# Hoppr JQ Filter
A Hoppr plugin to filter components out of the delivered sbom using jq syntax.
It works as the intersect of "includes" and "excludes".
- Any components not found with the includes will be removed
- Any components found with the excludes will be removed
```yml
SampleStage:
plugins:
- name: "hoppr_jq_filter.plugin"
config:
delete_excluded: True
purl_regex_includes: []
purl_regex_excludes: []
jq_expression_includes: []
jq_expression_excludes: []
```
- `delete_excluded`
- A flag indicating if the plugin should delete any excluded components found in `collect_root_dir`
- `purl_regex_includes`
- A list of regular expressions for purls that should remain in the SBOM
- `purl_regex_excludes`
- A list of regular expressions to remove purls that match in the SBOM
- `jq_expression_includes`
- A list of jq expressions for components that should remain in the SBOM
- `jq_expression_excludes`
- A list of jq expressions to remove components that match in the SBOM
## Examples
### Only keep generic components in the SBOM
```yml
SampleStage:
plugins:
- name: "hoppr_jq_filter.plugin"
config:
purl_regex_includes:
- "^pkg:generic"
```
### Remove any purl with `controlled` in the name
```yml
SampleStage:
plugins:
- name: "hoppr_jq_filter.plugin"
config:
purl_regex_excludes:
- "controlled"
```
## Debugging
If you are having trouble filtering out components, you can easily debug using `jq` directly.
1. Run hoppr bundle with a `-v` and review the logs.
1. This plugin will print all of the jq queries used and the matching purls found.
1. You can `cat your-sbom.cdx.json | jq '<your query>'` to debug.
Raw data
{
"_id": null,
"home_page": "https://hoppr.dev/",
"name": "hoppr_jq_filter",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.10,<4.0",
"maintainer_email": "",
"keywords": "hoppr,plugin,packaging,reports,build dependencies,software bill of materials",
"author": "LMCO Open Source",
"author_email": "open.source@lmco.com",
"download_url": "https://files.pythonhosted.org/packages/06/88/9b6aa3ac2cbece9781229f88fc253dc1e5dcea3d7c8bd3f3b580fdccf0ee/hoppr_jq_filter-0.2.5.tar.gz",
"platform": null,
"description": "# Hoppr JQ Filter\n\nA Hoppr plugin to filter components out of the delivered sbom using jq syntax.\n\nIt works as the intersect of \"includes\" and \"excludes\".\n\n- Any components not found with the includes will be removed\n- Any components found with the excludes will be removed\n\n```yml\n SampleStage:\n plugins:\n - name: \"hoppr_jq_filter.plugin\"\n config:\n delete_excluded: True\n purl_regex_includes: []\n purl_regex_excludes: []\n jq_expression_includes: []\n jq_expression_excludes: []\n```\n\n- `delete_excluded`\n - A flag indicating if the plugin should delete any excluded components found in `collect_root_dir`\n- `purl_regex_includes`\n - A list of regular expressions for purls that should remain in the SBOM\n- `purl_regex_excludes`\n - A list of regular expressions to remove purls that match in the SBOM\n- `jq_expression_includes`\n - A list of jq expressions for components that should remain in the SBOM\n- `jq_expression_excludes`\n - A list of jq expressions to remove components that match in the SBOM\n\n## Examples\n\n### Only keep generic components in the SBOM\n\n```yml\n SampleStage:\n plugins:\n - name: \"hoppr_jq_filter.plugin\"\n config:\n purl_regex_includes:\n - \"^pkg:generic\"\n```\n\n### Remove any purl with `controlled` in the name\n\n```yml\n SampleStage:\n plugins:\n - name: \"hoppr_jq_filter.plugin\"\n config:\n purl_regex_excludes:\n - \"controlled\"\n```\n\n## Debugging\n\nIf you are having trouble filtering out components, you can easily debug using `jq` directly.\n\n1. Run hoppr bundle with a `-v` and review the logs.\n1. This plugin will print all of the jq queries used and the matching purls found.\n1. You can `cat your-sbom.cdx.json | jq '<your query>'` to debug.\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Starter Plug-in for Hoppr",
"version": "0.2.5",
"project_urls": {
"Homepage": "https://hoppr.dev/"
},
"split_keywords": [
"hoppr",
"plugin",
"packaging",
"reports",
"build dependencies",
"software bill of materials"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "c72cdc530eda5174a67d9d3996662bc3477effeee756ebff692fd71aeba79621",
"md5": "ac5a335b580ca01a7469e323f6b319fa",
"sha256": "bd2ba9572a081c4224e77621779e46c4ab7630a28cecc07474d3cf22d69113e6"
},
"downloads": -1,
"filename": "hoppr_jq_filter-0.2.5-py3-none-any.whl",
"has_sig": false,
"md5_digest": "ac5a335b580ca01a7469e323f6b319fa",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10,<4.0",
"size": 5693,
"upload_time": "2024-03-17T11:06:55",
"upload_time_iso_8601": "2024-03-17T11:06:55.037384Z",
"url": "https://files.pythonhosted.org/packages/c7/2c/dc530eda5174a67d9d3996662bc3477effeee756ebff692fd71aeba79621/hoppr_jq_filter-0.2.5-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "06889b6aa3ac2cbece9781229f88fc253dc1e5dcea3d7c8bd3f3b580fdccf0ee",
"md5": "aa29233b3f829cfdb211a520dd1ffb3e",
"sha256": "e6d95bb38954b11ee2c77d9a042d286962e60286c95ed0f1d81e61b53b77757c"
},
"downloads": -1,
"filename": "hoppr_jq_filter-0.2.5.tar.gz",
"has_sig": false,
"md5_digest": "aa29233b3f829cfdb211a520dd1ffb3e",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10,<4.0",
"size": 4946,
"upload_time": "2024-03-17T11:06:56",
"upload_time_iso_8601": "2024-03-17T11:06:56.893691Z",
"url": "https://files.pythonhosted.org/packages/06/88/9b6aa3ac2cbece9781229f88fc253dc1e5dcea3d7c8bd3f3b580fdccf0ee/hoppr_jq_filter-0.2.5.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-03-17 11:06:56",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "hoppr_jq_filter"
}
JSON