github.com/noqcks/syft@v0.0.0-20230920222752-a9e2c4e288e5/syft/formats/common/spdxhelpers/external_refs.go (about)

     1  package spdxhelpers
     2  
     3  import (
     4  	"github.com/anchore/syft/syft/cpe"
     5  	"github.com/anchore/syft/syft/pkg"
     6  )
     7  
     8  func ExternalRefs(p pkg.Package) (externalRefs []ExternalRef) {
     9  	externalRefs = make([]ExternalRef, 0)
    10  
    11  	for _, c := range p.CPEs {
    12  		externalRefs = append(externalRefs, ExternalRef{
    13  			ReferenceCategory: SecurityReferenceCategory,
    14  			ReferenceLocator:  cpe.String(c),
    15  			ReferenceType:     Cpe23ExternalRefType,
    16  		})
    17  	}
    18  
    19  	if p.PURL != "" {
    20  		externalRefs = append(externalRefs, ExternalRef{
    21  			ReferenceCategory: PackageManagerReferenceCategory,
    22  			ReferenceLocator:  p.PURL,
    23  			ReferenceType:     PurlExternalRefType,
    24  		})
    25  	}
    26  
    27  	return externalRefs
    28  }