github.com/anchore/syft@v1.4.2-0.20240516191711-1bec1fc5d397/examples/decode_sbom/main.go (about) 1 package main 2 3 import ( 4 _ "embed" 5 "fmt" 6 "io" 7 "os" 8 "strings" 9 10 "github.com/anchore/syft/syft/format" 11 ) 12 13 //go:embed alpine.syft.json 14 var sbomContents string 15 16 func main() { 17 // decode the SBOM 18 fmt.Println("decoding SBOM...") 19 sbom, sbomFormat, formatVersion, err := format.Decode(sbomReader()) 20 if err != nil { 21 fmt.Printf("failed to decode sbom: %+v\n", err) 22 os.Exit(1) 23 } 24 25 fmt.Printf("SBOM format: %s@%s\n", sbomFormat, formatVersion) 26 27 // print packages found... 28 fmt.Println("\nPackages found:") 29 for _, pkg := range sbom.Artifacts.Packages.Sorted() { 30 fmt.Printf(" %s : %s@%s (%s)\n", pkg.ID(), pkg.Name, pkg.Version, pkg.Type) 31 } 32 33 // print files found... 34 fmt.Println("\nFiles found:") 35 for c, f := range sbom.Artifacts.FileMetadata { 36 fmt.Printf(" %s : %s\n", c.ID(), f.Path) 37 } 38 } 39 40 func sbomReader() io.Reader { 41 // read file from sys args (or use the default) 42 var reader io.Reader 43 if len(os.Args) < 2 { 44 reader = strings.NewReader(sbomContents) 45 } else { 46 var err error 47 reader, err = os.Open(os.Args[1]) 48 if err != nil { 49 panic(err) 50 } 51 } 52 return reader 53 }