.24", - "pkg:golang/github.com/bgentry/go-netrc@v0.0.0-20140422174119-9fd32a8b3d3d", "pkg:golang/github.com/blang/semver/v4@v4.0.0", "pkg:golang/github.com/cenkalti/backoff/v4@v4.1.1", "pkg:golang/github.com/cheggaaa/pb/v3@v3.0.8", "pkg:golang/github.com/cloudevents/sdk-go/v2@v2.5.0", "pkg:golang/github.com/cloudfoundry-attic/jibber_jabber@v0.0.0-20151120183258-bcc4c8345a21", - "pkg:golang/github.com/containerd/containerd@v1.5.2", - "pkg:golang/github.com/containerd/stargz-snapshotter/estargz@v0.7.0", - "pkg:golang/github.com/davecgh/go-spew@v1.1.1", - "pkg:golang/github.com/docker/cli@v20.10.7+incompatible", - "pkg:golang/github.com/docker/distribution@v2.7.1+incompatible", "pkg:golang/github.com/docker/docker@v20.10.7+incompatible", - "pkg:golang/github.com/docker/docker-credential-helpers@v0.6.3", - "pkg:golang/github.com/docker/go-connections@v0.4.0", "pkg:golang/github.com/docker/go-units@v0.4.0", - "pkg:golang/github.com/fatih/color@v1.10.0", - "pkg:golang/github.com/fsnotify/fsnotify@v1.4.9", - "pkg:golang/github.com/go-logr/logr@v1.0.0", - "pkg:golang/github.com/gogo/protobuf@v1.3.2", - "pkg:golang/github.com/golang/groupcache@v0.0.0-20200121045136-8c9f03a8e57e", - "pkg:golang/github.com/golang/protobuf@v1.5.2", - "pkg:golang/github.com/golang/snappy@v0.0.3", "pkg:golang/github.com/google/go-cmp@v0.5.6", "pkg:golang/github.com/google/go-containerregistry@v0.6.0", - "pkg:golang/github.com/google/gofuzz@v1.1.0", "pkg:golang/github.com/google/slowjam@v1.0.0", "pkg:golang/github.com/google/uuid@v1.3.0", - "pkg:golang/github.com/googleapis/gax-go/v2@v2.1.0", - "pkg:golang/github.com/googleapis/gnostic@v0.4.1", - "pkg:golang/github.com/gookit/color@v1.4.2", - "pkg:golang/github.com/hashicorp/go-cleanhttp@v0.5.2", "pkg:golang/github.com/hashicorp/go-getter@v1.5.8", - "pkg:golang/github.com/hashicorp/go-safetemp@v1.0.0", - "pkg:golang/github.com/hashicorp/go-version@v1.2.1", - "pkg:golang/github.com/hashicorp/golang-lru@v0.5.3", - "pkg:golang/github.com/hashicorp/hcl@v1.0.0", - "pkg:golang/github.com/hectane/go-acl@v0.0.0-20190604041725-da78bae5fc95", - "pkg:golang/github.com/imdario/mergo@v0.3.11", - "pkg:golang/github.com/intel-go/cpuid@v0.0.0-20181003105527-1a4a6f06a1c6", - "pkg:golang/github.com/jmespath/go-jmespath@v0.4.0", - "pkg:golang/github.com/json-iterator/go@v1.1.11", "pkg:golang/github.com/juju/clock@v0.0.0-20190205081909-9c5c9712527c", - "pkg:golang/github.com/juju/errors@v0.0.0-20190806202954-0232dcc7464d", "pkg:golang/github.com/juju/fslock@v0.0.0-20160525022230-4d5c94c67b4b", "pkg:golang/github.com/juju/mutex@v0.0.0-20180619145857-d21b13acf4bf", "pkg:golang/github.com/kballard/go-shellquote@v0.0.0-20180428030007-95032a82bc51", - "pkg:golang/github.com/klauspost/compress@v1.13.0", "pkg:golang/github.com/klauspost/cpuid@v1.2.0", "pkg:golang/github.com/machine-drivers/docker-machine-driver-vmware@v0.1.3", "pkg:golang/github.com/machine-drivers/machine@v0.7.1-0.20210719174735-6eca26732baa", - "pkg:golang/github.com/magiconair/properties@v1.8.5", - "pkg:golang/github.com/mattn/go-colorable@v0.1.8", "pkg:golang/github.com/mattn/go-isatty@v0.0.14", - "pkg:golang/github.com/mattn/go-runewidth@v0.0.13", - "pkg:golang/github.com/mitchellh/go-homedir@v1.1.0", "pkg:golang/github.com/mitchellh/go-ps@v1.0.0", - "pkg:golang/github.com/mitchellh/go-testing-interface@v1.0.0", - "pkg:golang/github.com/mitchellh/go-wordwrap@v1.0.0", - "pkg:golang/github.com/mitchellh/mapstructure@v1.4.1", - "pkg:golang/github.com/moby/spdystream@v0.2.0", - "pkg:golang/github.com/moby/sys/mount@v0.2.0", - "pkg:golang/github.com/moby/sys/mountinfo@v0.4.1", - "pkg:golang/github.com/moby/term@v0.0.0-20201216013528-df9cb8a40635", - "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd", - "pkg:golang/github.com/modern-go/reflect2@v1.0.1", "pkg:golang/github.com/olekukonko/tablewriter@v0.0.5", "pkg:golang/github.com/opencontainers/go-digest@v1.0.0", - "pkg:golang/github.com/opencontainers/image-spec@v1.0.1", - "pkg:golang/github.com/opencontainers/runc@v1.0.0-rc95", "pkg:golang/github.com/otiai10/copy@v1.6.0", - "pkg:golang/github.com/pelletier/go-toml@v1.9.3", "pkg:golang/github.com/phayes/freeport@v0.0.0-20180830031419-95f893ade6f2", "pkg:golang/github.com/pkg/browser@v0.0.0-20160118053552-9302be274faa", "pkg:golang/github.com/pkg/errors@v0.9.1", "pkg:golang/github.com/pkg/profile@v0.0.0-20161223203901-3a8809bd8a80", - "pkg:golang/github.com/rivo/uniseg@v0.2.0", - "pkg:golang/github.com/russross/blackfriday@v1.5.3-0.20200218234912-41c5fccfd6f6", "pkg:golang/github.com/sayboras/dockerclient@v1.0.0", "pkg:golang/github.com/shirou/gopsutil/v3@v3.21.8", - "pkg:golang/github.com/sirupsen/logrus@v1.8.1", - "pkg:golang/github.com/spf13/afero@v1.6.0", - "pkg:golang/github.com/spf13/cast@v1.3.1", "pkg:golang/github.com/spf13/cobra@v1.2.1", - "pkg:golang/github.com/spf13/jwalterweatherman@v1.1.0", "pkg:golang/github.com/spf13/pflag@v1.0.5", "pkg:golang/github.com/spf13/viper@v1.8.1", - "pkg:golang/github.com/subosito/gotenv@v1.2.0", - "pkg:golang/github.com/tklauser/go-sysconf@v0.3.9", - "pkg:golang/github.com/tklauser/numcpus@v0.3.0", - "pkg:golang/github.com/ulikunitz/xz@v0.5.8", - "pkg:golang/github.com/xo/terminfo@v0.0.0-20210125001918-ca9a967f8778", "pkg:golang/go.opencensus.io@v0.23.0", "pkg:golang/go.opentelemetry.io/otel@v0.17.0", - "pkg:golang/go.opentelemetry.io/otel/metric@v0.17.0", "pkg:golang/go.opentelemetry.io/otel/sdk@v0.16.0", "pkg:golang/go.opentelemetry.io/otel/trace@v0.17.0", - "pkg:golang/go.uber.org/atomic@v1.7.0", - "pkg:golang/go.uber.org/multierr@v1.6.0", - "pkg:golang/go.uber.org/zap@v1.17.0", "pkg:golang/golang.org/x/crypto@v0.0.0-20210322153248-0c34fe9e7dc2", "pkg:golang/golang.org/x/exp@v0.0.0-20210220032938-85be41e4509f", - "pkg:golang/golang.org/x/net@v0.0.0-20210525063256-abc453219eb5", "pkg:golang/golang.org/x/oauth2@v0.0.0-20210819190943-2bc19b11175f", "pkg:golang/golang.org/x/sync@v0.0.0-20210220032951-036812b2e83c", "pkg:golang/golang.org/x/sys@v0.0.0-20210823070655-63515b42dcdf", "pkg:golang/golang.org/x/term@v0.0.0-20210406210042-72f3dc4e9b72", "pkg:golang/golang.org/x/text@v0.3.7", - "pkg:golang/golang.org/x/time@v0.0.0-20210220033141-f8bda1e9f3ba", "pkg:golang/google.golang.org/api@v0.56.0", - "pkg:golang/google.golang.org/genproto@v0.0.0-20210828152312-66f60bf46e71", - "pkg:golang/google.golang.org/grpc@v1.40.0", - "pkg:golang/google.golang.org/protobuf@v1.27.1", - "pkg:golang/gopkg.in/inf.v0@v0.9.1", - "pkg:golang/gopkg.in/ini.v1@v1.62.0", "pkg:golang/gopkg.in/yaml.v2@v2.4.0", "pkg:golang/k8s.io/api@v0.21.2", "pkg:golang/k8s.io/apimachinery@v0.21.2", @@ -3867,10 +3793,7 @@ "pkg:golang/k8s.io/component-base@v0.21.2", "pkg:golang/k8s.io/klog/v2@v2.20.0", "pkg:golang/k8s.io/kubectl@v0.21.2", - "pkg:golang/k8s.io/kubernetes@v1.21.3", - "pkg:golang/k8s.io/utils@v0.0.0-20201110183641-67b214c5f920", - "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.1.2", - "pkg:golang/sigs.k8s.io/yaml@v1.2.0" + "pkg:golang/k8s.io/kubernetes@v1.21.3" ] }, { diff --git a/examples/bin_minikube-v1.23.1.bom.json b/examples/bin_minikube-v1.23.1.bom.json index f7796c4a..a87ee32f 100644 --- a/examples/bin_minikube-v1.23.1.bom.json +++ b/examples/bin_minikube-v1.23.1.bom.json @@ -1,35 +1,35 @@ { "bomFormat": "CycloneDX", "specVersion": "1.3", - "serialNumber": "urn:uuid:5171defc-4ecb-4275-b1ef-bf5ff059ed56", + "serialNumber": "urn:uuid:535fb858-243e-4c6e-b2f3-14747c45bfda", "version": 1, "metadata": { - "timestamp": "2021-09-25T19:53:42Z", + "timestamp": "2021-09-27T17:11:26Z", "tools": [ { "vendor": "CycloneDX", "name": "cyclonedx-gomod", - "version": "v0.0.0-20210925214913-cdaccfe30cb0", + "version": "v0.0.0-20210927190843-0fa2b0329ce6", "hashes": [ { "alg": "MD5", - "content": "d6c2bf92f7d13841ed21d9c409cf7cf4" + "content": "386bf2fe173bceda949b2191cc47f2ef" }, { "alg": "SHA-1", - "content": "cf9246e05f2416552edbf4b40ef8c3df259ed751" + "content": "b43fb8be929ea96235f675dbf1136e52f409d1f9" }, { "alg": "SHA-256", - "content": "890a85574c7f68b950f5bc5c08e5a3c32c06e8103de168d5721ec2dcc49fd3b9" + "content": "30d6e73c56ab47946ef0e659a9e5f8f8360a32dde54f51b62484e0b705cd1ce7" }, { "alg": "SHA-384", - "content": "04d28e89523d14fc7dd32c54c4bdbbe99ac12fee427ff69d56ff3f9d98bde3880ab2b77520ff19fd620ab84d39920380" + "content": "3141646e7a6d7e789a6aa4bbb74076a5139ce69a10574483c7fd29ded9a9947678f2003e62669339b99318a683785955" }, { "alg": "SHA-512", - "content": "ddfce73b8949a2d7878f1e9154cfc1228cb16cf55c6a7e57583cdc9ac286e653e8e285a64fda677bd8bc5d83dc85e1c1c54b630f2ab31c69881b1c09bf68538b" + "content": "3a3718c77815501e08d4757def4ea4f3a0f7fe4c7a913ede8b5b6c0696a2dc64d92e6ca1b362ac7c4d8256ea3bfa2b76e4dafee198012fe34a2bfaf42e7ed416" } ] } diff --git a/examples/mod_minikube-v1.23.1.bom.json b/examples/mod_minikube-v1.23.1.bom.json index fcee462b..24418f96 100644 --- a/examples/mod_minikube-v1.23.1.bom.json +++ b/examples/mod_minikube-v1.23.1.bom.json @@ -1,35 +1,35 @@ { "bomFormat": "CycloneDX", "specVersion": "1.3", - "serialNumber": "urn:uuid:5edc5a19-e6c2-4d78-b023-2ee41a536e9c", + "serialNumber": "urn:uuid:e1ddd88c-c156-442b-a0b5-df8ba89d6b6c", "version": 1, "metadata": { - "timestamp": "2021-09-25T19:53:18Z", + "timestamp": "2021-09-27T17:11:13Z", "tools": [ { "vendor": "CycloneDX", "name": "cyclonedx-gomod", - "version": "v0.0.0-20210925214913-cdaccfe30cb0", + "version": "v0.0.0-20210927190843-0fa2b0329ce6", "hashes": [ { "alg": "MD5", - "content": "d6c2bf92f7d13841ed21d9c409cf7cf4" + "content": "386bf2fe173bceda949b2191cc47f2ef" }, { "alg": "SHA-1", - "content": "cf9246e05f2416552edbf4b40ef8c3df259ed751" + "content": "b43fb8be929ea96235f675dbf1136e52f409d1f9" }, { "alg": "SHA-256", - "content": "890a85574c7f68b950f5bc5c08e5a3c32c06e8103de168d5721ec2dcc49fd3b9" + "content": "30d6e73c56ab47946ef0e659a9e5f8f8360a32dde54f51b62484e0b705cd1ce7" }, { "alg": "SHA-384", - "content": "04d28e89523d14fc7dd32c54c4bdbbe99ac12fee427ff69d56ff3f9d98bde3880ab2b77520ff19fd620ab84d39920380" + "content": "3141646e7a6d7e789a6aa4bbb74076a5139ce69a10574483c7fd29ded9a9947678f2003e62669339b99318a683785955" }, { "alg": "SHA-512", - "content": "ddfce73b8949a2d7878f1e9154cfc1228cb16cf55c6a7e57583cdc9ac286e653e8e285a64fda677bd8bc5d83dc85e1c1c54b630f2ab31c69881b1c09bf68538b" + "content": "3a3718c77815501e08d4757def4ea4f3a0f7fe4c7a913ede8b5b6c0696a2dc64d92e6ca1b362ac7c4d8256ea3bfa2b76e4dafee198012fe34a2bfaf42e7ed416" } ] } @@ -4971,176 +4971,70 @@ { "ref": "pkg:golang/k8s.io/minikube@v1.23.1", "dependsOn": [ - "pkg:golang/cloud.google.com/go@v0.93.3", - "pkg:golang/cloud.google.com/go/container@v0.1.0", - "pkg:golang/cloud.google.com/go/monitoring@v0.1.0", "pkg:golang/cloud.google.com/go/storage@v1.16.1", - "pkg:golang/cloud.google.com/go/trace@v0.1.0", "pkg:golang/contrib.go.opencensus.io/exporter/stackdriver@v0.12.1", - "pkg:golang/github.com/Azure/go-ansiterm@v0.0.0-20170929234023-d6e3b3328b78", "pkg:golang/github.com/Delta456/box-cli-maker/v2@v2.2.2", "pkg:golang/github.com/GoogleCloudPlatform/docker-credential-gcr@v0.0.0-20210713212222-faed5e8b8ca2", "pkg:golang/github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/trace@v0.16.0", - "pkg:golang/github.com/MakeNowJust/heredoc@v0.0.0-20170808103936-bb23615498cd", - "pkg:golang/github.com/Microsoft/go-winio@v0.5.0", - "pkg:golang/github.com/Microsoft/hcsshim@v0.8.17", "pkg:golang/github.com/Parallels/docker-machine-parallels/v2@v2.0.1", - "pkg:golang/github.com/StackExchange/wmi@v1.2.1", - "pkg:golang/github.com/VividCortex/ewma@v1.1.1", "pkg:golang/github.com/VividCortex/godaemon@v1.0.0", - "pkg:golang/github.com/ajstarks/svgo@v0.0.0-20180226025133-644b8db467af", "pkg:golang/github.com/alonyb/spinner@v1.12.7", - "pkg:golang/github.com/aws/aws-sdk-go@v1.35.24", - "pkg:golang/github.com/beorn7/perks@v1.0.1", - "pkg:golang/github.com/bgentry/go-netrc@v0.0.0-20140422174119-9fd32a8b3d3d", "pkg:golang/github.com/blang/semver/v4@v4.0.0", - "pkg:golang/github.com/c4milo/gotoolkit@v0.0.0-20190525173301-67483a18c17a", "pkg:golang/github.com/cenkalti/backoff/v4@v4.1.1", - "pkg:golang/github.com/census-instrumentation/opencensus-proto@v0.2.1", - "pkg:golang/github.com/cespare/xxhash/v2@v2.1.1", "pkg:golang/github.com/cheggaaa/pb/v3@v3.0.8", "pkg:golang/github.com/cloudevents/sdk-go/v2@v2.5.0", "pkg:golang/github.com/cloudfoundry-attic/jibber_jabber@v0.0.0-20151120183258-bcc4c8345a21", - "pkg:golang/github.com/containerd/cgroups@v1.0.1", - "pkg:golang/github.com/containerd/containerd@v1.5.2", - "pkg:golang/github.com/containerd/stargz-snapshotter/estargz@v0.7.0", - "pkg:golang/github.com/cpuguy83/go-md2man/v2@v2.0.0", - "pkg:golang/github.com/davecgh/go-spew@v1.1.1", - "pkg:golang/github.com/docker/cli@v20.10.7+incompatible", - "pkg:golang/github.com/docker/distribution@v2.7.1+incompatible", "pkg:golang/github.com/docker/docker@v20.10.7+incompatible", - "pkg:golang/github.com/docker/docker-credential-helpers@v0.6.3", - "pkg:golang/github.com/docker/go-connections@v0.4.0", "pkg:golang/github.com/docker/go-units@v0.4.0", - "pkg:golang/github.com/fatih/color@v1.10.0", - "pkg:golang/github.com/fogleman/gg@v1.3.0", - "pkg:golang/github.com/fsnotify/fsnotify@v1.4.9", - "pkg:golang/github.com/go-fonts/liberation@v0.1.1", - "pkg:golang/github.com/go-latex/latex@v0.0.0-20210118124228-b3d85cf34e07", - "pkg:golang/github.com/go-logr/logr@v1.0.0", - "pkg:golang/github.com/go-ole/go-ole@v1.2.5", - "pkg:golang/github.com/gogo/protobuf@v1.3.2", "pkg:golang/github.com/golang-collections/collections@v0.0.0-20130729185459-604e922904d3", - "pkg:golang/github.com/golang/freetype@v0.0.0-20170609003504-e2365dfdc4a0", - "pkg:golang/github.com/golang/groupcache@v0.0.0-20200121045136-8c9f03a8e57e", - "pkg:golang/github.com/golang/protobuf@v1.5.2", - "pkg:golang/github.com/golang/snappy@v0.0.3", "pkg:golang/github.com/google/go-containerregistry@v0.6.0", "pkg:golang/github.com/google/go-github/v36@v36.0.0", - "pkg:golang/github.com/google/go-querystring@v1.0.0", - "pkg:golang/github.com/google/gofuzz@v1.1.0", "pkg:golang/github.com/google/slowjam@v1.0.0", "pkg:golang/github.com/google/uuid@v1.3.0", - "pkg:golang/github.com/googleapis/gax-go/v2@v2.1.0", - "pkg:golang/github.com/googleapis/gnostic@v0.4.1", - "pkg:golang/github.com/gookit/color@v1.4.2", - "pkg:golang/github.com/hashicorp/go-cleanhttp@v0.5.2", "pkg:golang/github.com/hashicorp/go-getter@v1.5.8", - "pkg:golang/github.com/hashicorp/go-safetemp@v1.0.0", - "pkg:golang/github.com/hashicorp/go-version@v1.2.1", - "pkg:golang/github.com/hashicorp/golang-lru@v0.5.3", - "pkg:golang/github.com/hashicorp/hcl@v1.0.0", - "pkg:golang/github.com/hectane/go-acl@v0.0.0-20190604041725-da78bae5fc95", "pkg:golang/github.com/hooklift/iso9660@v0.0.0-20170318115843-1cf07e5970d8", - "pkg:golang/github.com/imdario/mergo@v0.3.11", - "pkg:golang/github.com/inconshreveable/mousetrap@v1.0.0", - "pkg:golang/github.com/intel-go/cpuid@v0.0.0-20181003105527-1a4a6f06a1c6", - "pkg:golang/github.com/jmespath/go-jmespath@v0.4.0", "pkg:golang/github.com/johanneswuerbach/nfsexports@v0.0.0-20200318065542-c48c3734757f", - "pkg:golang/github.com/json-iterator/go@v1.1.11", "pkg:golang/github.com/juju/clock@v0.0.0-20190205081909-9c5c9712527c", - "pkg:golang/github.com/juju/errors@v0.0.0-20190806202954-0232dcc7464d", "pkg:golang/github.com/juju/fslock@v0.0.0-20160525022230-4d5c94c67b4b", "pkg:golang/github.com/juju/mutex@v0.0.0-20180619145857-d21b13acf4bf", "pkg:golang/github.com/kballard/go-shellquote@v0.0.0-20180428030007-95032a82bc51", - "pkg:golang/github.com/klauspost/compress@v1.13.0", "pkg:golang/github.com/klauspost/cpuid@v1.2.0", "pkg:golang/github.com/libvirt/libvirt-go@v3.9.0+incompatible", "pkg:golang/github.com/machine-drivers/docker-machine-driver-vmware@v0.1.3", "pkg:golang/github.com/machine-drivers/machine@v0.7.1-0.20210719174735-6eca26732baa", - "pkg:golang/github.com/magiconair/properties@v1.8.5", "pkg:golang/github.com/mattbaird/jsonpatch@v0.0.0-20200820163806-098863c1fc24", - "pkg:golang/github.com/mattn/go-colorable@v0.1.8", "pkg:golang/github.com/mattn/go-isatty@v0.0.14", - "pkg:golang/github.com/mattn/go-runewidth@v0.0.13", - "pkg:golang/github.com/matttproud/golang_protobuf_extensions@v1.0.2-0.20181231171920-c182affec369", - "pkg:golang/github.com/miekg/dns@v1.1.35", - "pkg:golang/github.com/mitchellh/go-homedir@v1.1.0", "pkg:golang/github.com/mitchellh/go-ps@v1.0.0", - "pkg:golang/github.com/mitchellh/go-testing-interface@v1.0.0", - "pkg:golang/github.com/mitchellh/go-wordwrap@v1.0.0", - "pkg:golang/github.com/mitchellh/mapstructure@v1.4.1", "pkg:golang/github.com/moby/hyperkit@v0.0.0-20210108224842-2f061e447e14", - "pkg:golang/github.com/moby/spdystream@v0.2.0", - "pkg:golang/github.com/moby/sys/mount@v0.2.0", - "pkg:golang/github.com/moby/sys/mountinfo@v0.4.1", - "pkg:golang/github.com/moby/term@v0.0.0-20201216013528-df9cb8a40635", - "pkg:golang/github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd", - "pkg:golang/github.com/modern-go/reflect2@v1.0.1", "pkg:golang/github.com/olekukonko/tablewriter@v0.0.5", "pkg:golang/github.com/opencontainers/go-digest@v1.0.0", - "pkg:golang/github.com/opencontainers/image-spec@v1.0.1", - "pkg:golang/github.com/opencontainers/runc@v1.0.0-rc95", "pkg:golang/github.com/otiai10/copy@v1.6.0", "pkg:golang/github.com/pborman/uuid@v1.2.1", - "pkg:golang/github.com/pelletier/go-toml@v1.9.3", "pkg:golang/github.com/phayes/freeport@v0.0.0-20180830031419-95f893ade6f2", - "pkg:golang/github.com/phpdave11/gofpdf@v1.4.2", "pkg:golang/github.com/pkg/browser@v0.0.0-20160118053552-9302be274faa", "pkg:golang/github.com/pkg/errors@v0.9.1", "pkg:golang/github.com/pkg/profile@v0.0.0-20161223203901-3a8809bd8a80", - "pkg:golang/github.com/prometheus/client_golang@v1.7.1", - "pkg:golang/github.com/prometheus/client_model@v0.2.0", - "pkg:golang/github.com/prometheus/common@v0.10.0", - "pkg:golang/github.com/prometheus/procfs@v0.6.0", - "pkg:golang/github.com/rivo/uniseg@v0.2.0", - "pkg:golang/github.com/russross/blackfriday@v1.5.3-0.20200218234912-41c5fccfd6f6", - "pkg:golang/github.com/russross/blackfriday/v2@v2.1.0", "pkg:golang/github.com/sayboras/dockerclient@v1.0.0", "pkg:golang/github.com/shirou/gopsutil/v3@v3.21.8", - "pkg:golang/github.com/sirupsen/logrus@v1.8.1", - "pkg:golang/github.com/spf13/afero@v1.6.0", - "pkg:golang/github.com/spf13/cast@v1.3.1", "pkg:golang/github.com/spf13/cobra@v1.2.1", - "pkg:golang/github.com/spf13/jwalterweatherman@v1.1.0", "pkg:golang/github.com/spf13/pflag@v1.0.5", "pkg:golang/github.com/spf13/viper@v1.8.1", - "pkg:golang/github.com/subosito/gotenv@v1.2.0", - "pkg:golang/github.com/tklauser/go-sysconf@v0.3.9", - "pkg:golang/github.com/tklauser/numcpus@v0.3.0", - "pkg:golang/github.com/ulikunitz/xz@v0.5.8", - "pkg:golang/github.com/xeipuuv/gojsonpointer@v0.0.0-20180127040702-4e3ac2762d5f", - "pkg:golang/github.com/xeipuuv/gojsonreference@v0.0.0-20180127040603-bd5ef7bd5415", "pkg:golang/github.com/xeipuuv/gojsonschema@v0.0.0-20180618132009-1d523034197f", - "pkg:golang/github.com/xo/terminfo@v0.0.0-20210125001918-ca9a967f8778", "pkg:golang/github.com/zchee/go-vmnet@v0.0.0-20161021174912-97ebf9174097", "pkg:golang/go.opencensus.io@v0.23.0", "pkg:golang/go.opentelemetry.io/otel@v0.17.0", - "pkg:golang/go.opentelemetry.io/otel/metric@v0.17.0", "pkg:golang/go.opentelemetry.io/otel/sdk@v0.16.0", "pkg:golang/go.opentelemetry.io/otel/trace@v0.17.0", - "pkg:golang/go.uber.org/atomic@v1.7.0", - "pkg:golang/go.uber.org/multierr@v1.6.0", - "pkg:golang/go.uber.org/zap@v1.17.0", "pkg:golang/golang.org/x/crypto@v0.0.0-20210322153248-0c34fe9e7dc2", "pkg:golang/golang.org/x/exp@v0.0.0-20210220032938-85be41e4509f", - "pkg:golang/golang.org/x/image@v0.0.0-20210216034530-4410531fe030", "pkg:golang/golang.org/x/mod@v0.5.0", - "pkg:golang/golang.org/x/net@v0.0.0-20210525063256-abc453219eb5", "pkg:golang/golang.org/x/oauth2@v0.0.0-20210819190943-2bc19b11175f", "pkg:golang/golang.org/x/sync@v0.0.0-20210220032951-036812b2e83c", "pkg:golang/golang.org/x/sys@v0.0.0-20210823070655-63515b42dcdf", "pkg:golang/golang.org/x/term@v0.0.0-20210406210042-72f3dc4e9b72", "pkg:golang/golang.org/x/text@v0.3.7", - "pkg:golang/golang.org/x/time@v0.0.0-20210220033141-f8bda1e9f3ba", "pkg:golang/gonum.org/v1/plot@v0.9.0", "pkg:golang/google.golang.org/api@v0.56.0", - "pkg:golang/google.golang.org/appengine@v1.6.7", - "pkg:golang/google.golang.org/genproto@v0.0.0-20210828152312-66f60bf46e71", - "pkg:golang/google.golang.org/grpc@v1.40.0", - "pkg:golang/google.golang.org/protobuf@v1.27.1", - "pkg:golang/gopkg.in/inf.v0@v0.9.1", - "pkg:golang/gopkg.in/ini.v1@v1.62.0", "pkg:golang/gopkg.in/yaml.v2@v2.4.0", "pkg:golang/k8s.io/api@v0.21.2", "pkg:golang/k8s.io/apimachinery@v0.21.2", @@ -5150,10 +5044,7 @@ "pkg:golang/k8s.io/klog/v2@v2.20.0", "pkg:golang/k8s.io/kubectl@v0.21.2", "pkg:golang/k8s.io/kubernetes@v1.21.3", - "pkg:golang/k8s.io/utils@v0.0.0-20201110183641-67b214c5f920", - "pkg:golang/sigs.k8s.io/sig-storage-lib-external-provisioner/v6@v6.3.0", - "pkg:golang/sigs.k8s.io/structured-merge-diff/v4@v4.1.2", - "pkg:golang/sigs.k8s.io/yaml@v1.2.0" + "pkg:golang/sigs.k8s.io/sig-storage-lib-external-provisioner/v6@v6.3.0" ] }, { diff --git a/internal/gomod/graph.go b/internal/gomod/graph.go index 227c5f2d..740d5b19 100644 --- a/internal/gomod/graph.go +++ b/internal/gomod/graph.go @@ -87,6 +87,14 @@ func parseModuleGraph(reader io.Reader, modules []Module) error { continue } + if dependant.Main && dependency.Indirect { + log.Debug(). + Str("dependant", dependant.Coordinates()). + Str("dependency", dependency.Coordinates()). + Msg("pruning graph edge to indirect dependency") + continue + } + if dependant.Dependencies == nil { dependant.Dependencies = []*Module{dependency} } else { diff --git a/internal/gomod/module.go b/internal/gomod/module.go index 9ecd9c63..248d20ac 100644 --- a/internal/gomod/module.go +++ b/internal/gomod/module.go @@ -36,11 +36,12 @@ import ( // See https://golang.org/ref/mod#go-list-m type Module struct { - Path string // module path - Version string // module version - Replace *Module // replaced by this module - Main bool // is this the main module? - Dir string // directory holding files for this module, if any + Path string // module path + Version string // module version + Replace *Module // replaced by this module + Main bool // is this the main module? + Indirect bool // is this module only an indirect dependency of main module? + Dir string // directory holding files for this module, if any Dependencies []*Module `json:"-"` // modules this module depends on Local bool `json:"-"` // is this a local module?