# Hoppr JQ Filter
A Hoppr plugin to filter components out of the delivered sbom using jq syntax.
It works as the intersect of "includes" and "excludes".
- Any components not found with the includes will be removed
- Any components found with the excludes will be removed
```yml
SampleStage:
plugins:
- name: "hoppr_jq_filter.plugin"
config:
delete_excluded: True
purl_regex_includes: []
purl_regex_excludes: []
jq_expression_includes: []
jq_expression_excludes: []
```
- `delete_excluded`
- A flag indicating if the plugin should delete any excluded components found in `collect_root_dir`
- `purl_regex_includes`
- A list of regular expressions for purls that should remain in the SBOM
- `purl_regex_excludes`
- A list of regular expressions to remove purls that match in the SBOM
- `jq_expression_includes`
- A list of jq expressions for components that should remain in the SBOM
- `jq_expression_excludes`
- A list of jq expressions to remove components that match in the SBOM
## Examples
### Only keep generic components in the SBOM
```yml
SampleStage:
plugins:
- name: "hoppr_jq_filter.plugin"
config:
purl_regex_includes:
- "^pkg:generic"
```
### Remove any purl with `controlled` in the name
```yml
SampleStage:
plugins:
- name: "hoppr_jq_filter.plugin"
config:
purl_regex_excludes:
- "controlled"
```
## Debugging
If you are having trouble filtering out components, you can easily debug using `jq` directly.
1. Run hoppr bundle with a `-v` and review the logs.
1. This plugin will print all of the jq queries used and the matching purls found.
1. You can `cat your-sbom.cdx.json | jq '<your query>'` to debug.
Raw data
{
"_id": null,
"home_page": "https://hoppr.dev/",
"name": "hoppr-jq-filter",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.10,<4.0",
"maintainer_email": "",
"keywords": "hoppr,plugin,packaging,reports,build dependencies,software bill of materials",
"author": "LMCO Open Source",
"author_email": "open.source@lmco.com",
"download_url": "https://files.pythonhosted.org/packages/39/8b/9f9693f793e9709233216ecac5655a93ebe8026f75b974a4544461beb9c0/hoppr_jq_filter-0.2.1.tar.gz",
"platform": null,
"description": "# Hoppr JQ Filter\n\nA Hoppr plugin to filter components out of the delivered sbom using jq syntax.\n\nIt works as the intersect of \"includes\" and \"excludes\".\n\n- Any components not found with the includes will be removed\n- Any components found with the excludes will be removed\n\n```yml\n SampleStage:\n plugins:\n - name: \"hoppr_jq_filter.plugin\"\n config:\n delete_excluded: True\n purl_regex_includes: []\n purl_regex_excludes: []\n jq_expression_includes: []\n jq_expression_excludes: []\n```\n\n- `delete_excluded`\n - A flag indicating if the plugin should delete any excluded components found in `collect_root_dir`\n- `purl_regex_includes`\n - A list of regular expressions for purls that should remain in the SBOM\n- `purl_regex_excludes`\n - A list of regular expressions to remove purls that match in the SBOM\n- `jq_expression_includes`\n - A list of jq expressions for components that should remain in the SBOM\n- `jq_expression_excludes`\n - A list of jq expressions to remove components that match in the SBOM\n\n## Examples\n\n### Only keep generic components in the SBOM\n\n```yml\n SampleStage:\n plugins:\n - name: \"hoppr_jq_filter.plugin\"\n config:\n purl_regex_includes:\n - \"^pkg:generic\"\n```\n\n### Remove any purl with `controlled` in the name\n\n```yml\n SampleStage:\n plugins:\n - name: \"hoppr_jq_filter.plugin\"\n config:\n purl_regex_excludes:\n - \"controlled\"\n```\n\n## Debugging\n\nIf you are having trouble filtering out components, you can easily debug using `jq` directly.\n\n1. Run hoppr bundle with a `-v` and review the logs.\n1. This plugin will print all of the jq queries used and the matching purls found.\n1. You can `cat your-sbom.cdx.json | jq '<your query>'` to debug.\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Starter Plug-in for Hoppr",
"version": "0.2.1",
"project_urls": {
"Homepage": "https://hoppr.dev/"
},
"split_keywords": [
"hoppr",
"plugin",
"packaging",
"reports",
"build dependencies",
"software bill of materials"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "7b0fb5d18dd0852c041356752ddb4fac86ee9c7b71acc530373c1d1d4e368f76",
"md5": "c18554c649bb4814db523c9360db6a54",
"sha256": "9b4fcaa612a80de553bd833c232210dfefa2aa7327f389031d80e70e413f250a"
},
"downloads": -1,
"filename": "hoppr_jq_filter-0.2.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "c18554c649bb4814db523c9360db6a54",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10,<4.0",
"size": 5700,
"upload_time": "2023-08-01T22:06:30",
"upload_time_iso_8601": "2023-08-01T22:06:30.589885Z",
"url": "https://files.pythonhosted.org/packages/7b/0f/b5d18dd0852c041356752ddb4fac86ee9c7b71acc530373c1d1d4e368f76/hoppr_jq_filter-0.2.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "398b9f9693f793e9709233216ecac5655a93ebe8026f75b974a4544461beb9c0",
"md5": "97cc28245b2b03d46f29cefee1c419b1",
"sha256": "56a5d4897e0cb234cb4cb1401f91fbf41dd492ff23df7140700b780d0f62e51c"
},
"downloads": -1,
"filename": "hoppr_jq_filter-0.2.1.tar.gz",
"has_sig": false,
"md5_digest": "97cc28245b2b03d46f29cefee1c419b1",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10,<4.0",
"size": 4946,
"upload_time": "2023-08-01T22:06:31",
"upload_time_iso_8601": "2023-08-01T22:06:31.971418Z",
"url": "https://files.pythonhosted.org/packages/39/8b/9f9693f793e9709233216ecac5655a93ebe8026f75b974a4544461beb9c0/hoppr_jq_filter-0.2.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-08-01 22:06:31",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "hoppr-jq-filter"
}
JSON