Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/viveksahu26/stree
It is related to Software Supply Chain Security. It shows the parent-child components relationship in directory Tree or file Tree structure like tree command does for linux.
https://github.com/viveksahu26/stree
go json sbom
Last synced: 20 days ago
JSON representation
It is related to Software Supply Chain Security. It shows the parent-child components relationship in directory Tree or file Tree structure like tree command does for linux.
- Host: GitHub
- URL: https://github.com/viveksahu26/stree
- Owner: viveksahu26
- Created: 2024-09-08T11:45:26.000Z (2 months ago)
- Default Branch: main
- Last Pushed: 2024-10-05T10:29:46.000Z (about 2 months ago)
- Last Synced: 2024-10-16T15:09:06.320Z (about 1 month ago)
- Topics: go, json, sbom
- Language: Go
- Homepage:
- Size: 509 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# stree
stree is tool which convert json structure into directory tree or file tree. It's similar to `tree` command in linux.
For example:
```bash
.
$ tree
├── cmd
│ └── tree
│ ├── cli
│ │ ├── commands.go
│ │ ├── json
│ │ │ └── json.go
│ │ ├── json.go
│ │ └── options
│ │ ├── json.go
│ │ └── root.go
│ └── main.go
├── go.mod
├── go.sum
├── README.md
└── sbomqs-sca.json
5 directories, 10 files
```
## Why stree ?
Basically Json structure has parent-children kind of strucutre. In oder to visualize the relationship b/w parents-child, the stree comes into.
In the world of software and technology, every software has toms of dependencies and each dependecies has further dependencies. For a software supply chain enthusaist, it's a cusrious and required thing to visualize it's project depedencies. For now, this tool support json format.
## How to use it ??
```bash
$ stree json
└──
└── github.com/interlynk-io/sbomqs
├── github.com/CycloneDX/cyclonedx-go
│ ├── github.com/bradleyjkemp/cupaloy/v2
│ ├── github.com/terminalstatic/go-xsd-validate
│ ├── github.com/xeipuuv/gojsonschema
│ ├── github.com/xeipuuv/gojsonpointer
│ └── github.com/xeipuuv/gojsonreference
├── github.com/DependencyTrack/client-go
│ ├── github.com/google/go-cmp
│ ├── github.com/google/uuid
│ ├── github.com/jarcoal/httpmock
│ └── github.com/stretchr/testify
├── github.com/Masterminds/semver/v3
├── github.com/ProtonMail/go-crypto
│ ├── github.com/cloudflare/circl
│ │ ├── golang.org/x/crypto
│ │ │ ├── golang.org/x/net
│ │ │ ├── golang.org/x/sys
│ │ │ ├── golang.org/x/term
│ │ │ └── golang.org/x/text
│ │ │ ├── golang.org/x/tools
│ │ │ │ ├── golang.org/x/net
│ │ │ │ │ ├── golang.org/x/sys
│ │ │ │ │ └── golang.org/x/term
│ │ │ │ ├── golang.org/x/sync
│ │ │ │ └── golang.org/x/text
│ │ │ │ └── golang.org/x/tools
│ │ │ ├── golang.org/x/mod
│ │ │ │ ├── golang.org/x/crypto
│ │ │ │ │ ├── golang.org/x/net
│ │ │ │ │ │ └── golang.org/x/sys
│ │ │ │ │ ├── golang.org/x/sys
│ │ │ │ │ ├── golang.org/x/term
│ │ │ │ │ └── golang.org/x/text
│ │ │ │ └── golang.org/x/tools
│ │ │ │ ├── golang.org/x/net
│ │ │ │ │ ├── golang.org/x/crypto
│ │ │ │ │ ├── golang.org/x/sys
│ │ │ │ │ └── golang.org/x/text
│ │ │ │ ├── golang.org/x/sync
│ │ │ │ └── golang.org/x/xerrors
│ │ │ └── golang.org/x/sys
│ │ └── golang.org/x/sys
│ └── golang.org/x/crypto
│ ├── golang.org/x/net
│ ├── golang.org/x/sys
│ ├── golang.org/x/term
│ └── golang.org/x/text
│ ├── golang.org/x/tools
│ │ ├── golang.org/x/net
│ │ │ ├── golang.org/x/term
│ │ │ └── golang.org/x/text
│ │ └── golang.org/x/sync
│ ├── golang.org/x/mod
├── sigs.k8s.io/yaml
└── toolchain
```
### Images
## Software Supply Chain Security usecases
```bash
# generate list of componenets in json format from go modules
$ opensca-cli -path go.mod -out tree-sca.json
# Now, convert that components into directory structure for easy visualization
$ go run cmd/stree/main.go json --out tree1-output.json stree-tree-sca.json
```
**NOTE**:
- Install opensca-cli tool from [here](https://github.com/XmirrorSecurity/OpenSCA-cli/releases).