github.com/anchore/syft@v1.38.2/syft/pkg/dotnet.go

github.com/anchore/syft@v1.38.2/syft/pkg/dotnet.go (about)

     1  package pkg
     2  
     3  // DotnetDepsEntry is a struct that represents a single entry found in the "libraries" section in a .NET [*.]deps.json file.
     4  type DotnetDepsEntry struct {
     5  	// Name is the package name as found in the deps.json file
     6  	Name string `mapstructure:"name" json:"name"`
     7  
     8  	// Version is the package version as found in the deps.json file
     9  	Version string `mapstructure:"version" json:"version"`
    10  
    11  	// Path is the relative path to the package within the deps structure (e.g. "app.metrics/3.0.0")
    12  	Path string `mapstructure:"path" json:"path"`
    13  
    14  	// Sha512 is the SHA-512 hash of the NuGet package content WITHOUT the signed content for verification (won't match hash from NuGet API or manual calculation of .nupkg file)
    15  	Sha512 string `mapstructure:"sha512" json:"sha512"`
    16  
    17  	// HashPath is the relative path to the .nupkg.sha512 hash file (e.g. "app.metrics.3.0.0.nupkg.sha512")
    18  	HashPath string `mapstructure:"hashPath" json:"hashPath"`
    19  
    20  	// Executables are the map of .NET Portable Executable files within this package with their version resources
    21  	Executables map[string]DotnetPortableExecutableEntry `json:"executables,omitempty"`
    22  }
    23  
    24  // DotnetPackagesLockEntry is a struct that represents a single entry found in the "dependencies" section in a .NET packages.lock.json file.
    25  type DotnetPackagesLockEntry struct {
    26  	// Name is the package name as found in the packages.lock.json file
    27  	Name string `mapstructure:"name" json:"name"`
    28  
    29  	// Version is the package version as found in the packages.lock.json file
    30  	Version string `mapstructure:"version" json:"version"`
    31  
    32  	// ContentHash is the hash of the package content for verification
    33  	ContentHash string `mapstructure:"contentHash" json:"contentHash"`
    34  
    35  	// Type is the dependency type indicating how this dependency was added (Direct=explicit in project file, Transitive=pulled in by another package, Project=project reference)
    36  	Type string `mapstructure:"type" json:"type"`
    37  }
    38  
    39  // DotnetPortableExecutableEntry is a struct that represents a single entry found within "VersionResources" section of a .NET Portable Executable binary file.
    40  type DotnetPortableExecutableEntry struct {
    41  	// AssemblyVersion is the .NET assembly version number (strong-named version)
    42  	AssemblyVersion string `json:"assemblyVersion"`
    43  
    44  	// LegalCopyright is the copyright notice string
    45  	LegalCopyright string `json:"legalCopyright"`
    46  
    47  	// Comments are additional comments or description embedded in PE resources
    48  	Comments string `json:"comments,omitempty"`
    49  
    50  	// InternalName is the internal name of the file
    51  	InternalName string `json:"internalName,omitempty"`
    52  
    53  	// CompanyName is the company that produced the file
    54  	CompanyName string `json:"companyName"`
    55  
    56  	// ProductName is the name of the product this file is part of
    57  	ProductName string `json:"productName"`
    58  
    59  	// ProductVersion is the version of the product (may differ from AssemblyVersion)
    60  	ProductVersion string `json:"productVersion"`
    61  }