github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/report/spdx/spdx.go (about) 1 package spdx 2 3 import ( 4 "encoding/json" 5 "io" 6 7 "github.com/spdx/tools-golang/spdx/v2/v2_3" 8 "github.com/spdx/tools-golang/tagvalue" 9 "golang.org/x/xerrors" 10 11 "github.com/devseccon/trivy/pkg/sbom/spdx" 12 "github.com/devseccon/trivy/pkg/types" 13 ) 14 15 type Writer struct { 16 output io.Writer 17 version string 18 format types.Format 19 marshaler *spdx.Marshaler 20 } 21 22 func NewWriter(output io.Writer, version string, spdxFormat types.Format) Writer { 23 return Writer{ 24 output: output, 25 version: version, 26 format: spdxFormat, 27 marshaler: spdx.NewMarshaler(version), 28 } 29 } 30 31 func (w Writer) Write(report types.Report) error { 32 spdxDoc, err := w.marshaler.Marshal(report) 33 if err != nil { 34 return xerrors.Errorf("failed to marshal spdx: %w", err) 35 } 36 37 if w.format == "spdx-json" { 38 if err := writeSPDXJson(spdxDoc, w.output); err != nil { 39 return xerrors.Errorf("failed to save spdx json: %w", err) 40 } 41 } else { 42 if err := tagvalue.Write(spdxDoc, w.output); err != nil { 43 return xerrors.Errorf("failed to save spdx tag-value: %w", err) 44 } 45 } 46 47 return nil 48 } 49 50 // writeSPDXJson writes in human-readable format(multiple lines) 51 // use function from `github.com/spdx/tools-golang` after release https://github.com/spdx/tools-golang/pull/213 52 func writeSPDXJson(doc *v2_3.Document, w io.Writer) error { 53 buf, err := json.MarshalIndent(doc, "", " ") 54 if err != nil { 55 return err 56 } 57 58 _, err = w.Write(buf) 59 if err != nil { 60 return err 61 } 62 63 return nil 64 }