github.com/anchore/syft@v1.38.2/syft/pkg/url.go (about) 1 package pkg 2 3 import ( 4 "sort" 5 "strings" 6 7 "github.com/anchore/packageurl-go" 8 "github.com/anchore/syft/syft/linux" 9 ) 10 11 const ( 12 PURLQualifierArch = "arch" 13 PURLQualifierCPES = "cpes" 14 PURLQualifierDistro = "distro" 15 PURLQualifierEpoch = "epoch" 16 PURLQualifierVCSURL = "vcs_url" 17 18 // PURLQualifierUpstream this qualifier is not in the pURL spec, but is used by grype to perform indirect matching based on source information 19 PURLQualifierUpstream = "upstream" 20 21 // PURLQualifierRpmModularity this qualifier is not in the pURL spec, but is used to specify RPM modularity information 22 PURLQualifierRpmModularity = "rpmmod" 23 24 purlCargoPkgType = "cargo" 25 purlGradlePkgType = "gradle" 26 ) 27 28 func PURLQualifiers(vars map[string]string, release *linux.Release) (q packageurl.Qualifiers) { 29 keys := make([]string, 0, len(vars)) 30 for k := range vars { 31 keys = append(keys, k) 32 } 33 sort.Strings(keys) 34 35 for _, k := range keys { 36 val := vars[k] 37 if val == "" { 38 continue 39 } 40 q = append(q, packageurl.Qualifier{ 41 Key: k, 42 Value: vars[k], 43 }) 44 } 45 46 var distroQualifiers []string 47 48 if release == nil { 49 return q 50 } 51 52 if release.ID != "" { 53 distroQualifiers = append(distroQualifiers, release.ID) 54 } 55 56 if release.VersionID != "" { 57 distroQualifiers = append(distroQualifiers, release.VersionID) 58 } else if release.BuildID != "" { 59 distroQualifiers = append(distroQualifiers, release.BuildID) 60 } 61 62 if len(distroQualifiers) > 0 { 63 q = append(q, packageurl.Qualifier{ 64 Key: PURLQualifierDistro, 65 Value: strings.Join(distroQualifiers, "-"), 66 }) 67 } 68 69 return q 70 }