Support detection of triplet targets for Rust projects

[viccuad]

Summary

For Rust, support detection of cross-compilation and list the system libraries used (glibc, musl, linker, compiler, etc).

This may mean supporting .cargo/config.toml.

This file has sections of [target.<triple>]. These sections specify settings for specific platform targets, see the config.toml docs.. These triplets can be used to compile against a different system library (musl instead of glibc for example), different machine architecture, etc, as usual. Example:

# .cargo/config.toml

[target.x86_64-unknown-linux-musl]
linker = "x86_64-linux-musl-gcc"

[target.aarch64-unknown-linux-musl]
linker = "aarch64-linux-musl-gcc"

Note that key options for those sections can be also overridden via env vars. Maybe there's a way to call cargo to obtain the end evaluation that takes into account the env vars.

Background

Right now, SBOM of a rust project compiled for amd64 and glibc is basically the same as if compiled for arm64 and musl. Instead, this information should be included in the SBOM.

[MdSahil-oss]

Hi @viccuad, This issue looks interesting to me. I would like to work on it.

[viccuad]

Hi @MdSahil-oss, I'm not maintainer of this repo, this was just a feature request from my side :). I suppose you would need to get in contact with them, or directly submit a PR for review!

[nishakm]

Hi @MdSahil-oss, This looks like an enhancement that is more suited for https://github.com/opensbom-generator/parsers. cc: @puerco

[MdSahil-oss]

HI! @nishakm Thanks for letting me know, sure I'll look in the repository for this enhancement But let me know whether this enhancement is approved officially or not :)

[MdSahil-oss]

@nishakm @puerco Let me know if this enhancement needs to be implemented in the repository so that I can start working on it :)