advisory

package

v0.42.0 Latest Latest Go to latest Published: Sep 19, 2023 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

gitlab.com/tanna.dev/dependency-management-data

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GenerateAdvisories(ctx context.Context, logger *slog.Logger, sqlDB *sql.DB, pw progress.Writer) error
func ReportAWS(ctx context.Context, logger *slog.Logger, sqlDB *sql.DB) (table.Writer, error)
func ReportPackages(ctx context.Context, logger *slog.Logger, sqlDB *sql.DB, ...) (table.Writer, error)
type Advisories
type Advisory
type AdvisoryType
type VersionMatchStrategy

Constants ¶

View Source

const (
	AdvisoryTypeDeprecated   = "DEPRECATED"
	AdvisoryTypeUnmainatined = "UNMAINTAINED"
	AdvisoryTypeSecurity     = "SECURITY"
	AdvisoryTypeOther        = "OTHER"
)

View Source

const (
	VersionMatchStrategyAny              = "ANY"
	VersionMatchStrategyEquals           = "EQUALS"
	VersionMatchStrategyLessThan         = "LESS_THAN"
	VersionMatchStrategyLessOrEqualTo    = "LESS_EQUAL"
	VersionMatchStrategyGreaterThan      = "GREATER_THAN"
	VersionMatchStrategyGreaterOrEqualTo = "GREATER_EQUAL"
)

Variables ¶

This section is empty.

Functions ¶

func GenerateAdvisories ¶

func GenerateAdvisories(ctx context.Context, logger *slog.Logger, sqlDB *sql.DB, pw progress.Writer) error

func ReportAWS ¶ added in v0.28.0

func ReportAWS(ctx context.Context, logger *slog.Logger, sqlDB *sql.DB) (table.Writer, error)

func ReportPackages ¶ added in v0.39.0

func ReportPackages(ctx context.Context, logger *slog.Logger, sqlDB *sql.DB, platform, org, repo, owner string) (table.Writer, error)

Types ¶

type Advisories ¶

type Advisories struct{}

func (*Advisories) AnonymiseData ¶

func (d *Advisories) AnonymiseData(ctx context.Context, sqlDB *sql.DB, orgs []string) (err error)

func (*Advisories) CreateTables ¶

func (*Advisories) CreateTables(ctx context.Context, sqlDB *sql.DB) error

func (*Advisories) Name ¶

func (*Advisories) Name() string

type Advisory ¶

type Advisory struct {
	// PackagePattern contains a simple wildcard-aware pattern of packages that these advisories are for
	// For example:
	// `github.com/gorilla/*` would expect to match `github.com/gorilla/mux` and `github.com/gorilla/`
	// `git*.com/jamietanna/*` would expect to match `gitlab.com/jamietanna/test` and `github.com/jamietanna/not-test`
	PackagePattern string
	PackageManager string
	// Version contains the version that is expected to match. If nil, will always match
	Version *string
	// VersionMatchStrategy:
	//
	// VersionMatchStrategy defines the way that the version is expected to lexicographically match. If nil, will always match
	VersionMatchStrategy *VersionMatchStrategy
	AdvisoryType         AdvisoryType
	// Description describes why a given advisory is set on this package
	Description string
}

Advisory contains a package advisory, which allows flagging packages (for an optional set of version(s)) for arbitrary reasons

type AdvisoryType ¶

type AdvisoryType = string

AdvisoryType is the type of package advisory that is present

type VersionMatchStrategy ¶

type VersionMatchStrategy = string

VersionMatchStrategy defines how the Advisory.Version, if present, should be compared lexicographically with a CurrentVersion

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
db

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL