github.com/anchore/syft@v1.38.2/syft/format/internal/spdxutil/helpers/document_namespace.go (about) 1 package helpers 2 3 import ( 4 "fmt" 5 "net/url" 6 "path" 7 "strings" 8 9 "github.com/google/uuid" 10 11 "github.com/anchore/syft/syft/sbom" 12 "github.com/anchore/syft/syft/source" 13 ) 14 15 const ( 16 InputImage = "image" 17 InputDirectory = "dir" 18 InputFile = "file" 19 InputSnap = "snap" 20 ) 21 22 func DocumentNameAndNamespace(src source.Description, desc sbom.Descriptor) (string, string) { 23 name := DocumentName(src) 24 return name, DocumentNamespace(name, src, desc) 25 } 26 27 func DocumentNamespace(name string, src source.Description, desc sbom.Descriptor) string { 28 name = cleanName(name) 29 input := "unknown-source-type" 30 switch src.Metadata.(type) { 31 case source.ImageMetadata: 32 input = InputImage 33 case source.DirectoryMetadata: 34 input = InputDirectory 35 case source.FileMetadata: 36 input = InputFile 37 case source.SnapMetadata: 38 input = InputSnap 39 } 40 41 uniqueID := uuid.Must(uuid.NewRandom()) 42 identifier := path.Join(input, uniqueID.String()) 43 if name != "." { 44 identifier = path.Join(input, fmt.Sprintf("%s-%s", name, uniqueID.String())) 45 } 46 47 u := url.URL{ 48 Scheme: "https", 49 Host: "anchore.com", 50 Path: path.Join(desc.Name, identifier), 51 } 52 53 return u.String() 54 } 55 56 // see: https://spdx.github.io/spdx-spec/v2.3/document-creation-information/#65-spdx-document-namespace-field 57 func cleanName(name string) string { 58 // remove # according to specification 59 name = strings.ReplaceAll(name, "#", "-") 60 // remove : for url construction 61 name = strings.ReplaceAll(name, ":", "-") 62 // clean relative pathing 63 return path.Clean(name) 64 }