github.com/nextlinux/gosbom@v0.81.1-0.20230627115839-1ff50c281391/gosbom/pkg/cataloger/alpm/package.go (about) 1 package alpm 2 3 import ( 4 "strings" 5 6 "github.com/nextlinux/gosbom/gosbom/file" 7 "github.com/nextlinux/gosbom/gosbom/linux" 8 "github.com/nextlinux/gosbom/gosbom/pkg" 9 10 "github.com/anchore/packageurl-go" 11 ) 12 13 func newPackage(m *parsedData, release *linux.Release, dbLocation file.Location) pkg.Package { 14 licenseCandidates := strings.Split(m.Licenses, "\n") 15 16 p := pkg.Package{ 17 Name: m.Package, 18 Version: m.Version, 19 Locations: file.NewLocationSet(dbLocation), 20 Licenses: pkg.NewLicenseSet(pkg.NewLicensesFromLocation(dbLocation.WithoutAnnotations(), licenseCandidates...)...), 21 Type: pkg.AlpmPkg, 22 PURL: packageURL(m, release), 23 MetadataType: pkg.AlpmMetadataType, 24 Metadata: m.AlpmMetadata, 25 } 26 p.SetID() 27 28 return p 29 } 30 31 func packageURL(m *parsedData, distro *linux.Release) string { 32 if distro == nil || distro.ID != "arch" { 33 // note: there is no namespace variation (like with debian ID_LIKE for ubuntu ID, for example) 34 return "" 35 } 36 37 qualifiers := map[string]string{ 38 pkg.PURLQualifierArch: m.Architecture, 39 } 40 41 if m.BasePackage != "" { 42 qualifiers[pkg.PURLQualifierUpstream] = m.BasePackage 43 } 44 45 return packageurl.NewPackageURL( 46 "alpm", // `alpm` for Arch Linux and other users of the libalpm/pacman package manager. (see https://github.com/package-url/purl-spec/pull/164) 47 distro.ID, 48 m.Package, 49 m.Version, 50 pkg.PURLQualifiers( 51 qualifiers, 52 distro, 53 ), 54 "", 55 ).ToString() 56 }