Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Data model is broken for multimodule projects #23

Open
puerco opened this issue Nov 7, 2022 · 1 comment
Open

Data model is broken for multimodule projects #23

puerco opened this issue Nov 7, 2022 · 1 comment
Labels
bug Something isn't working

Comments

@puerco
Copy link
Member

puerco commented Nov 7, 2022
edited
Loading

The data model for the OpenSBOM parsers is broken If you have a project with more than one top-level module/package, it cannot be represented in the current model :(

Say for example this one: https://github.com/rust-secure-code/cargo-geiger/blob/master/Cargo.toml

I don't know if we can fix this with the current model, it will require a v2 API.
@puerco puerco added the bug Something isn't working label Nov 7, 2022
@nishakm
Copy link
Contributor

nishakm commented Nov 8, 2022

Here are some proposals:

  1. Each package manager maintains its own data model and reader
  2. Each package manager has a reader that will return a built-in object, maybe a map
  3. We update the meta package to include fields common to all the package managers, and allow for each manager to extend it. I'm personally not sure how to implement this in Go :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nishakm @puerco