github.com/noqcks/syft@v0.0.0-20230920222752-a9e2c4e288e5/syft/formats/common/spdxhelpers/document_namespace.go (about) 1 package spdxhelpers 2 3 import ( 4 "fmt" 5 "net/url" 6 "path" 7 "strings" 8 9 "github.com/google/uuid" 10 11 "github.com/anchore/syft/syft/sbom" 12 "github.com/anchore/syft/syft/source" 13 ) 14 15 const ( 16 inputImage = "image" 17 inputDirectory = "dir" 18 inputFile = "file" 19 ) 20 21 func DocumentNameAndNamespace(src source.Description, desc sbom.Descriptor) (string, string) { 22 name := DocumentName(src) 23 return name, DocumentNamespace(name, src, desc) 24 } 25 26 func DocumentNamespace(name string, src source.Description, desc sbom.Descriptor) string { 27 name = cleanName(name) 28 input := "unknown-source-type" 29 switch src.Metadata.(type) { 30 case source.StereoscopeImageSourceMetadata: 31 input = inputImage 32 case source.DirectorySourceMetadata: 33 input = inputDirectory 34 case source.FileSourceMetadata: 35 input = inputFile 36 } 37 38 uniqueID := uuid.Must(uuid.NewRandom()) 39 identifier := path.Join(input, uniqueID.String()) 40 if name != "." { 41 identifier = path.Join(input, fmt.Sprintf("%s-%s", name, uniqueID.String())) 42 } 43 44 u := url.URL{ 45 Scheme: "https", 46 Host: "anchore.com", 47 Path: path.Join(desc.Name, identifier), 48 } 49 50 return u.String() 51 } 52 53 // see: https://spdx.github.io/spdx-spec/v2.3/document-creation-information/#65-spdx-document-namespace-field 54 func cleanName(name string) string { 55 // remove # according to specification 56 name = strings.ReplaceAll(name, "#", "-") 57 // remove : for url construction 58 name = strings.ReplaceAll(name, ":", "-") 59 // clean relative pathing 60 return path.Clean(name) 61 }