Skip to content

Commit ccd6d05

Browse files
luhringluhring
authored
Merge pull request #1478 from luhring/more-net-please
chore(sbom): add more package CPEs for golang.org/x/net
2 parents 45bb49a + 30dfeaa commit ccd6d05

File tree

5 files changed

+119
-0
lines changed

5 files changed

+119
-0
lines changed

pkg/sbom/cpe.go

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -184,10 +184,17 @@ func cpesFromGolangOrgXModule(moduleName string) []string {
184184
case "net":
185185
products = []string{
186186
"networking", // weird, but real! Check the NVD CPE dictionary if you don't believe it.
187+
"bpf",
188+
"dns",
187189
"html",
188190
"http",
191+
"httpproxy",
189192
"http2",
193+
"hpack",
190194
"proxy",
195+
"route",
196+
"trace",
197+
"webdev",
191198
"websocket",
192199
}
193200
case "oauth2":

pkg/sbom/testdata/goldenfiles/aarch64/terraform-1.5.7-r12.apk.syft.json

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4993,6 +4993,14 @@
49934993
"cpe": "cpe:2.3:a:golang:networking:v0.23.0:*:*:*:*:go:*:*",
49944994
"source": "wolfictl"
49954995
},
4996+
{
4997+
"cpe": "cpe:2.3:a:golang:bpf:v0.23.0:*:*:*:*:go:*:*",
4998+
"source": "wolfictl"
4999+
},
5000+
{
5001+
"cpe": "cpe:2.3:a:golang:dns:v0.23.0:*:*:*:*:go:*:*",
5002+
"source": "wolfictl"
5003+
},
49965004
{
49975005
"cpe": "cpe:2.3:a:golang:html:v0.23.0:*:*:*:*:go:*:*",
49985006
"source": "wolfictl"
@@ -5001,14 +5009,34 @@
50015009
"cpe": "cpe:2.3:a:golang:http:v0.23.0:*:*:*:*:go:*:*",
50025010
"source": "wolfictl"
50035011
},
5012+
{
5013+
"cpe": "cpe:2.3:a:golang:httpproxy:v0.23.0:*:*:*:*:go:*:*",
5014+
"source": "wolfictl"
5015+
},
50045016
{
50055017
"cpe": "cpe:2.3:a:golang:http2:v0.23.0:*:*:*:*:go:*:*",
50065018
"source": "wolfictl"
50075019
},
5020+
{
5021+
"cpe": "cpe:2.3:a:golang:hpack:v0.23.0:*:*:*:*:go:*:*",
5022+
"source": "wolfictl"
5023+
},
50085024
{
50095025
"cpe": "cpe:2.3:a:golang:proxy:v0.23.0:*:*:*:*:go:*:*",
50105026
"source": "wolfictl"
50115027
},
5028+
{
5029+
"cpe": "cpe:2.3:a:golang:route:v0.23.0:*:*:*:*:go:*:*",
5030+
"source": "wolfictl"
5031+
},
5032+
{
5033+
"cpe": "cpe:2.3:a:golang:trace:v0.23.0:*:*:*:*:go:*:*",
5034+
"source": "wolfictl"
5035+
},
5036+
{
5037+
"cpe": "cpe:2.3:a:golang:webdev:v0.23.0:*:*:*:*:go:*:*",
5038+
"source": "wolfictl"
5039+
},
50125040
{
50135041
"cpe": "cpe:2.3:a:golang:websocket:v0.23.0:*:*:*:*:go:*:*",
50145042
"source": "wolfictl"

pkg/sbom/testdata/goldenfiles/aarch64/thanos-0.32-0.32.5-r4.apk.syft.json

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6981,6 +6981,14 @@
69816981
"cpe": "cpe:2.3:a:golang:networking:v0.17.0:*:*:*:*:go:*:*",
69826982
"source": "wolfictl"
69836983
},
6984+
{
6985+
"cpe": "cpe:2.3:a:golang:bpf:v0.17.0:*:*:*:*:go:*:*",
6986+
"source": "wolfictl"
6987+
},
6988+
{
6989+
"cpe": "cpe:2.3:a:golang:dns:v0.17.0:*:*:*:*:go:*:*",
6990+
"source": "wolfictl"
6991+
},
69846992
{
69856993
"cpe": "cpe:2.3:a:golang:html:v0.17.0:*:*:*:*:go:*:*",
69866994
"source": "wolfictl"
@@ -6989,14 +6997,34 @@
69896997
"cpe": "cpe:2.3:a:golang:http:v0.17.0:*:*:*:*:go:*:*",
69906998
"source": "wolfictl"
69916999
},
7000+
{
7001+
"cpe": "cpe:2.3:a:golang:httpproxy:v0.17.0:*:*:*:*:go:*:*",
7002+
"source": "wolfictl"
7003+
},
69927004
{
69937005
"cpe": "cpe:2.3:a:golang:http2:v0.17.0:*:*:*:*:go:*:*",
69947006
"source": "wolfictl"
69957007
},
7008+
{
7009+
"cpe": "cpe:2.3:a:golang:hpack:v0.17.0:*:*:*:*:go:*:*",
7010+
"source": "wolfictl"
7011+
},
69967012
{
69977013
"cpe": "cpe:2.3:a:golang:proxy:v0.17.0:*:*:*:*:go:*:*",
69987014
"source": "wolfictl"
69997015
},
7016+
{
7017+
"cpe": "cpe:2.3:a:golang:route:v0.17.0:*:*:*:*:go:*:*",
7018+
"source": "wolfictl"
7019+
},
7020+
{
7021+
"cpe": "cpe:2.3:a:golang:trace:v0.17.0:*:*:*:*:go:*:*",
7022+
"source": "wolfictl"
7023+
},
7024+
{
7025+
"cpe": "cpe:2.3:a:golang:webdev:v0.17.0:*:*:*:*:go:*:*",
7026+
"source": "wolfictl"
7027+
},
70007028
{
70017029
"cpe": "cpe:2.3:a:golang:websocket:v0.17.0:*:*:*:*:go:*:*",
70027030
"source": "wolfictl"

pkg/sbom/testdata/goldenfiles/x86_64/terraform-1.5.7-r12.apk.syft.json

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4997,6 +4997,14 @@
49974997
"cpe": "cpe:2.3:a:golang:networking:v0.23.0:*:*:*:*:go:*:*",
49984998
"source": "wolfictl"
49994999
},
5000+
{
5001+
"cpe": "cpe:2.3:a:golang:bpf:v0.23.0:*:*:*:*:go:*:*",
5002+
"source": "wolfictl"
5003+
},
5004+
{
5005+
"cpe": "cpe:2.3:a:golang:dns:v0.23.0:*:*:*:*:go:*:*",
5006+
"source": "wolfictl"
5007+
},
50005008
{
50015009
"cpe": "cpe:2.3:a:golang:html:v0.23.0:*:*:*:*:go:*:*",
50025010
"source": "wolfictl"
@@ -5005,14 +5013,34 @@
50055013
"cpe": "cpe:2.3:a:golang:http:v0.23.0:*:*:*:*:go:*:*",
50065014
"source": "wolfictl"
50075015
},
5016+
{
5017+
"cpe": "cpe:2.3:a:golang:httpproxy:v0.23.0:*:*:*:*:go:*:*",
5018+
"source": "wolfictl"
5019+
},
50085020
{
50095021
"cpe": "cpe:2.3:a:golang:http2:v0.23.0:*:*:*:*:go:*:*",
50105022
"source": "wolfictl"
50115023
},
5024+
{
5025+
"cpe": "cpe:2.3:a:golang:hpack:v0.23.0:*:*:*:*:go:*:*",
5026+
"source": "wolfictl"
5027+
},
50125028
{
50135029
"cpe": "cpe:2.3:a:golang:proxy:v0.23.0:*:*:*:*:go:*:*",
50145030
"source": "wolfictl"
50155031
},
5032+
{
5033+
"cpe": "cpe:2.3:a:golang:route:v0.23.0:*:*:*:*:go:*:*",
5034+
"source": "wolfictl"
5035+
},
5036+
{
5037+
"cpe": "cpe:2.3:a:golang:trace:v0.23.0:*:*:*:*:go:*:*",
5038+
"source": "wolfictl"
5039+
},
5040+
{
5041+
"cpe": "cpe:2.3:a:golang:webdev:v0.23.0:*:*:*:*:go:*:*",
5042+
"source": "wolfictl"
5043+
},
50165044
{
50175045
"cpe": "cpe:2.3:a:golang:websocket:v0.23.0:*:*:*:*:go:*:*",
50185046
"source": "wolfictl"

pkg/sbom/testdata/goldenfiles/x86_64/thanos-0.32-0.32.5-r4.apk.syft.json

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6985,6 +6985,14 @@
69856985
"cpe": "cpe:2.3:a:golang:networking:v0.17.0:*:*:*:*:go:*:*",
69866986
"source": "wolfictl"
69876987
},
6988+
{
6989+
"cpe": "cpe:2.3:a:golang:bpf:v0.17.0:*:*:*:*:go:*:*",
6990+
"source": "wolfictl"
6991+
},
6992+
{
6993+
"cpe": "cpe:2.3:a:golang:dns:v0.17.0:*:*:*:*:go:*:*",
6994+
"source": "wolfictl"
6995+
},
69886996
{
69896997
"cpe": "cpe:2.3:a:golang:html:v0.17.0:*:*:*:*:go:*:*",
69906998
"source": "wolfictl"
@@ -6993,14 +7001,34 @@
69937001
"cpe": "cpe:2.3:a:golang:http:v0.17.0:*:*:*:*:go:*:*",
69947002
"source": "wolfictl"
69957003
},
7004+
{
7005+
"cpe": "cpe:2.3:a:golang:httpproxy:v0.17.0:*:*:*:*:go:*:*",
7006+
"source": "wolfictl"
7007+
},
69967008
{
69977009
"cpe": "cpe:2.3:a:golang:http2:v0.17.0:*:*:*:*:go:*:*",
69987010
"source": "wolfictl"
69997011
},
7012+
{
7013+
"cpe": "cpe:2.3:a:golang:hpack:v0.17.0:*:*:*:*:go:*:*",
7014+
"source": "wolfictl"
7015+
},
70007016
{
70017017
"cpe": "cpe:2.3:a:golang:proxy:v0.17.0:*:*:*:*:go:*:*",
70027018
"source": "wolfictl"
70037019
},
7020+
{
7021+
"cpe": "cpe:2.3:a:golang:route:v0.17.0:*:*:*:*:go:*:*",
7022+
"source": "wolfictl"
7023+
},
7024+
{
7025+
"cpe": "cpe:2.3:a:golang:trace:v0.17.0:*:*:*:*:go:*:*",
7026+
"source": "wolfictl"
7027+
},
7028+
{
7029+
"cpe": "cpe:2.3:a:golang:webdev:v0.17.0:*:*:*:*:go:*:*",
7030+
"source": "wolfictl"
7031+
},
70047032
{
70057033
"cpe": "cpe:2.3:a:golang:websocket:v0.17.0:*:*:*:*:go:*:*",
70067034
"source": "wolfictl"

0 commit comments

Comments
 (0)