sca

Documentation

Index

• func Analyze(ctx context.Context, hdl SCAHandle, generated *config.Dependencies) error
• type DependencyGenerator
• type SCAFS
• type SCAHandle

Functions

func Analyze

func Analyze(ctx context.Context, hdl SCAHandle, generated *config.Dependencies) error

Analyze runs the SCA analyzers on a given SCA handle, modifying the generated dependencies set as needed.

Types

type DependencyGenerator

type DependencyGenerator func(context.Context, SCAHandle, *config.Dependencies) error

DependencyGenerator takes an SCAHandle and config.Dependencies pointer and returns findings based on analysis.

type SCAFS

type SCAFS interface {
	apkofs.ReadLinkFS

	Stat(name string) (fs.FileInfo, error)
}

SCAFS represents the minimum required filesystem accessors which are needed by the SCA engine.

type SCAHandle

type SCAHandle interface {
	// PackageName returns the name of the current package being analyzed.
	PackageName() string

	// RelativeNames returns the name of other packages related to the current
	// package being analyzed.
	RelativeNames() []string

	// Version returns the version and epoch of the package being analyzed.
	Version() string

	// FilesystemForRelative returns a usable filesystem representing the package
	// contents for a given package name.
	FilesystemForRelative(pkgName string) (SCAFS, error)

	// Filesystem returns a usable filesystem representing the current package.
	// It is equivalent to FilesystemForRelative(PackageName()).
	Filesystem() (SCAFS, error)

	// Options returns a config.PackageOption struct.
	Options() config.PackageOption

	// BaseDependencies returns the underlying set of declared dependencies before
	// the SCA engine runs.
	BaseDependencies() config.Dependencies
}

SCAHandle represents all of the state necessary to analyze a package.