Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kbom for openSUSE:Factory checked in at 2024-06-03 17:41:26
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kbom (Old)
and /work/SRC/openSUSE:Factory/.kbom.new.24587 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kbom"
Mon Jun 3 17:41:26 2024 rev:3 rq:1178033 version:0.3.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/kbom/kbom.changes 2023-12-21 23:40:02.545668159 +0100
+++ /work/SRC/openSUSE:Factory/.kbom.new.24587/kbom.changes 2024-06-03 17:41:36.038889816 +0200
@@ -1,0 +2,21 @@
+Sat Jun 01 09:14:22 UTC 2024 - opensuse_buildservice@ojkastl.de
+
+- Update to version 0.3.0:
+ * Change prefix in taxonomy and cyclondx
+
+-------------------------------------------------------------------
+Fri May 31 12:33:05 UTC 2024 - opensuse_buildservice@ojkastl.de
+
+- Update to version 0.2.6:
+ * Bump schema version and format
+ * Bump dependencies
+ * Migrate kbom from ksoclabs to rad-security
+ * Update module github.com/google/uuid to v1.5.0
+ * Update kubernetes packages to v0.29.0
+
+-------------------------------------------------------------------
+Thu Apr 18 08:01:51 UTC 2024 - Johannes Kastl
+
+- do not strip aka remove -s -w ldflags
+
+-------------------------------------------------------------------
Old:
----
kbom-0.2.5.obscpio
New:
----
kbom-0.3.0.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ kbom.spec ++++++
--- /var/tmp/diff_new_pack.z1GSqR/_old 2024-06-03 17:41:37.074929214 +0200
+++ /var/tmp/diff_new_pack.z1GSqR/_new 2024-06-03 17:41:37.074929214 +0200
@@ -1,7 +1,7 @@
#
# spec file for package kbom
#
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,21 +19,25 @@
%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
Name: kbom
-Version: 0.2.5
+Version: 0.3.0
Release: 0
Summary: Kubernetes Bill of Materials
License: Apache-2.0
-URL: https://github.com/ksoclabs/kbom
+URL: https://github.com/rad-security/kbom
Source: kbom-%{version}.tar.gz
Source1: vendor.tar.gz
-BuildRequires: go >= 1.20
+BuildRequires: go >= 1.22
%description
-The Kubernetes Bill of Materials (KBOM) standard provides insight into container orchestration tools widely used across the industry.
+The Kubernetes Bill of Materials (KBOM) standard provides insight into
+container orchestration tools widely used across the industry.
-As a first draft, we have created a rough specification which should fall in line with other Bill of Materials (BOM) standards.
+As a first draft, we have created a rough specification which should fall in
+line with other Bill of Materials (BOM) standards.
-The KBOM project provides an initial specification in JSON and has been constructed for extensibilty across various cloud service providers (CSPs) as well as DIY Kubernetes.
+The KBOM project provides an initial specification in JSON and has been
+constructed for extensibilty across various cloud service providers (CSPs) as
+well as DIY Kubernetes.
%package -n %{name}-bash-completion
Summary: Bash Completion for %{name}
@@ -75,11 +79,11 @@
go build \
-mod=vendor \
-buildmode=pie \
- -ldflags="-s -w \
- -X github.com/ksoclabs/kbom/internal/config.AppName=kbom \
- -X github.com/ksoclabs/kbom/internal/config.AppVersion=v%{version} \
- -X github.com/ksoclabs/kbom/internal/config.BuildTime=$BUILD_DATE\
- -X github.com/ksoclabs/kbom/internal/config.LastCommitHash=v%{version}" \
+ -ldflags=" \
+ -X github.com/rad-security/kbom/internal/config.AppName=kbom \
+ -X github.com/rad-security/kbom/internal/config.AppVersion=v%{version} \
+ -X github.com/rad-security/kbom/internal/config.BuildTime=$BUILD_DATE\
+ -X github.com/rad-security/kbom/internal/config.LastCommitHash=v%{version}" \
-o bin/kbom .
%install
++++++ _service ++++++
--- /var/tmp/diff_new_pack.z1GSqR/_old 2024-06-03 17:41:37.102930279 +0200
+++ /var/tmp/diff_new_pack.z1GSqR/_new 2024-06-03 17:41:37.106930431 +0200
@@ -1,21 +1,22 @@
<services>
<service name="obs_scm" mode="manual">
- <param name="url">https://github.com/ksoclabs/kbom</param>
+ <param name="url">https://github.com/rad-security/kbom</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="revision">v0.2.5</param>
+ <param name="revision">v0.3.0</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param>
</service>
<service name="set_version" mode="manual">
</service>
- <service name="tar" mode="buildtime"/>
+ <service name="go_modules" mode="manual">
+ </service>
+ <service name="tar" mode="buildtime">
+ </service>
<service name="recompress" mode="buildtime">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
- <service name="go_modules" mode="manual">
- </service>
</services>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.z1GSqR/_old 2024-06-03 17:41:37.138931648 +0200
+++ /var/tmp/diff_new_pack.z1GSqR/_new 2024-06-03 17:41:37.142931800 +0200
@@ -1,6 +1,8 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/ksoclabs/kbom</param>
- <param name="changesrevision">5873ff285776c931b4158b76c91074620589d16f</param></service></servicedata>
+ <param name="changesrevision">5873ff285776c931b4158b76c91074620589d16f</param></service><service name="tar_scm">
+ <param name="url">https://github.com/rad-security/kbom</param>
+ <param name="changesrevision">c34494fddc3f2af8fb3f087a6f32112dc453debf</param></service></servicedata>
(No newline at EOF)
++++++ kbom-0.2.5.obscpio -> kbom-0.3.0.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/.github/ISSUE_TEMPLATE/config.yml new/kbom-0.3.0/.github/ISSUE_TEMPLATE/config.yml
--- old/kbom-0.2.5/.github/ISSUE_TEMPLATE/config.yml 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/.github/ISSUE_TEMPLATE/config.yml 2024-05-31 15:17:22.000000000 +0200
@@ -1,5 +1,5 @@
blank_issues_enabled: true
contact_links:
- name: Ask a question
- url: https://github.com/ksoclabs/kbom/discussions
+ url: https://github.com/rad-security/kbom/discussions
about: Please ask and answer questions here.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/.github/workflows/golangci-lint.yml new/kbom-0.3.0/.github/workflows/golangci-lint.yml
--- old/kbom-0.2.5/.github/workflows/golangci-lint.yml 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/.github/workflows/golangci-lint.yml 2024-05-31 15:17:22.000000000 +0200
@@ -16,12 +16,12 @@
- name: Set up Go
uses: actions/setup-go@v5
with:
- go-version: '1.21'
+ go-version: '1.22'
check-latest: true # https://github.com/actions/setup-go#check-latest-version
cache: true # https://github.com/actions/setup-go#caching-dependency-files-and-build-outpu...
- name: golangci-lint
- uses: golangci/golangci-lint-action@v3.7.0
+ uses: golangci/golangci-lint-action@v6
with:
- version: v1.54.2
+ version: v1.59.0
args: --timeout=5m
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/.golangci.yml new/kbom-0.3.0/.golangci.yml
--- old/kbom-0.2.5/.golangci.yml 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/.golangci.yml 2024-05-31 15:17:22.000000000 +0200
@@ -22,7 +22,7 @@
gocyclo:
min-complexity: 15
goimports:
- local-prefixes: github.com/ksoc-private
+ local-prefixes: github.com/rad-security
golint:
min-confidence: 0
lll:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/.goreleaser.yml new/kbom-0.3.0/.goreleaser.yml
--- old/kbom-0.2.5/.goreleaser.yml 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/.goreleaser.yml 2024-05-31 15:17:22.000000000 +0200
@@ -11,7 +11,7 @@
- glob: ./bom.json
github:
name: kbom
- owner: ksoclabs
+ owner: rad-security
discussion_category_name: Announcements
builds:
@@ -21,15 +21,15 @@
- linux
- windows
goarch:
- - 386
+ - "386"
- amd64
- arm
- arm64
goarm:
- - 7
+ - "7"
ignore:
- goos: darwin
- goarch: 386
+ goarch: "386"
ldflags:
- -X "{{.Env.CFG_PACKAGE_NAME}}.AppName=kbom"
- -X "{{.Env.CFG_PACKAGE_NAME}}.AppVersion={{.Env.VERSION}}"
@@ -72,9 +72,9 @@
brews:
- repository:
- owner: ksoclabs
+ owner: rad-security
name: homebrew-kbom
- homepage: "https://github.com/ksoclabs/kbom"
+ homepage: "https://github.com/rad-security/kbom"
description: "The Kubernetes Bill of Materials (KBOM) standard provides insight into container orchestration tools widely used across the industry."
license: "Apache 2"
test: |
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/CODEOWNERS new/kbom-0.3.0/CODEOWNERS
--- old/kbom-0.2.5/CODEOWNERS 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/CODEOWNERS 2024-05-31 15:17:22.000000000 +0200
@@ -1 +1 @@
-* @ksoclabs/engineering
+* @rad-security/engineering
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/CONTRIBUTING.md new/kbom-0.3.0/CONTRIBUTING.md
--- old/kbom-0.2.5/CONTRIBUTING.md 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/CONTRIBUTING.md 2024-05-31 15:17:22.000000000 +0200
@@ -1,6 +1,6 @@
# Contributing
-KBOM is [Apache 2.0 licensed](https://github.com/ksoclabs/kbom/blob/main/LICENSE) and
+KBOM is [Apache 2.0 licensed](https://github.com/rad-security/kbom/blob/main/LICENSE) and
accepts contributions via GitHub pull requests. This document outlines
some of the conventions on to make it easier to get your contribution
accepted.
@@ -28,7 +28,7 @@
## Communications
-To discuss ideas and specifications we use [GitHub Discussions](https://github.com/ksoclabs/kbom/discussions).
+To discuss ideas and specifications we use [GitHub Discussions](https://github.com/rad-security/kbom/discussions).
## How to run the KBOM generator in local environment
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/Makefile new/kbom-0.3.0/Makefile
--- old/kbom-0.2.5/Makefile 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/Makefile 2024-05-31 15:17:22.000000000 +0200
@@ -1,6 +1,6 @@
APP_NAME := kbom
GCR_ORG := ksoc-public
-GITHUB_ORG := ksoclabs
+GITHUB_ORG := rad-security
GIT_REPO ?= github.com/$(GITHUB_ORG)/$(APP_NAME)
VERSION := $(shell SEP="-" bash scripts/version)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/README.md new/kbom-0.3.0/README.md
--- old/kbom-0.2.5/README.md 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/README.md 2024-05-31 15:17:22.000000000 +0200
@@ -1,8 +1,8 @@
# KBOM - Kubernetes Bill of Materials
-
+
-[](https://goreportcard.com/report/github.com/ksoclabs/kbom)
+[](https://goreportcard.com/report/github.com/rad-security/kbom)
[](https://bestpractices.coreinfrastructure.org/projects/7273)
The Kubernetes Bill of Materials (KBOM) standard provides insight into container orchestration tools widely used across the industry.
@@ -16,7 +16,7 @@
### Installation
```sh
-brew install ksoclabs/homebrew-kbom/kbom
+brew install rad-security/homebrew-kbom/kbom
```
or
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/SECURITY.md new/kbom-0.3.0/SECURITY.md
--- old/kbom-0.2.5/SECURITY.md 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/SECURITY.md 2024-05-31 15:17:22.000000000 +0200
@@ -8,4 +8,4 @@
## Reporting a Vulnerability
-If you are aware of a vulnverability please feel free to disclose it responsibly [here](https://github.com/ksoclabs/kbom/security/advisories/new).
+If you are aware of a vulnverability please feel free to disclose it responsibly [here](https://github.com/rad-security/kbom/security/advisories/new).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/build/package/Dockerfile.gorelease new/kbom-0.3.0/build/package/Dockerfile.gorelease
--- old/kbom-0.2.5/build/package/Dockerfile.gorelease 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/build/package/Dockerfile.gorelease 2024-05-31 15:17:22.000000000 +0200
@@ -1,4 +1,4 @@
-FROM alpine:3.19.0
+FROM alpine:3.20.0
RUN mkdir /app
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/cmd/cyclonexdx.go new/kbom-0.3.0/cmd/cyclonexdx.go
--- old/kbom-0.2.5/cmd/cyclonexdx.go 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/cmd/cyclonexdx.go 2024-05-31 15:17:22.000000000 +0200
@@ -8,13 +8,14 @@
"github.com/CycloneDX/cyclonedx-go"
"github.com/google/uuid"
- "github.com/ksoclabs/kbom/internal/model"
"github.com/mitchellh/hashstructure/v2"
+
+ "github.com/rad-security/kbom/internal/model"
)
const (
CdxPrefix = "cdx:"
- KSOCPrefix = "ksoc:kbom:"
+ RADPrefix = "rad:kbom:"
K8sComponentType = "k8s:component:type"
K8sComponentName = "k8s:component:name"
@@ -50,28 +51,28 @@
Value: kbom.Cluster.Name,
},
{
- Name: KSOCPrefix + "k8s:cluster:nodes",
+ Name: RADPrefix + "k8s:cluster:nodes",
Value: fmt.Sprintf("%d", kbom.Cluster.NodesCount),
},
}
if kbom.Cluster.Location.Name != "" && kbom.Cluster.Location.Name != "unknown" {
clusterProperties = append(clusterProperties, cyclonedx.Property{
- Name: KSOCPrefix + "k8s:cluster:location:name",
+ Name: RADPrefix + "k8s:cluster:location:name",
Value: kbom.Cluster.Location.Name,
})
}
if kbom.Cluster.Location.Region != "" {
clusterProperties = append(clusterProperties, cyclonedx.Property{
- Name: KSOCPrefix + "k8s:cluster:location:region",
+ Name: RADPrefix + "k8s:cluster:location:region",
Value: kbom.Cluster.Location.Region,
})
}
if kbom.Cluster.Location.Zone != "" {
clusterProperties = append(clusterProperties, cyclonedx.Property{
- Name: KSOCPrefix + "k8s:cluster:location:zone",
+ Name: RADPrefix + "k8s:cluster:location:zone",
Value: kbom.Cluster.Location.Zone,
})
}
@@ -103,79 +104,79 @@
Value: n.Name,
},
{
- Name: KSOCPrefix + "k8s:node:osImage",
+ Name: RADPrefix + "k8s:node:osImage",
Value: n.OsImage,
},
{
- Name: KSOCPrefix + "k8s:node:arch",
+ Name: RADPrefix + "k8s:node:arch",
Value: n.Architecture,
},
{
- Name: KSOCPrefix + "k8s:node:kernel",
+ Name: RADPrefix + "k8s:node:kernel",
Value: n.KernelVersion,
},
{
- Name: KSOCPrefix + "k8s:node:bootId",
+ Name: RADPrefix + "k8s:node:bootId",
Value: n.BootID,
},
{
- Name: KSOCPrefix + "k8s:node:type",
+ Name: RADPrefix + "k8s:node:type",
Value: n.Type,
},
{
- Name: KSOCPrefix + "k8s:node:operatingSystem",
+ Name: RADPrefix + "k8s:node:operatingSystem",
Value: n.OperatingSystem,
},
{
- Name: KSOCPrefix + "k8s:node:machineId",
+ Name: RADPrefix + "k8s:node:machineId",
Value: n.MachineID,
},
{
- Name: KSOCPrefix + "k8s:node:hostname",
+ Name: RADPrefix + "k8s:node:hostname",
Value: n.Hostname,
},
{
- Name: KSOCPrefix + "k8s:node:containerRuntimeVersion",
+ Name: RADPrefix + "k8s:node:containerRuntimeVersion",
Value: n.ContainerRuntimeVersion,
},
{
- Name: KSOCPrefix + "k8s:node:kubeletVersion",
+ Name: RADPrefix + "k8s:node:kubeletVersion",
Value: n.KubeletVersion,
},
{
- Name: KSOCPrefix + "k8s:node:kubeProxyVersion",
+ Name: RADPrefix + "k8s:node:kubeProxyVersion",
Value: n.KubeProxyVersion,
},
{
- Name: KSOCPrefix + "k8s:node:capacity:cpu",
+ Name: RADPrefix + "k8s:node:capacity:cpu",
Value: n.Capacity.CPU,
},
{
- Name: KSOCPrefix + "k8s:node:capacity:memory",
+ Name: RADPrefix + "k8s:node:capacity:memory",
Value: n.Capacity.Memory,
},
{
- Name: KSOCPrefix + "k8s:node:capacity:pods",
+ Name: RADPrefix + "k8s:node:capacity:pods",
Value: n.Capacity.Pods,
},
{
- Name: KSOCPrefix + "k8s:node:capacity:ephemeralStorage",
+ Name: RADPrefix + "k8s:node:capacity:ephemeralStorage",
Value: n.Capacity.EphemeralStorage,
},
{
- Name: KSOCPrefix + "k8s:node:allocatable:cpu",
+ Name: RADPrefix + "k8s:node:allocatable:cpu",
Value: n.Allocatable.CPU,
},
{
- Name: KSOCPrefix + "k8s:node:allocatable:memory",
+ Name: RADPrefix + "k8s:node:allocatable:memory",
Value: n.Allocatable.Memory,
},
{
- Name: KSOCPrefix + "k8s:node:allocatable:pods",
+ Name: RADPrefix + "k8s:node:allocatable:pods",
Value: n.Allocatable.Pods,
},
{
- Name: KSOCPrefix + "k8s:node:allocatable:ephemeralStorage",
+ Name: RADPrefix + "k8s:node:allocatable:ephemeralStorage",
Value: n.Allocatable.EphemeralStorage,
},
},
@@ -201,19 +202,19 @@
Value: img.Name,
},
{
- Name: KSOCPrefix + "pkg:type",
+ Name: RADPrefix + "pkg:type",
Value: "oci",
},
{
- Name: KSOCPrefix + "pkg:name",
+ Name: RADPrefix + "pkg:name",
Value: img.Name,
},
{
- Name: KSOCPrefix + "pkg:version",
+ Name: RADPrefix + "pkg:version",
Value: img.Version,
},
{
- Name: KSOCPrefix + "pkg:digest",
+ Name: RADPrefix + "pkg:digest",
Value: img.Digest,
},
},
@@ -238,14 +239,14 @@
Value: res.Name,
},
{
- Name: KSOCPrefix + "k8s:component:apiVersion",
+ Name: RADPrefix + "k8s:component:apiVersion",
Value: resList.APIVersion,
},
}
if resList.Namespaced {
properties = append(properties, cyclonedx.Property{
- Name: KSOCPrefix + "k8s:component:namespace",
+ Name: RADPrefix + "k8s:component:namespace",
Value: res.Namespace,
})
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/cmd/generate.go new/kbom-0.3.0/cmd/generate.go
--- old/kbom-0.2.5/cmd/generate.go 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/cmd/generate.go 2024-05-31 15:17:22.000000000 +0200
@@ -15,16 +15,16 @@
"github.com/spf13/cobra"
"gopkg.in/yaml.v3"
- "github.com/ksoclabs/kbom/internal/config"
- "github.com/ksoclabs/kbom/internal/kube"
- "github.com/ksoclabs/kbom/internal/model"
- "github.com/ksoclabs/kbom/internal/utils"
+ "github.com/rad-security/kbom/internal/config"
+ "github.com/rad-security/kbom/internal/kube"
+ "github.com/rad-security/kbom/internal/model"
+ "github.com/rad-security/kbom/internal/utils"
)
const (
- KSOCCompany = "KSOC Labs"
- BOMFormat = "ksoc"
- SpecVersion = "0.2"
+ Company = "RAD Security"
+ BOMFormat = "rad"
+ SpecVersion = "0.3"
StdOutput = "stdout"
FileOutput = "file"
@@ -108,7 +108,7 @@
SpecVersion: SpecVersion,
GeneratedAt: generatedAt,
GeneratedBy: model.Tool{
- Vendor: KSOCCompany,
+ Vendor: Company,
BuildTime: config.BuildTime,
Name: config.AppName,
Version: config.AppVersion,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/cmd/generate_test.go new/kbom-0.3.0/cmd/generate_test.go
--- old/kbom-0.2.5/cmd/generate_test.go 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/cmd/generate_test.go 2024-05-31 15:17:22.000000000 +0200
@@ -8,9 +8,10 @@
"testing"
"time"
- "github.com/ksoclabs/kbom/internal/kube"
- "github.com/ksoclabs/kbom/internal/model"
"github.com/stretchr/testify/assert"
+
+ "github.com/rad-security/kbom/internal/kube"
+ "github.com/rad-security/kbom/internal/model"
)
func TestGenerateKBOM(t *testing.T) {
@@ -348,11 +349,11 @@
var expectedOutJSON = `{
"id": "00000001",
- "bom_format": "ksoc",
- "spec_version": "0.2",
+ "bom_format": "rad",
+ "spec_version": "0.3",
"generated_at": "2023-04-26T10:00:00Z",
"generated_by": {
- "vendor": "KSOC Labs",
+ "vendor": "RAD Security",
"name": "unknown",
"build_time": "unknown",
"version": "unknown",
@@ -479,11 +480,11 @@
}
`
var expectedOutYAML = `id: "00000001"
-bomformat: ksoc
-specversion: "0.2"
+bomformat: rad
+specversion: "0.3"
generatedat: 2023-04-26T10:00:00Z
generatedby:
- vendor: KSOC Labs
+ vendor: RAD Security
name: unknown
buildtime: unknown
version: unknown
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/cmd/root.go new/kbom-0.3.0/cmd/root.go
--- old/kbom-0.2.5/cmd/root.go 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/cmd/root.go 2024-05-31 15:17:22.000000000 +0200
@@ -13,11 +13,11 @@
"github.com/spf13/viper"
"golang.org/x/term"
- "github.com/ksoclabs/kbom/internal/utils"
+ "github.com/rad-security/kbom/internal/utils"
)
const (
- confDir = ".config/ksoc"
+ confDir = ".config/rad"
)
var (
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/cmd/schema.go new/kbom-0.3.0/cmd/schema.go
--- old/kbom-0.2.5/cmd/schema.go 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/cmd/schema.go 2024-05-31 15:17:22.000000000 +0200
@@ -4,8 +4,9 @@
"encoding/json"
"github.com/invopop/jsonschema"
- "github.com/ksoclabs/kbom/internal/model"
"github.com/spf13/cobra"
+
+ "github.com/rad-security/kbom/internal/model"
)
var schemaCmd = &cobra.Command{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/cmd/schema_test.go new/kbom-0.3.0/cmd/schema_test.go
--- old/kbom-0.2.5/cmd/schema_test.go 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/cmd/schema_test.go 2024-05-31 15:17:22.000000000 +0200
@@ -31,7 +31,7 @@
var expectedSchema = `{
"$schema": "https://json-schema.org/draft/2020-12/schema",
- "$id": "https://github.com/ksoclabs/kbom/internal/model/kbom",
+ "$id": "https://github.com/rad-security/kbom/internal/model/kbom",
"$ref": "#/$defs/KBOM",
"$defs": {
"Capacity": {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/cmd/version.go new/kbom-0.3.0/cmd/version.go
--- old/kbom-0.2.5/cmd/version.go 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/cmd/version.go 2024-05-31 15:17:22.000000000 +0200
@@ -3,8 +3,9 @@
import (
"fmt"
- "github.com/ksoclabs/kbom/internal/config"
"github.com/spf13/cobra"
+
+ "github.com/rad-security/kbom/internal/config"
)
var versionCmd = &cobra.Command{
@@ -18,7 +19,7 @@
fmt.Fprintf(out, "%s version %s\n", config.AppName, config.AppVersion)
fmt.Fprintf(out, "build date: %s\n", config.BuildTime)
fmt.Fprintf(out, "commit: %s\n\n", config.LastCommitHash)
- fmt.Fprintln(out, "https://github.com/ksoclabs/kbom")
+ fmt.Fprintln(out, "https://github.com/rad-security/kbom")
return nil
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/cmd/version_test.go new/kbom-0.3.0/cmd/version_test.go
--- old/kbom-0.2.5/cmd/version_test.go 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/cmd/version_test.go 2024-05-31 15:17:22.000000000 +0200
@@ -4,8 +4,9 @@
"bytes"
"testing"
- "github.com/ksoclabs/kbom/internal/config"
"github.com/stretchr/testify/assert"
+
+ "github.com/rad-security/kbom/internal/config"
)
func TestVersion(t *testing.T) {
@@ -27,5 +28,5 @@
build date: 2021-01-01T00:00:00Z
commit: 1234567890
-https://github.com/ksoclabs/kbom
+https://github.com/rad-security/kbom
`
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/docs/taxonomy.md new/kbom-0.3.0/docs/taxonomy.md
--- old/kbom-0.2.5/docs/taxonomy.md 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/docs/taxonomy.md 2024-05-31 15:17:22.000000000 +0200
@@ -1,53 +1,53 @@
-# Custom KSOC KBOM Taxonomy
+# Custom RAD KBOM Taxonomy
-This is the KSOC KBOM CycloneDX property namespace and name taxonomy. All of the namespaces are prefixed with `ksoc:kbom:`.
+This is the RAD KBOM CycloneDX property namespace and name taxonomy. All of the namespaces are prefixed with `rad:kbom:`.
Following Taxonomy is used by the `KBOM` tool as extension to: [https://github.com/CycloneDX/cyclonedx-property-taxonomy](https://github.com/CycloneDX/cyclonedx-property-taxonomy).
-## `ksoc:kbom:k8s:component` Namespace Taxonomy
+## `rad:kbom:k8s:component` Namespace Taxonomy
| Namespace | Description |
| ------------------------------------ | ----------------------------------------------------------------- |
-| `ksoc:kbom:k8s:component:apiVersion` | API Version of the Kubernetes component. |
-| `ksoc:kbom:k8s:component:namespace` | Namespace of the Kubernetes component. |
+| `rad:kbom:k8s:component:apiVersion` | API Version of the Kubernetes component. |
+| `rad:kbom:k8s:component:namespace` | Namespace of the Kubernetes component. |
-## `ksoc:kbom:k8s:cluster` Namespace Taxonomy
+## `rad:kbom:k8s:cluster` Namespace Taxonomy
| Property | Description |
| ----------------------------------------- | ------------------------------ |
-| `ksoc:kbom:k8s:cluster:location:name` | Name of the location. |
-| `ksoc:kbom:k8s:cluster:location:region` | Region of the cluster. |
-| `ksoc:kbom:k8s:cluster:location:zone` | Zone where cluster is located. |
+| `rad:kbom:k8s:cluster:location:name` | Name of the location. |
+| `rad:kbom:k8s:cluster:location:region` | Region of the cluster. |
+| `rad:kbom:k8s:cluster:location:zone` | Zone where cluster is located. |
-## `ksoc:kbom:k8s:node` Namespace Taxonomy
+## `rad:kbom:k8s:node` Namespace Taxonomy
| Property | Description |
| -------------------------------------------------- | ------------------------------------ |
-| `ksoc:kbom:k8s:node:osImage` | Node's operating system image |
-| `ksoc:kbom:k8s:node:arch` | Node's architecture |
-| `ksoc:kbom:k8s:node:kernel` | Node's kernel version |
-| `ksoc:kbom:k8s:node:bootId` | Node's Boot identifier |
-| `ksoc:kbom:k8s:node:type` | Node's type |
-| `ksoc:kbom:k8s:node:operatingSystem` | Node's operating system |
-| `ksoc:kbom:k8s:node:machineId` | Node's machine identifier |
-| `ksoc:kbom:k8s:node:hostname` | Node's hostname |
-| `ksoc:kbom:k8s:node:containerRuntimeVersion` | Node's container runtime version |
-| `ksoc:kbom:k8s:node:kubeletVersion` | Node's kubelet version |
-| `ksoc:kbom:k8s:node:kubeProxyVersion` | Node's kube proxy version |
-| `ksoc:kbom:k8s:node:capacity:cpu` | Node's CPU capacity |
-| `ksoc:kbom:k8s:node:capacity:memory` | Node's Memory capacity |
-| `ksoc:kbom:k8s:node:capacity:pods` | Node's Pods capacity |
-| `ksoc:kbom:k8s:node:capacity:ephemeralStorage` | Node's ephemeral storage capacity |
-| `ksoc:kbom:k8s:node:allocatable:cpu` | Node's allocatable CPU |
-| `ksoc:kbom:k8s:node:allocatable:memory` | Node's allocatable Memory |
-| `ksoc:kbom:k8s:node:allocatable:pods` | Node's allocatable Pods |
-| `ksoc:kbom:k8s:node:allocatable:ephemeralStorage` | Node's allocatable ephemeral storage |
+| `rad:kbom:k8s:node:osImage` | Node's operating system image |
+| `rad:kbom:k8s:node:arch` | Node's architecture |
+| `rad:kbom:k8s:node:kernel` | Node's kernel version |
+| `rad:kbom:k8s:node:bootId` | Node's Boot identifier |
+| `rad:kbom:k8s:node:type` | Node's type |
+| `rad:kbom:k8s:node:operatingSystem` | Node's operating system |
+| `rad:kbom:k8s:node:machineId` | Node's machine identifier |
+| `rad:kbom:k8s:node:hostname` | Node's hostname |
+| `rad:kbom:k8s:node:containerRuntimeVersion` | Node's container runtime version |
+| `rad:kbom:k8s:node:kubeletVersion` | Node's kubelet version |
+| `rad:kbom:k8s:node:kubeProxyVersion` | Node's kube proxy version |
+| `rad:kbom:k8s:node:capacity:cpu` | Node's CPU capacity |
+| `rad:kbom:k8s:node:capacity:memory` | Node's Memory capacity |
+| `rad:kbom:k8s:node:capacity:pods` | Node's Pods capacity |
+| `rad:kbom:k8s:node:capacity:ephemeralStorage` | Node's ephemeral storage capacity |
+| `rad:kbom:k8s:node:allocatable:cpu` | Node's allocatable CPU |
+| `rad:kbom:k8s:node:allocatable:memory` | Node's allocatable Memory |
+| `rad:kbom:k8s:node:allocatable:pods` | Node's allocatable Pods |
+| `rad:kbom:k8s:node:allocatable:ephemeralStorage` | Node's allocatable ephemeral storage |
-## `ksoc:kbom:pkg` Namespace Taxonomy
+## `rad:kbom:pkg` Namespace Taxonomy
| Property | Description |
| --------------------------------- | -------------------------------------------------- |
-| `ksoc:kbom:pkg:type` | Type of the package. |
-| `ksoc:kbom:pkg:name` | Name of the package. |
-| `ksoc:kbom:pkg:version` | Version of the package. |
-| `ksoc:kbom:pkg:digest` | Digest of the package. |
+| `rad:kbom:pkg:type` | Type of the package. |
+| `rad:kbom:pkg:name` | Name of the package. |
+| `rad:kbom:pkg:version` | Version of the package. |
+| `rad:kbom:pkg:digest` | Digest of the package. |
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/go.mod new/kbom-0.3.0/go.mod
--- old/kbom-0.2.5/go.mod 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/go.mod 2024-05-31 15:17:22.000000000 +0200
@@ -1,23 +1,25 @@
-module github.com/ksoclabs/kbom
+module github.com/rad-security/kbom
-go 1.21
+go 1.22.0
+
+toolchain go1.22.3
require (
github.com/CycloneDX/cyclonedx-go v0.7.2
github.com/Masterminds/semver v1.5.0
- github.com/distribution/reference v0.5.0
- github.com/google/uuid v1.5.0
+ github.com/distribution/reference v0.6.0
+ github.com/google/uuid v1.6.0
github.com/invopop/jsonschema v0.12.0
github.com/mitchellh/hashstructure/v2 v2.0.2
- github.com/rs/zerolog v1.31.0
+ github.com/rs/zerolog v1.33.0
github.com/spf13/cobra v1.8.0
github.com/spf13/pflag v1.0.5
github.com/spf13/viper v1.18.2
- github.com/stretchr/testify v1.8.4
- golang.org/x/term v0.15.0
+ github.com/stretchr/testify v1.9.0
+ golang.org/x/term v0.20.0
gopkg.in/yaml.v3 v3.0.1
k8s.io/api v0.29.0
- k8s.io/apimachinery v0.29.0
+ k8s.io/apimachinery v0.30.1
k8s.io/client-go v0.29.0
)
@@ -27,14 +29,13 @@
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
github.com/fsnotify/fsnotify v1.7.0 // indirect
- github.com/go-logr/logr v1.3.0 // indirect
+ github.com/go-logr/logr v1.4.1 // indirect
github.com/go-openapi/jsonpointer v0.19.6 // indirect
github.com/go-openapi/jsonreference v0.20.2 // indirect
github.com/go-openapi/swag v0.22.3 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
- github.com/golang/protobuf v1.5.3 // indirect
+ github.com/golang/protobuf v1.5.4 // indirect
github.com/google/gnostic-models v0.6.8 // indirect
- github.com/google/go-cmp v0.6.0 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/imdario/mergo v0.3.6 // indirect
@@ -62,18 +63,18 @@
go.uber.org/atomic v1.9.0 // indirect
go.uber.org/multierr v1.9.0 // indirect
golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
- golang.org/x/net v0.19.0 // indirect
+ golang.org/x/net v0.23.0 // indirect
golang.org/x/oauth2 v0.15.0 // indirect
- golang.org/x/sys v0.15.0 // indirect
+ golang.org/x/sys v0.20.0 // indirect
golang.org/x/text v0.14.0 // indirect
golang.org/x/time v0.5.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
- google.golang.org/protobuf v1.31.0 // indirect
+ google.golang.org/protobuf v1.33.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
- k8s.io/klog/v2 v2.110.1 // indirect
- k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
+ k8s.io/klog/v2 v2.120.1 // indirect
+ k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/go.sum new/kbom-0.3.0/go.sum
--- old/kbom-0.2.5/go.sum 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/go.sum 2024-05-31 15:17:22.000000000 +0200
@@ -15,21 +15,16 @@
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0=
-github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
-github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE=
-github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
+github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
+github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=
github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
-github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
-github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
-github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
-github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY=
-github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
+github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE=
github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=
@@ -42,24 +37,20 @@
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
-github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
-github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
+github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I=
github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U=
-github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec=
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4=
-github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU=
-github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28=
@@ -101,10 +92,10 @@
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
-github.com/onsi/ginkgo/v2 v2.9.4 h1:xR7vG4IXt5RWx6FfIjyAtsoMAtnc3C/rFXBBd2AjZwE=
-github.com/onsi/ginkgo/v2 v2.9.4/go.mod h1:gCQYp2Q+kSoIj7ykSVb9nskRSsR6PUj4AiLywzIhbKM=
-github.com/onsi/gomega v1.27.6 h1:ENqfyGeS5AX/rlXDd/ETokDz93u0YufY1Pgxuy/PvWE=
-github.com/onsi/gomega v1.27.6/go.mod h1:PIQNjfQwkP3aQAH7lf7j87O/5FiNr+ZR8+ipb+qQlhg=
+github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY=
+github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM=
+github.com/onsi/gomega v1.31.0 h1:54UJxxj6cPInHS3a35wm6BK/F9nHYueZ1NVujHDrnXE=
+github.com/onsi/gomega v1.31.0/go.mod h1:DW9aCi7U6Yi40wNVAvT6kzFnEVEI5n3DloYBiKiT6zk=
github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
github.com/pelletier/go-toml/v2 v2.1.0 h1:FnwAJ4oYMvbT/34k9zzHuZNrhlz48GB3/s6at6/MHO4=
@@ -116,8 +107,8 @@
github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
-github.com/rs/zerolog v1.31.0 h1:FcTR3NnLWW+NnTwwhFWiJSZr4ECLpqCm6QsEnyvbV4A=
-github.com/rs/zerolog v1.31.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
+github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8=
+github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ=
github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4=
@@ -133,8 +124,6 @@
github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho=
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
-github.com/spf13/viper v1.18.0 h1:pN6W1ub/G4OfnM+NR9p7xP9R6TltLUzp5JG9yZD3Qg0=
-github.com/spf13/viper v1.18.0/go.mod h1:EKmWIqdnk5lOcmR72yw6hS+8OPYcwD0jteitLMVB+yk=
github.com/spf13/viper v1.18.2 h1:LUXCnvUvSM6FXAsj6nnfc8Q2tp1dIgUfY9Kc8GsSOiQ=
github.com/spf13/viper v1.18.2/go.mod h1:EKmWIqdnk5lOcmR72yw6hS+8OPYcwD0jteitLMVB+yk=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
@@ -144,8 +133,9 @@
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
github.com/terminalstatic/go-xsd-validate v0.1.5 h1:RqpJnf6HGE2CB/lZB1A8BYguk8uRtcvYAPLCF15qguo=
@@ -176,8 +166,8 @@
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c=
-golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U=
+golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
+golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ=
golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -189,10 +179,10 @@
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
-golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=
-golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
+golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
+golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw=
+golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@@ -204,18 +194,16 @@
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.13.0 h1:Iey4qkscZuv0VvIt8E0neZjtPVQFSc870HQ448QgEmQ=
-golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
+golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ=
+golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
-google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
-google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
-google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
@@ -229,34 +217,20 @@
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-k8s.io/api v0.28.4 h1:8ZBrLjwosLl/NYgv1P7EQLqoO8MGQApnbgH8tu3BMzY=
-k8s.io/api v0.28.4/go.mod h1:axWTGrY88s/5YE+JSt4uUi6NMM+gur1en2REMR7IRj0=
k8s.io/api v0.29.0 h1:NiCdQMY1QOp1H8lfRyeEf8eOwV6+0xA6XEE44ohDX2A=
k8s.io/api v0.29.0/go.mod h1:sdVmXoz2Bo/cb77Pxi71IPTSErEW32xa4aXwKH7gfBA=
-k8s.io/apimachinery v0.28.4 h1:zOSJe1mc+GxuMnFzD4Z/U1wst50X28ZNsn5bhgIIao8=
-k8s.io/apimachinery v0.28.4/go.mod h1:wI37ncBvfAoswfq626yPTe6Bz1c22L7uaJ8dho83mgg=
-k8s.io/apimachinery v0.29.0 h1:+ACVktwyicPz0oc6MTMLwa2Pw3ouLAfAon1wPLtG48o=
-k8s.io/apimachinery v0.29.0/go.mod h1:eVBxQ/cwiJxH58eK/jd/vAk4mrxmVlnpBH5J2GbMeis=
-k8s.io/client-go v0.28.4 h1:Np5ocjlZcTrkyRJ3+T3PkXDpe4UpatQxj85+xjaD2wY=
-k8s.io/client-go v0.28.4/go.mod h1:0VDZFpgoZfelyP5Wqu0/r/TRYcLYuJ2U1KEeoaPa1N4=
+k8s.io/apimachinery v0.30.1 h1:ZQStsEfo4n65yAdlGTfP/uSHMQSoYzU/oeEbkmF7P2U=
+k8s.io/apimachinery v0.30.1/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc=
k8s.io/client-go v0.29.0 h1:KmlDtFcrdUzOYrBhXHgKw5ycWzc3ryPX5mQe0SkG3y8=
k8s.io/client-go v0.29.0/go.mod h1:yLkXH4HKMAywcrD82KMSmfYg2DlE8mepPR4JGSo5n38=
-k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
-k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
-k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0=
-k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo=
-k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ=
-k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM=
-k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780=
-k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA=
-k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk=
-k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
+k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
+k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
+k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag=
+k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98=
k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI=
k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
-sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=
-sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E=
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4=
sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08=
sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/internal/kube/kube.go new/kbom-0.3.0/internal/kube/kube.go
--- old/kbom-0.2.5/internal/kube/kube.go 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/internal/kube/kube.go 2024-05-31 15:17:22.000000000 +0200
@@ -19,7 +19,7 @@
"k8s.io/client-go/rest"
"k8s.io/client-go/tools/clientcmd"
- "github.com/ksoclabs/kbom/internal/model"
+ "github.com/rad-security/kbom/internal/model"
)
type K8sClient interface {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.2.5/main.go new/kbom-0.3.0/main.go
--- old/kbom-0.2.5/main.go 2023-12-20 23:48:48.000000000 +0100
+++ new/kbom-0.3.0/main.go 2024-05-31 15:17:22.000000000 +0200
@@ -1,6 +1,6 @@
package main
-import "github.com/ksoclabs/kbom/cmd"
+import "github.com/rad-security/kbom/cmd"
func main() {
cmd.Execute()
++++++ kbom.obsinfo ++++++
--- /var/tmp/diff_new_pack.z1GSqR/_old 2024-06-03 17:41:37.250935907 +0200
+++ /var/tmp/diff_new_pack.z1GSqR/_new 2024-06-03 17:41:37.254936059 +0200
@@ -1,5 +1,5 @@
name: kbom
-version: 0.2.5
-mtime: 1703112528
-commit: 5873ff285776c931b4158b76c91074620589d16f
+version: 0.3.0
+mtime: 1717161442
+commit: c34494fddc3f2af8fb3f087a6f32112dc453debf
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/kbom/vendor.tar.gz /work/SRC/openSUSE:Factory/.kbom.new.24587/vendor.tar.gz differ: char 5, line 1
