README
¶
client-go
Go client library for OWASP Dependency-Track
Introduction
client-go is a Go library to interact with Dependency-Track's REST API, making it easy to implement custom automation around Dependency-Track.
Example use-cases include:
- Interacting with Dependency-Track in CI/CD pipelines
- e.g. to implement quality gates, or generate build reports
- Uploading BOMs of various origins
- e.g. from all containers running in a Kubernetes cluster, see sbom-operator
- Reacting to Webhook notifications
- e.g. to automate analysis decisions on findings, see dtapac
- Reporting and tracking of portfolio metrics in specialized systems
- e.g. to expose metrics to time-series databases like Prometheus, see dependency-track-exporter
Installation
go get github.com/DependencyTrack/client-go
Compatibility
| client-go Version | Go Version | Dependency-Track Version |
|---|---|---|
| v0.8.0 | 1.18+ | 4.0.0+ |
| v0.9.0+ | 1.19+ | 4.0.0+ |
Usage
Please refer to the documentation.
API Coverage
client-go primarily covers those parts of the Dependency-Track API that the community has an explicit need for. If you'd like to use this library, and your desired functionality is not yet available, please consider creating a PR.
Documentation
¶
Overview ¶
Example (FetchAllFindings) ¶
This example demonstrates how to fetch all findings for a given project.
client, _ := dtrack.NewClient("https://dtrack.example.com", dtrack.WithAPIKey("..."))
projectUUID := uuid.MustParse("2d16089e-6d3a-437e-b334-f27eb2cbd7f4")
_, err := dtrack.FetchAll(func(po dtrack.PageOptions) (dtrack.Page[dtrack.Finding], error) {
return client.Finding.GetAll(context.TODO(), projectUUID, false, po)
})
if err != nil {
panic(err)
}
Output:
Example (UploadBOM) ¶
This example demonstrates how to upload a Bill of Materials and wait for its processing to complete.
client, _ := dtrack.NewClient("https://dtrack.example.com", dtrack.WithAPIKey("..."))
bomContent, err := os.ReadFile("bom.xml")
if err != nil {
panic(err)
}
uploadToken, err := client.BOM.Upload(context.TODO(), dtrack.BOMUploadRequest{
ProjectName: "acme-app",
ProjectVersion: "1.0.0",
AutoCreate: true,
BOM: base64.StdEncoding.EncodeToString(bomContent),
})
if err != nil {
panic(err)
}
var (
doneChan = make(chan struct{})
errChan = make(chan error)
ticker = time.NewTicker(1 * time.Second)
timeout = time.After(30 * time.Second)
)
go func() {
defer func() {
close(doneChan)
close(errChan)
}()
for {
select {
case <-ticker.C:
processing, err := client.Event.IsBeingProcessed(context.TODO(), dtrack.EventToken(uploadToken))
if err != nil {
errChan <- err
return
}
if !processing {
doneChan <- struct{}{}
return
}
case <-timeout:
errChan <- fmt.Errorf("timeout exceeded")
return
}
}
}()
select {
case <-doneChan:
fmt.Println("bom processing completed")
case err = <-errChan:
fmt.Printf("failed to wait for bom processing: %v\n", err)
}
Output:
Index ¶
- Constants
- func FetchAll[T any](pageFetchFunc func(po PageOptions) (Page[T], error)) (items []T, err error)
- func ForEach[T any](pageFetchFunc func(po PageOptions) (Page[T], error), ...) (err error)
- func OptionalBool() *bool
- func OptionalBoolOf(value bool) *bool
- type APIError
- type APIKey
- type About
- type AboutFramework
- type AboutService
- type Analysis
- type AnalysisComment
- type AnalysisJustification
- type AnalysisRequest
- type AnalysisResponse
- type AnalysisService
- type AnalysisState
- type BOMFormat
- type BOMService
- func (bs BOMService) ExportComponent(ctx context.Context, componentUUID uuid.UUID, format BOMFormat) (bom string, err error)
- func (bs BOMService) ExportProject(ctx context.Context, projectUUID uuid.UUID, format BOMFormat, ...) (bom string, err error)
- func (bs BOMService) IsBeingProcessed(ctx context.Context, token BOMUploadToken) (bool, error)deprecated
- func (bs BOMService) PostBom(ctx context.Context, uploadReq BOMUploadRequest) (token BOMUploadToken, err error)
- func (bs BOMService) Upload(ctx context.Context, uploadReq BOMUploadRequest) (token BOMUploadToken, err error)
- type BOMUploadRequest
- type BOMUploadToken
- type BOMVariant
- type CWE
- type Client
- type ClientOption
- func WithAPIKey(apiKey string) ClientOption
- func WithBearerToken(token string) ClientOption
- func WithDebug(debug bool) ClientOption
- func WithHttpClient(client *http.Client) ClientOption
- func WithMTLS(caCertFile string, clientCertFile string, clientKeyFile string) ClientOption
- func WithTimeout(timeout time.Duration) ClientOption
- func WithUserAgent(userAgent string) ClientOption
- type Component
- type ComponentService
- func (cs ComponentService) Create(ctx context.Context, projectUUID string, component Component) (c Component, err error)
- func (cs ComponentService) Get(ctx context.Context, componentUUID uuid.UUID) (c Component, err error)
- func (cs ComponentService) GetAll(ctx context.Context, projectUUID uuid.UUID, po PageOptions) (p Page[Component], err error)
- func (cs ComponentService) Update(ctx context.Context, component Component) (c Component, err error)
- type EventService
- type EventToken
- type EventTokenResponse
- type ExternalReference
- type Finding
- type FindingAnalysis
- type FindingAttribution
- type FindingComponent
- type FindingService
- func (f FindingService) AnalyzeProject(ctx context.Context, projectUUID uuid.UUID) (token BOMUploadToken, err error)
- func (f FindingService) ExportFPF(ctx context.Context, projectUUID uuid.UUID) (d []byte, err error)
- func (f FindingService) GetAll(ctx context.Context, projectUUID uuid.UUID, suppressed bool, po PageOptions) (p Page[Finding], err error)
- type FindingVulnerability
- type License
- type LicenseService
- type MetricsService
- func (ms MetricsService) LatestPortfolioMetrics(ctx context.Context) (m PortfolioMetrics, err error)
- func (ms MetricsService) LatestProjectMetrics(ctx context.Context, projectUUID uuid.UUID) (m ProjectMetrics, err error)
- func (ms MetricsService) PortfolioMetricsSince(ctx context.Context, date time.Time) (m []PortfolioMetrics, err error)
- func (ms MetricsService) PortfolioMetricsSinceDays(ctx context.Context, days uint) (m []PortfolioMetrics, err error)
- func (ms MetricsService) ProjectMetricsSince(ctx context.Context, projectUUID uuid.UUID, date time.Time) (m []ProjectMetrics, err error)
- func (ms MetricsService) ProjectMetricsSinceDays(ctx context.Context, projectUUID uuid.UUID, days uint) (m []ProjectMetrics, err error)
- func (ms MetricsService) RefreshPortfolioMetrics(ctx context.Context) (err error)
- func (ms MetricsService) RefreshProjectMetrics(ctx context.Context, projectUUID uuid.UUID) (err error)
- type OIDCGroup
- type OIDCMapping
- type OIDCMappingRequest
- type OIDCService
- func (s OIDCService) AddTeamMapping(ctx context.Context, mapping OIDCMappingRequest) (m OIDCMapping, err error)
- func (s OIDCService) Available(ctx context.Context) (available bool, err error)
- func (s OIDCService) CreateGroup(ctx context.Context, name string) (g OIDCGroup, err error)
- func (s OIDCService) DeleteGroup(ctx context.Context, groupUUID uuid.UUID) (err error)
- func (s OIDCService) GetAllGroups(ctx context.Context, po PageOptions) (p Page[OIDCGroup], err error)
- func (s OIDCService) GetAllTeamsOf(ctx context.Context, group OIDCGroup, po PageOptions) (p Page[Team], err error)
- func (s OIDCService) RemoveTeamMapping(ctx context.Context, mappingID uuid.UUID) (err error)
- func (s OIDCService) UpdateGroup(ctx context.Context, group OIDCGroup) (g OIDCGroup, err error)
- type Page
- type PageOptions
- type ParentRef
- type Permission
- type PermissionService
- func (ps PermissionService) AddPermissionToTeam(ctx context.Context, permission Permission, team uuid.UUID) (t Team, err error)
- func (ps PermissionService) GetAll(ctx context.Context, po PageOptions) (p Page[Permission], err error)
- func (ps PermissionService) RemovePermissionFromTeam(ctx context.Context, permission Permission, team uuid.UUID) (t Team, err error)
- type Policy
- type PolicyCondition
- type PolicyConditionOperator
- type PolicyConditionService
- func (pcs PolicyConditionService) Create(ctx context.Context, policyUUID uuid.UUID, policyCondition PolicyCondition) (p PolicyCondition, err error)
- func (pcs PolicyConditionService) Delete(ctx context.Context, policyConditionUUID uuid.UUID) (err error)
- func (pcs PolicyConditionService) Update(ctx context.Context, policyCondition PolicyCondition) (p PolicyCondition, err error)
- type PolicyConditionSubject
- type PolicyOperator
- type PolicyService
- func (ps PolicyService) AddProject(ctx context.Context, policyUUID, projectUUID uuid.UUID) (p Policy, err error)
- func (ps PolicyService) AddTag(ctx context.Context, policyUUID uuid.UUID, tagName string) (p Policy, err error)
- func (ps PolicyService) Create(ctx context.Context, policy Policy) (p Policy, err error)
- func (ps PolicyService) Delete(ctx context.Context, policyUUID uuid.UUID) (err error)
- func (ps PolicyService) DeleteProject(ctx context.Context, policyUUID, projectUUID uuid.UUID) (p Policy, err error)
- func (ps PolicyService) DeleteTag(ctx context.Context, policyUUID uuid.UUID, tagName string) (p Policy, err error)
- func (ps PolicyService) Get(ctx context.Context, policyUUID uuid.UUID) (p Policy, err error)
- func (ps PolicyService) GetAll(ctx context.Context, po PageOptions) (p Page[Policy], err error)
- func (ps PolicyService) Update(ctx context.Context, policy Policy) (p Policy, err error)
- type PolicyViolation
- type PolicyViolationService
- func (pvs PolicyViolationService) GetAll(ctx context.Context, suppressed bool, po PageOptions) (p Page[PolicyViolation], err error)
- func (pvs PolicyViolationService) GetAllForComponent(ctx context.Context, componentUUID uuid.UUID, suppressed bool, po PageOptions) (p Page[PolicyViolation], err error)
- func (pvs PolicyViolationService) GetAllForProject(ctx context.Context, projectUUID uuid.UUID, suppressed bool, po PageOptions) (p Page[PolicyViolation], err error)
- type PolicyViolationState
- type PortfolioMetrics
- type Project
- type ProjectCloneRequest
- type ProjectMetrics
- type ProjectProperty
- type ProjectPropertyService
- func (ps ProjectPropertyService) Create(ctx context.Context, projectUUID uuid.UUID, property ProjectProperty) (p ProjectProperty, err error)
- func (ps ProjectPropertyService) Delete(ctx context.Context, projectUUID uuid.UUID, groupName, propertyName string) (err error)
- func (ps ProjectPropertyService) GetAll(ctx context.Context, projectUUID uuid.UUID, po PageOptions) (p Page[ProjectProperty], err error)
- func (ps ProjectPropertyService) Update(ctx context.Context, projectUUID uuid.UUID, property ProjectProperty) (p ProjectProperty, err error)
- type ProjectService
- func (ps ProjectService) Clone(ctx context.Context, cloneReq ProjectCloneRequest) (token EventToken, err error)
- func (ps ProjectService) Create(ctx context.Context, project Project) (p Project, err error)
- func (ps ProjectService) Delete(ctx context.Context, projectUUID uuid.UUID) (err error)
- func (ps ProjectService) Get(ctx context.Context, projectUUID uuid.UUID) (p Project, err error)
- func (ps ProjectService) GetAll(ctx context.Context, po PageOptions) (p Page[Project], err error)
- func (ps ProjectService) GetAllByTag(ctx context.Context, tag string, excludeInactive, onlyRoot bool, ...) (p Page[Project], err error)
- func (ps ProjectService) GetProjectsForName(ctx context.Context, name string, excludeInactive, onlyRoot bool) (p []Project, err error)
- func (ps ProjectService) Lookup(ctx context.Context, name, version string) (p Project, err error)
- func (ps ProjectService) Patch(ctx context.Context, projectUUID uuid.UUID, project Project) (p Project, err error)
- func (ps ProjectService) Update(ctx context.Context, project Project) (p Project, err error)
- type Repository
- type RepositoryMetaComponent
- type RepositoryService
- func (rs RepositoryService) Create(ctx context.Context, repo Repository) (r Repository, err error)
- func (rs RepositoryService) Delete(ctx context.Context, reposUUID uuid.UUID) (err error)
- func (rs RepositoryService) GetAll(ctx context.Context, po PageOptions) (p Page[Repository], err error)
- func (rs RepositoryService) GetByType(ctx context.Context, repoType RepositoryType, po PageOptions) (p Page[Repository], err error)
- func (rs RepositoryService) GetMetaComponent(ctx context.Context, purl string) (r RepositoryMetaComponent, err error)
- func (rs RepositoryService) Update(ctx context.Context, repo Repository) (r Repository, err error)
- type RepositoryType
- type Tag
- type Team
- type TeamService
- func (ts TeamService) Create(ctx context.Context, team Team) (t Team, err error)
- func (ts TeamService) Delete(ctx context.Context, team Team) (err error)
- func (ts TeamService) DeleteAPIKey(ctx context.Context, key string) (err error)
- func (ts TeamService) GenerateAPIKey(ctx context.Context, teamUUID uuid.UUID) (key string, err error)
- func (ts TeamService) Get(ctx context.Context, teamUUID uuid.UUID) (t Team, err error)
- func (ts TeamService) GetAPIKeys(ctx context.Context, teamUUID uuid.UUID) (keys []APIKey, err error)
- func (ts TeamService) GetAll(ctx context.Context, po PageOptions) (p Page[Team], err error)
- func (ts TeamService) Update(ctx context.Context, team Team) (t Team, err error)
- func (ts TeamService) UpdateAPIKeyComment(ctx context.Context, key, comment string) (commentOut string, err error)
- type UserService
- type VEXService
- type VEXUploadRequest
- type ViolationAnalysis
- type ViolationAnalysisComment
- type ViolationAnalysisRequest
- type ViolationAnalysisService
- type ViolationAnalysisState
- type Vulnerability
- type VulnerabilityAlias
- type VulnerabilityService
- func (vs VulnerabilityService) Assign(ctx context.Context, vulnUUID, componentUUID uuid.UUID) (err error)
- func (vs VulnerabilityService) Get(ctx context.Context, vulnUUID uuid.UUID) (v Vulnerability, err error)
- func (vs VulnerabilityService) GetAllForComponent(ctx context.Context, componentUUID uuid.UUID, suppressed bool, po PageOptions) (p Page[Vulnerability], err error)
- func (vs VulnerabilityService) GetAllForProject(ctx context.Context, projectUUID uuid.UUID, suppressed bool, po PageOptions) (p Page[Vulnerability], err error)
- func (vs VulnerabilityService) Unassign(ctx context.Context, vulnUUID, componentUUID uuid.UUID) (err error)
Examples ¶
Constants ¶
View Source
const ( DefaultTimeout = 10 * time.Second DefaultUserAgent = "github.com/DependencyTrack/client-go" )
View Source
const ( PermissionAccessManagement = "ACCESS_MANAGEMENT" PermissionBOMUpload = "BOM_UPLOAD" PermissionPolicyManagement = "POLICY_MANAGEMENT" PermissionPolicyViolationAnalysis = "POLICY_VIOLATION_ANALYSIS" PermissionPortfolioManagement = "PORTFOLIO_MANAGEMENT" PermissionProjectCreationUpload = "PROJECT_CREATION_UPLOAD" PermissionSystemConfiguration = "SYSTEM_CONFIGURATION" PermissionTagManagement = "TAG_MANAGEMENT" PermissionViewBadges = "VIEW_BADGES" PermissionViewPolicyViolation = "VIEW_POLICY_VIOLATION" PermissionViewPortfolio = "VIEW_PORTFOLIO" PermissionViewVulnerability = "VIEW_VULNERABILITY" PermissionVulnerabilityAnalysis = "VULNERABILITY_ANALYSIS" PermissionVulnerabilityManagement = "VULNERABILITY_MANAGEMENT" )
View Source
const ( RepositoryTypeCargo = "CARGO" RepositoryTypeComposer = "COMPOSER" RepositoryTypeCpan = "CPAN" RepositoryTypeGem = "GEM" RepositoryTypeGoModules = "GO_MODULES" RepositoryTypeHex = "HEX" RepositoryTypeMaven = "MAVEN" RepositoryTypeNpm = "NPM" RepositoryTypeNuget = "NUGET" RepositoryTypePypi = "PYPI" RepositoryTypeUnsupported = "UNSUPPORTED" )
Variables ¶
This section is empty.
Functions ¶
func FetchAll ¶
func FetchAll[T any](pageFetchFunc func(po PageOptions) (Page[T], error)) (items []T, err error)
FetchAll is a convenience function to retrieve all items of a paginated API resource.
func ForEach ¶
func ForEach[T any](pageFetchFunc func(po PageOptions) (Page[T], error), handlerFunc func(item T) error) (err error)
ForEach is a convenience function to perform an action on every item of a paginated API resource.
func OptionalBool ¶ added in v0.14.0
func OptionalBool() *bool
func OptionalBoolOf ¶ added in v0.14.0
Types ¶
type AboutFramework ¶
type AboutService ¶
type AboutService struct {
// contains filtered or unexported fields
}
type Analysis ¶
type Analysis struct {
Comments []AnalysisComment `json:"analysisComments"`
State AnalysisState `json:"analysisState"`
Justification AnalysisJustification `json:"analysisJustification"`
Response AnalysisResponse `json:"analysisResponse"`
Details string `json:"analysisDetails"`
Suppressed bool `json:"isSuppressed"`
}
type AnalysisComment ¶
type AnalysisJustification ¶
type AnalysisJustification string
const ( AnalysisJustificationCodeNotPresent AnalysisJustification = "CODE_NOT_PRESENT" AnalysisJustificationCodeNotReachable AnalysisJustification = "CODE_NOT_REACHABLE" AnalysisJustificationNotSet AnalysisJustification = "NOT_SET" AnalysisJustificationProtectedAtPerimeter AnalysisJustification = "PROTECTED_AT_PERIMETER" AnalysisJustificationProtectedAtRuntime AnalysisJustification = "PROTECTED_AT_RUNTIME" AnalysisJustificationProtectedByCompiler AnalysisJustification = "PROTECTED_BY_COMPILER" AnalysisJustificationProtectedByMitigatingControl AnalysisJustification = "PROTECTED_BY_MITIGATING_CONTROL" AnalysisJustificationRequiresConfiguration AnalysisJustification = "REQUIRES_CONFIGURATION" AnalysisJustificationRequiresDependency AnalysisJustification = "REQUIRES_DEPENDENCY" AnalysisJustificationRequiresEnvironment AnalysisJustification = "REQUIRES_ENVIRONMENT" )
type AnalysisRequest ¶
type AnalysisRequest struct {
Component uuid.UUID `json:"component"`
Project uuid.UUID `json:"project"`
Vulnerability uuid.UUID `json:"vulnerability"`
Comment string `json:"comment,omitempty"`
State AnalysisState `json:"analysisState,omitempty"`
Justification AnalysisJustification `json:"analysisJustification,omitempty"`
Response AnalysisResponse `json:"analysisResponse,omitempty"`
Details string `json:"analysisDetails,omitempty"`
Suppressed *bool `json:"isSuppressed,omitempty"`
}
type AnalysisResponse ¶
type AnalysisResponse string
const ( AnalysisResponseCanNotFix AnalysisResponse = "CAN_NOT_FIX" AnalysisResponseNotSet AnalysisResponse = "NOT_SET" AnalysisResponseRollback AnalysisResponse = "ROLLBACK" AnalysisResponseUpdate AnalysisResponse = "UPDATE" AnalysisResponseWillNotFix AnalysisResponse = "WILL_NOT_FIX" AnalysisResponseWorkaroundAvailable AnalysisResponse = "WORKAROUND_AVAILABLE" )
type AnalysisService ¶
type AnalysisService struct {
// contains filtered or unexported fields
}
func (AnalysisService) Create ¶
func (as AnalysisService) Create(ctx context.Context, analysisReq AnalysisRequest) (a Analysis, err error)
type AnalysisState ¶
type AnalysisState string
const ( AnalysisStateExploitable AnalysisState = "EXPLOITABLE" AnalysisStateFalsePositive AnalysisState = "FALSE_POSITIVE" AnalysisStateInTriage AnalysisState = "IN_TRIAGE" AnalysisStateNotAffected AnalysisState = "NOT_AFFECTED" AnalysisStateNotSet AnalysisState = "NOT_SET" AnalysisStateResolved AnalysisState = "RESOLVED" )
type BOMService ¶
type BOMService struct {
// contains filtered or unexported fields
}
func (BOMService) ExportComponent ¶
func (BOMService) ExportProject ¶
func (bs BOMService) ExportProject(ctx context.Context, projectUUID uuid.UUID, format BOMFormat, variant BOMVariant) (bom string, err error)
func (BOMService) IsBeingProcessed
deprecated
func (bs BOMService) IsBeingProcessed(ctx context.Context, token BOMUploadToken) (bool, error)
IsBeingProcessed checks whether the BOM associated with a given token is still being processed.
Deprecated: for server versions 4.11.0 and above, EventService.IsBeingProcessed should be used.
func (BOMService) PostBom ¶ added in v0.13.0
func (bs BOMService) PostBom(ctx context.Context, uploadReq BOMUploadRequest) (token BOMUploadToken, err error)
func (BOMService) Upload ¶
func (bs BOMService) Upload(ctx context.Context, uploadReq BOMUploadRequest) (token BOMUploadToken, err error)
type BOMUploadRequest ¶
type BOMUploadRequest struct {
ProjectUUID *uuid.UUID `json:"project,omitempty"`
ProjectName string `json:"projectName,omitempty"`
ProjectVersion string `json:"projectVersion,omitempty"`
ProjectTags []Tag `json:"projectTags,omitempty"` // Since v4.12.0
ParentUUID *uuid.UUID `json:"parentUUID,omitempty"` // Since v4.8.0
ParentName string `json:"parentName,omitempty"` // Since v4.8.0
ParentVersion string `json:"parentVersion,omitempty"` // Since v4.8.0
IsLatest *bool `json:"isLatestProjectVersion,omitempty"` // Since v4.12.0
AutoCreate bool `json:"autoCreate"`
BOM string `json:"bom"`
}
type BOMUploadToken ¶
type BOMUploadToken string
type BOMVariant ¶
type BOMVariant string
const ( BOMVariantInventory BOMVariant = "inventory" BOMVariantVDR BOMVariant = "vdr" // Since v4.7.0 BOMVariantWithVulnerabilities BOMVariant = "withVulnerabilities" )
type Client ¶
type Client struct {
About AboutService
Analysis AnalysisService
BOM BOMService
Component ComponentService
Finding FindingService
Event EventService
License LicenseService
Metrics MetricsService
OIDC OIDCService
Permission PermissionService
Policy PolicyService
PolicyCondition PolicyConditionService
PolicyViolation PolicyViolationService
Project ProjectService
ProjectProperty ProjectPropertyService
Repository RepositoryService
Team TeamService
User UserService
VEX VEXService
ViolationAnalysis ViolationAnalysisService
Vulnerability VulnerabilityService
// contains filtered or unexported fields
}
type ClientOption ¶
func WithAPIKey ¶
func WithAPIKey(apiKey string) ClientOption
func WithBearerToken ¶
func WithBearerToken(token string) ClientOption
func WithDebug ¶
func WithDebug(debug bool) ClientOption
WithDebug toggles the debug mode. When enabled, HTTP requests and responses will be logged to stderr. DO NOT USE IN PRODUCTION, authorization headers are not cleared!
func WithHttpClient ¶ added in v0.11.0
func WithHttpClient(client *http.Client) ClientOption
WithHttpClient overrides the default HttpClient.
func WithMTLS ¶ added in v0.10.0
func WithMTLS(caCertFile string, clientCertFile string, clientKeyFile string) ClientOption
WithMTLS configures the http client to use client certificates
func WithTimeout ¶
func WithTimeout(timeout time.Duration) ClientOption
WithTimeout overrides the default timeout.
func WithUserAgent ¶
func WithUserAgent(userAgent string) ClientOption
WithUserAgent overrides the default user agent.
type Component ¶
type Component struct {
UUID uuid.UUID `json:"uuid,omitempty"`
Author string `json:"author,omitempty"`
Publisher string `json:"publisher,omitempty"`
Group string `json:"group,omitempty"`
Name string `json:"name"`
Version string `json:"version"`
Classifier string `json:"classifier,omitempty"`
FileName string `json:"filename,omitempty"`
Extension string `json:"extension,omitempty"`
MD5 string `json:"md5,omitempty"`
SHA1 string `json:"sha1,omitempty"`
SHA256 string `json:"sha256,omitempty"`
SHA384 string `json:"sha384,omitempty"`
SHA512 string `json:"sha512,omitempty"`
SHA3_256 string `json:"sha3_256,omitempty"`
SHA3_384 string `json:"sha3_384,omitempty"`
SHA3_512 string `json:"sha3_512,omitempty"`
BLAKE2b_256 string `json:"blake2b_256,omitempty"`
BLAKE2b_384 string `json:"blake2b_384,omitempty"`
BLAKE2b_512 string `json:"blake2b_512,omitempty"`
BLAKE3 string `json:"blake3,omitempty"`
CPE string `json:"cpe,omitempty"`
PURL string `json:"purl,omitempty"`
SWIDTagID string `json:"swidTagId,omitempty"`
Internal bool `json:"isInternal,omitempty"`
Description string `json:"description,omitempty"`
Copyright string `json:"copyright,omitempty"`
License string `json:"license,omitempty"`
ResolvedLicense *License `json:"resolvedLicense,omitempty"`
DirectDependencies string `json:"directDependencies,omitempty"`
Notes string `json:"notes,omitempty"`
ExternalReferences []ExternalReference `json:"externalReferences,omitempty"`
}
type ComponentService ¶
type ComponentService struct {
// contains filtered or unexported fields
}
type EventService ¶ added in v0.14.0
type EventService struct {
// contains filtered or unexported fields
}
func (EventService) IsBeingProcessed ¶ added in v0.14.0
func (es EventService) IsBeingProcessed(ctx context.Context, token EventToken) (bool, error)
IsBeingProcessed checks whether the event associated with a given token is still being processed.
type EventToken ¶ added in v0.14.0
type EventToken string
type EventTokenResponse ¶ added in v0.14.0
type EventTokenResponse struct {
Token EventToken `json:"token"`
}
type ExternalReference ¶ added in v0.13.0
type Finding ¶
type Finding struct {
Attribution FindingAttribution `json:"attribution"`
Analysis FindingAnalysis `json:"analysis"`
Component FindingComponent `json:"component"`
Matrix string `json:"matrix"`
Vulnerability FindingVulnerability `json:"vulnerability"`
}
type FindingAnalysis ¶ added in v0.9.0
type FindingAttribution ¶
type FindingComponent ¶ added in v0.9.0
type FindingService ¶
type FindingService struct {
// contains filtered or unexported fields
}
func (FindingService) AnalyzeProject ¶ added in v0.9.0
func (f FindingService) AnalyzeProject(ctx context.Context, projectUUID uuid.UUID) (token BOMUploadToken, err error)
AnalyzeProject triggers an analysis for a given project. This feature is available in Dependency-Track v4.7.0 and newer.
type FindingVulnerability ¶ added in v0.9.0
type FindingVulnerability struct {
UUID uuid.UUID `json:"uuid"`
VulnID string `json:"vulnId"`
Source string `json:"source"`
Aliases []VulnerabilityAlias `json:"aliases"`
Title string `json:"title"`
SubTitle string `json:"subTitle"`
Description string `json:"description"`
Recommendation string `json:"recommendation"`
CVSSV2BaseScore float64 `json:"cvssV2BaseScore"`
CVSSV3BaseScore float64 `json:"cvssV3BaseScore"`
Severity string `json:"severity"`
SeverityRank int `json:"severityRank"`
OWASPRRBusinessImpactScore float64 `json:"owaspBusinessImpactScore"`
OWASPRRLikelihoodScore float64 `json:"owaspLikelihoodScore"`
OWASPRRTechnicalImpactScore float64 `json:"owaspTechnicalImpactScore"`
EPSSScore float64 `json:"epssScore"`
EPSSPercentile float64 `json:"epssPercentile"`
CWEs []CWE `json:"cwes"`
}
type License ¶
type License struct {
UUID uuid.UUID `json:"uuid"`
Name string `json:"name"`
Text string `json:"text"`
Template string `json:"template"`
Header string `json:"header"`
Comment string `json:"comment"`
LicenseID string `json:"licenseId"`
OSIApproved bool `json:"isOsiApproved"`
FSFLibre bool `json:"isFsfLibre"`
DeprecatedLicenseID bool `json:"isDeprecatedLicenseId"`
SeeAlso []string `json:"seeAlso"`
}
type LicenseService ¶
type LicenseService struct {
// contains filtered or unexported fields
}
func (LicenseService) GetAll ¶
func (l LicenseService) GetAll(ctx context.Context, po PageOptions) (p Page[License], err error)
type MetricsService ¶
type MetricsService struct {
// contains filtered or unexported fields
}
func (MetricsService) LatestPortfolioMetrics ¶
func (ms MetricsService) LatestPortfolioMetrics(ctx context.Context) (m PortfolioMetrics, err error)
func (MetricsService) LatestProjectMetrics ¶
func (ms MetricsService) LatestProjectMetrics(ctx context.Context, projectUUID uuid.UUID) (m ProjectMetrics, err error)
func (MetricsService) PortfolioMetricsSince ¶
func (ms MetricsService) PortfolioMetricsSince(ctx context.Context, date time.Time) (m []PortfolioMetrics, err error)
func (MetricsService) PortfolioMetricsSinceDays ¶
func (ms MetricsService) PortfolioMetricsSinceDays(ctx context.Context, days uint) (m []PortfolioMetrics, err error)
func (MetricsService) ProjectMetricsSince ¶
func (ms MetricsService) ProjectMetricsSince(ctx context.Context, projectUUID uuid.UUID, date time.Time) (m []ProjectMetrics, err error)
func (MetricsService) ProjectMetricsSinceDays ¶
func (ms MetricsService) ProjectMetricsSinceDays(ctx context.Context, projectUUID uuid.UUID, days uint) (m []ProjectMetrics, err error)
func (MetricsService) RefreshPortfolioMetrics ¶
func (ms MetricsService) RefreshPortfolioMetrics(ctx context.Context) (err error)
func (MetricsService) RefreshProjectMetrics ¶
type OIDCMapping ¶ added in v0.13.0
type OIDCMappingRequest ¶ added in v0.13.0
type OIDCService ¶ added in v0.13.0
type OIDCService struct {
// contains filtered or unexported fields
}
func (OIDCService) AddTeamMapping ¶ added in v0.13.0
func (s OIDCService) AddTeamMapping(ctx context.Context, mapping OIDCMappingRequest) (m OIDCMapping, err error)
func (OIDCService) Available ¶ added in v0.13.0
func (s OIDCService) Available(ctx context.Context) (available bool, err error)
func (OIDCService) CreateGroup ¶ added in v0.13.0
func (OIDCService) DeleteGroup ¶ added in v0.13.0
func (OIDCService) GetAllGroups ¶ added in v0.13.0
func (s OIDCService) GetAllGroups(ctx context.Context, po PageOptions) (p Page[OIDCGroup], err error)
func (OIDCService) GetAllTeamsOf ¶ added in v0.13.0
func (s OIDCService) GetAllTeamsOf(ctx context.Context, group OIDCGroup, po PageOptions) (p Page[Team], err error)
func (OIDCService) RemoveTeamMapping ¶ added in v0.13.0
func (OIDCService) UpdateGroup ¶ added in v0.13.0
type PageOptions ¶
type Permission ¶ added in v0.9.0
type PermissionService ¶ added in v0.9.0
type PermissionService struct {
// contains filtered or unexported fields
}
func (PermissionService) AddPermissionToTeam ¶ added in v0.9.0
func (ps PermissionService) AddPermissionToTeam(ctx context.Context, permission Permission, team uuid.UUID) (t Team, err error)
func (PermissionService) GetAll ¶ added in v0.9.0
func (ps PermissionService) GetAll(ctx context.Context, po PageOptions) (p Page[Permission], err error)
func (PermissionService) RemovePermissionFromTeam ¶ added in v0.13.0
func (ps PermissionService) RemovePermissionFromTeam(ctx context.Context, permission Permission, team uuid.UUID) (t Team, err error)
type Policy ¶
type Policy struct {
UUID uuid.UUID `json:"uuid,omitempty"`
Name string `json:"name"`
Operator PolicyOperator `json:"operator"`
ViolationState PolicyViolationState `json:"violationState"`
PolicyConditions []PolicyCondition `json:"policyConditions,omitempty"`
IncludeChildren bool `json:"includeChildren,omitempty"`
Global bool `json:"global,omitempty"`
Projects []Project `json:"projects,omitempty"`
Tags []Tag `json:"tags,omitempty"`
}
type PolicyCondition ¶
type PolicyCondition struct {
UUID uuid.UUID `json:"uuid,omitempty"`
Policy *Policy `json:"policy,omitempty"`
Operator PolicyConditionOperator `json:"operator"`
Subject PolicyConditionSubject `json:"subject"`
Value string `json:"value"`
}
type PolicyConditionOperator ¶ added in v0.12.0
type PolicyConditionOperator string
const ( PolicyConditionOperatorIs PolicyConditionOperator = "IS" PolicyConditionOperatorIsNot PolicyConditionOperator = "IS_NOT" PolicyConditionOperatorMatches PolicyConditionOperator = "MATCHES" PolicyConditionOperatorNoMatch PolicyConditionOperator = "NO_MATCH" PolicyConditionOperatorNumericGreaterThan PolicyConditionOperator = "NUMERIC_GREATER_THAN" PolicyConditionOperatorNumericLessThan PolicyConditionOperator = "NUMERIC_LESS_THAN" PolicyConditionOperatorNumericEqual PolicyConditionOperator = "NUMERIC_EQUAL" PolicyConditionOperatorNumericNotEqual PolicyConditionOperator = "NUMERIC_NOT_EQUAL" PolicyConditionOperatorNumericGreaterThanOrEqual PolicyConditionOperator = "NUMERIC_GREATER_THAN_OR_EQUAL" PolicyConditionOperatorNumericLesserThanOrEqual PolicyConditionOperator = "NUMERIC_LESSER_THAN_OR_EQUAL" PolicyConditionOperatorContainsAll PolicyConditionOperator = "CONTAINS_ALL" PolicyConditionOperatorContainsAny PolicyConditionOperator = "CONTAINS_ANY" )
type PolicyConditionService ¶ added in v0.12.0
type PolicyConditionService struct {
// contains filtered or unexported fields
}
func (PolicyConditionService) Create ¶ added in v0.12.0
func (pcs PolicyConditionService) Create(ctx context.Context, policyUUID uuid.UUID, policyCondition PolicyCondition) (p PolicyCondition, err error)
func (PolicyConditionService) Update ¶ added in v0.12.0
func (pcs PolicyConditionService) Update(ctx context.Context, policyCondition PolicyCondition) (p PolicyCondition, err error)
type PolicyConditionSubject ¶ added in v0.12.0
type PolicyConditionSubject string
const ( PolicyConditionSubjectAge PolicyConditionSubject = "AGE" PolicyConditionSubjectCoordinates PolicyConditionSubject = "COORDINATES" PolicyConditionSubjectCPE PolicyConditionSubject = "CPE" PolicyConditionSubjectLicense PolicyConditionSubject = "LICENSE" PolicyConditionSubjectLicenseGroup PolicyConditionSubject = "LICENSE_GROUP" PolicyConditionSubjectPackageURL PolicyConditionSubject = "PACKAGE_URL" PolicyConditionSubjectSeverity PolicyConditionSubject = "SEVERITY" PolicyConditionSubjectSWIDTagID PolicyConditionSubject = "SWID_TAGID" PolicyConditionSubjectVersion PolicyConditionSubject = "VERSION" PolicyConditionSubjectComponentHash PolicyConditionSubject = "COMPONENT_HASH" PolicyConditionSubjectCWE PolicyConditionSubject = "CWE" PolicyConditionSubjectVulnerabilityID PolicyConditionSubject = "VULNERABILITY_ID" )
type PolicyOperator ¶ added in v0.12.0
type PolicyOperator string
const ( PolicyOperatorAll PolicyOperator = "ALL" PolicyOperatorAny PolicyOperator = "ANY" )
type PolicyService ¶
type PolicyService struct {
// contains filtered or unexported fields
}
func (PolicyService) AddProject ¶ added in v0.12.0
func (PolicyService) DeleteProject ¶ added in v0.12.0
func (PolicyService) GetAll ¶
func (ps PolicyService) GetAll(ctx context.Context, po PageOptions) (p Page[Policy], err error)
type PolicyViolation ¶
type PolicyViolation struct {
UUID uuid.UUID
Component Component `json:"component"`
Project Project `json:"project"`
PolicyCondition *PolicyCondition `json:"policyCondition,omitempty"`
Type string `json:"type"`
Text string `json:"text"`
Analysis *ViolationAnalysis `json:"analysis,omitempty"`
}
type PolicyViolationService ¶
type PolicyViolationService struct {
// contains filtered or unexported fields
}
func (PolicyViolationService) GetAll ¶
func (pvs PolicyViolationService) GetAll(ctx context.Context, suppressed bool, po PageOptions) (p Page[PolicyViolation], err error)
func (PolicyViolationService) GetAllForComponent ¶
func (pvs PolicyViolationService) GetAllForComponent(ctx context.Context, componentUUID uuid.UUID, suppressed bool, po PageOptions) (p Page[PolicyViolation], err error)
func (PolicyViolationService) GetAllForProject ¶
func (pvs PolicyViolationService) GetAllForProject(ctx context.Context, projectUUID uuid.UUID, suppressed bool, po PageOptions) (p Page[PolicyViolation], err error)
type PolicyViolationState ¶ added in v0.12.0
type PolicyViolationState string
const ( PolicyViolationStateInfo PolicyViolationState = "INFO" PolicyViolationStateWarn PolicyViolationState = "WARN" PolicyViolationStateFail PolicyViolationState = "FAIL" )
type PortfolioMetrics ¶
type PortfolioMetrics struct {
FirstOccurrence int `json:"firstOccurrence"`
LastOccurrence int `json:"lastOccurrence"`
InheritedRiskScore float64 `json:"inheritedRiskScore"`
Vulnerabilities int `json:"vulnerabilities"`
VulnerableProjects int `json:"vulnerableProjects"`
VulnerableComponents int `json:"vulnerableComponents"`
Projects int `json:"projects"`
Components int `json:"components"`
Suppressed int `json:"suppressed"`
Critical int `json:"critical"`
High int `json:"high"`
Medium int `json:"medium"`
Low int `json:"low"`
Unassigned int `json:"unassigned"`
FindingsTotal int `json:"findingsTotal"`
FindingsAudited int `json:"findingsAudited"`
FindingsUnaudited int `json:"findingsUnaudited"`
PolicyViolationsTotal int `json:"policyViolationsTotal"`
PolicyViolationsFail int `json:"policyViolationsFail"`
PolicyViolationsWarn int `json:"policyViolationsWarn"`
PolicyViolationsInfo int `json:"policyViolationsInfo"`
PolicyViolationsAudited int `json:"policyViolationsAudited"`
PolicyViolationsUnaudited int `json:"policyViolationsUnaudited"`
PolicyViolationsSecurityTotal int `json:"policyViolationsSecurityTotal"`
PolicyViolationsSecurityAudited int `json:"policyViolationsSecurityAudited"`
PolicyViolationsSecurityUnaudited int `json:"policyViolationsSecurityUnaudited"`
PolicyViolationsLicenseTotal int `json:"policyViolationsLicenseTotal"`
PolicyViolationsLicenseAudited int `json:"policyViolationsLicenseAudited"`
PolicyViolationsLicenseUnaudited int `json:"policyViolationsLicenseUnaudited"`
PolicyViolationsOperationalTotal int `json:"policyViolationsOperationalTotal"`
PolicyViolationsOperationalAudited int `json:"policyViolationsOperationalAudited"`
PolicyViolationsOperationalUnaudited int `json:"policyViolationsOperationalUnaudited"`
}
type Project ¶
type Project struct {
UUID uuid.UUID `json:"uuid,omitempty"`
Author string `json:"author,omitempty"`
Publisher string `json:"publisher,omitempty"`
Group string `json:"group,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Version string `json:"version,omitempty"`
Classifier string `json:"classifier,omitempty"`
CPE string `json:"cpe,omitempty"`
PURL string `json:"purl,omitempty"`
SWIDTagID string `json:"swidTagId,omitempty"`
DirectDependencies string `json:"directDependencies,omitempty"`
Properties []ProjectProperty `json:"properties,omitempty"`
Tags []Tag `json:"tags,omitempty"`
Active bool `json:"active"`
IsLatest *bool `json:"isLatest,omitempty"` // Since v4.12.0
Metrics ProjectMetrics `json:"metrics"`
ParentRef *ParentRef `json:"parent,omitempty"`
LastBOMImport int `json:"lastBomImport"`
ExternalReferences []ExternalReference `json:"externalReferences,omitempty"`
}
type ProjectCloneRequest ¶
type ProjectCloneRequest struct {
ProjectUUID uuid.UUID `json:"project"`
Version string `json:"version"`
IncludeACL bool `json:"includeACL"`
IncludeAuditHistory bool `json:"includeAuditHistory"`
IncludeComponents bool `json:"includeComponents"`
IncludePolicyViolations *bool `json:"includePolicyViolations,omitempty"` // Since v4.11.0
IncludeProperties bool `json:"includeProperties"`
IncludeServices bool `json:"includeServices"`
IncludeTags bool `json:"includeTags"`
MakeCloneLatest *bool `json:"makeCloneLatest,omitempty"` // Since v4.12.0
}
type ProjectMetrics ¶
type ProjectMetrics struct {
FirstOccurrence int `json:"firstOccurrence"`
LastOccurrence int `json:"lastOccurrence"`
InheritedRiskScore float64 `json:"inheritedRiskScore"`
Vulnerabilities int `json:"vulnerabilities"`
VulnerableComponents int `json:"vulnerableComponents"`
Components int `json:"components"`
Suppressed int `json:"suppressed"`
Critical int `json:"critical"`
High int `json:"high"`
Medium int `json:"medium"`
Low int `json:"low"`
Unassigned int `json:"unassigned"`
FindingsTotal int `json:"findingsTotal"`
FindingsAudited int `json:"findingsAudited"`
FindingsUnaudited int `json:"findingsUnaudited"`
PolicyViolationsTotal int `json:"policyViolationsTotal"`
PolicyViolationsFail int `json:"policyViolationsFail"`
PolicyViolationsWarn int `json:"policyViolationsWarn"`
PolicyViolationsInfo int `json:"policyViolationsInfo"`
PolicyViolationsAudited int `json:"policyViolationsAudited"`
PolicyViolationsUnaudited int `json:"policyViolationsUnaudited"`
PolicyViolationsSecurityTotal int `json:"policyViolationsSecurityTotal"`
PolicyViolationsSecurityAudited int `json:"policyViolationsSecurityAudited"`
PolicyViolationsSecurityUnaudited int `json:"policyViolationsSecurityUnaudited"`
PolicyViolationsLicenseTotal int `json:"policyViolationsLicenseTotal"`
PolicyViolationsLicenseAudited int `json:"policyViolationsLicenseAudited"`
PolicyViolationsLicenseUnaudited int `json:"policyViolationsLicenseUnaudited"`
PolicyViolationsOperationalTotal int `json:"policyViolationsOperationalTotal"`
PolicyViolationsOperationalAudited int `json:"policyViolationsOperationalAudited"`
PolicyViolationsOperationalUnaudited int `json:"policyViolationsOperationalUnaudited"`
}
type ProjectProperty ¶
type ProjectPropertyService ¶
type ProjectPropertyService struct {
// contains filtered or unexported fields
}
func (ProjectPropertyService) Create ¶
func (ps ProjectPropertyService) Create(ctx context.Context, projectUUID uuid.UUID, property ProjectProperty) (p ProjectProperty, err error)
func (ProjectPropertyService) GetAll ¶
func (ps ProjectPropertyService) GetAll(ctx context.Context, projectUUID uuid.UUID, po PageOptions) (p Page[ProjectProperty], err error)
func (ProjectPropertyService) Update ¶
func (ps ProjectPropertyService) Update(ctx context.Context, projectUUID uuid.UUID, property ProjectProperty) (p ProjectProperty, err error)
type ProjectService ¶
type ProjectService struct {
// contains filtered or unexported fields
}
func (ProjectService) Clone ¶
func (ps ProjectService) Clone(ctx context.Context, cloneReq ProjectCloneRequest) (token EventToken, err error)
Clone triggers a cloning operation. An EventToken is only returned for server versions 4.11.0 and newer.
func (ProjectService) GetAll ¶
func (ps ProjectService) GetAll(ctx context.Context, po PageOptions) (p Page[Project], err error)
func (ProjectService) GetAllByTag ¶ added in v0.11.0
func (ps ProjectService) GetAllByTag(ctx context.Context, tag string, excludeInactive, onlyRoot bool, po PageOptions) (p Page[Project], err error)
func (ProjectService) GetProjectsForName ¶ added in v0.9.0
type Repository ¶ added in v0.13.0
type Repository struct {
Type RepositoryType `json:"type"`
Identifier string `json:"identifier"`
Url string `json:"url"`
ResolutionOrder int `json:"resolutionOrder"`
Enabled bool `json:"enabled"`
Internal bool `json:"internal"`
Username string `json:"username,omitempty"`
Password string `json:"password,omitempty"`
UUID uuid.UUID `json:"uuid,omitempty"`
}
type RepositoryMetaComponent ¶
type RepositoryMetaComponent struct {
LatestVersion string `json:"latestVersion"`
}
type RepositoryService ¶
type RepositoryService struct {
// contains filtered or unexported fields
}
func (RepositoryService) Create ¶ added in v0.13.0
func (rs RepositoryService) Create(ctx context.Context, repo Repository) (r Repository, err error)
func (RepositoryService) GetAll ¶ added in v0.13.0
func (rs RepositoryService) GetAll(ctx context.Context, po PageOptions) (p Page[Repository], err error)
func (RepositoryService) GetByType ¶ added in v0.13.0
func (rs RepositoryService) GetByType(ctx context.Context, repoType RepositoryType, po PageOptions) (p Page[Repository], err error)
func (RepositoryService) GetMetaComponent ¶
func (rs RepositoryService) GetMetaComponent(ctx context.Context, purl string) (r RepositoryMetaComponent, err error)
func (RepositoryService) Update ¶ added in v0.13.0
func (rs RepositoryService) Update(ctx context.Context, repo Repository) (r Repository, err error)
type RepositoryType ¶ added in v0.13.0
type RepositoryType string
type Team ¶
type Team struct {
UUID uuid.UUID `json:"uuid,omitempty"`
Name string `json:"name,omitempty"`
APIKeys []APIKey `json:"apiKeys,omitempty"`
Permissions []Permission `json:"permissions,omitempty"`
MappedOIDCGroups []OIDCMapping `json:"mappedOidcGroups,omitempty"`
}
type TeamService ¶
type TeamService struct {
// contains filtered or unexported fields
}
func (TeamService) Delete ¶ added in v0.9.0
func (ts TeamService) Delete(ctx context.Context, team Team) (err error)
func (TeamService) DeleteAPIKey ¶ added in v0.14.0
func (ts TeamService) DeleteAPIKey(ctx context.Context, key string) (err error)
func (TeamService) GenerateAPIKey ¶
func (TeamService) GetAPIKeys ¶ added in v0.14.0
func (TeamService) GetAll ¶
func (ts TeamService) GetAll(ctx context.Context, po PageOptions) (p Page[Team], err error)
func (TeamService) UpdateAPIKeyComment ¶ added in v0.14.0
type UserService ¶
type UserService struct {
// contains filtered or unexported fields
}
func (UserService) ForceChangePassword ¶
func (us UserService) ForceChangePassword(ctx context.Context, username, password, newPassword string) (err error)
type VEXService ¶
type VEXService struct {
// contains filtered or unexported fields
}
func (VEXService) ExportCycloneDX ¶
func (VEXService) Upload ¶
func (vs VEXService) Upload(ctx context.Context, uploadReq VEXUploadRequest) (err error)
type VEXUploadRequest ¶
type ViolationAnalysis ¶
type ViolationAnalysis struct {
Comments []ViolationAnalysisComment `json:"analysisComments"`
State ViolationAnalysisState `json:"analysisState"`
Suppressed bool `json:"isSuppressed"`
}
type ViolationAnalysisService ¶
type ViolationAnalysisService struct {
// contains filtered or unexported fields
}
func (ViolationAnalysisService) Get ¶
func (vas ViolationAnalysisService) Get(ctx context.Context, componentUUID, policyViolationUUID uuid.UUID) (va ViolationAnalysis, err error)
func (ViolationAnalysisService) Update ¶
func (vas ViolationAnalysisService) Update(ctx context.Context, analysisReq ViolationAnalysisRequest) (va ViolationAnalysis, err error)
type ViolationAnalysisState ¶
type ViolationAnalysisState string
const ( ViolationAnalysisStateNotSet ViolationAnalysisState = "NOT_SET" ViolationAnalysisStateApproved ViolationAnalysisState = "APPROVED" ViolationAnalysisStateRejected ViolationAnalysisState = "REJECTED" )
type Vulnerability ¶
type Vulnerability struct {
UUID uuid.UUID `json:"uuid"`
VulnID string `json:"vulnId"`
Source string `json:"source"`
Aliases []VulnerabilityAlias `json:"aliases"`
Title string `json:"title"`
SubTitle string `json:"subTitle"`
Description string `json:"description"`
Recommendation string `json:"recommendation"`
References string `json:"references"`
Credits string `json:"credits"`
Created string `json:"created"`
Published string `json:"published"`
Updated string `json:"updated"`
CWE CWE `json:"cwe"`
CWEs []CWE `json:"cwes"`
CVSSV2BaseScore float64 `json:"cvssV2BaseScore"`
CVSSV2ImpactSubScore float64 `json:"cvssV2ImpactSubScore"`
CVSSV2ExploitabilitySubScore float64 `json:"cvssV2ExploitabilitySubScore"`
CVSSV2Vector string `json:"cvssV2Vector"`
CVSSV3BaseScore float64 `json:"cvssV3BaseScore"`
CVSSV3ImpactSubScore float64 `json:"cvssV3ImpactSubScore"`
CVSSV3ExploitabilitySubScore float64 `json:"cvssV3ExploitabilitySubScore"`
CVSSV3Vector string `json:"cvssV3Vector"`
OWASPRRBusinessImpactScore float64 `json:"owaspRRBusinessImpactScore"`
OWASPRRLikelihoodScore float64 `json:"owaspRRLikelihoodScore"`
OWASPRRTechnicalImpactScore float64 `json:"owaspRRTechnicalImpactScore"`
OWASPRRVector string `json:"owaspRRVector"`
Severity string `json:"severity"`
EPSSScore float64 `json:"epssScore"`
EPSSPercentile float64 `json:"epssPercentile"`
VulnerableVersions string `json:"vulnerableVersions"`
PatchedVersions string `json:"patchedVersions"`
Components *[]Component `json:"components,omitempty"`
}
type VulnerabilityAlias ¶ added in v0.9.0
type VulnerabilityAlias struct {
CveID string `json:"cveId"` // ID of the vuln in the NVD
GhsaID string `json:"ghsaId"` // ID of the vuln in GitHub
GsdID string `json:"gsdId"` // ID of the vuln in the GSD
InternalID string `json:"internalId"` // ID of the vuln in DT's internal database
OsvID string `json:"osvId"` // ID of the vuln in OSV
SonatypeId string `json:"sonatypeId"` // ID of the vuln in Sonatype's database
SnykID string `json:"snykId"` // ID of the vuln in Snyk's database
VulnDbID string `json:"vulnDbId"` // ID of the vuln in VulnDB
}
type VulnerabilityService ¶
type VulnerabilityService struct {
// contains filtered or unexported fields
}
func (VulnerabilityService) Get ¶
func (vs VulnerabilityService) Get(ctx context.Context, vulnUUID uuid.UUID) (v Vulnerability, err error)
func (VulnerabilityService) GetAllForComponent ¶
func (vs VulnerabilityService) GetAllForComponent(ctx context.Context, componentUUID uuid.UUID, suppressed bool, po PageOptions) (p Page[Vulnerability], err error)
func (VulnerabilityService) GetAllForProject ¶
func (vs VulnerabilityService) GetAllForProject(ctx context.Context, projectUUID uuid.UUID, suppressed bool, po PageOptions) (p Page[Vulnerability], err error)
Source Files
¶
- about.go
- analysis.go
- auth.go
- bom.go
- client.go
- component.go
- error.go
- event.go
- finding.go
- license.go
- metrics.go
- oidc.go
- permission.go
- policy.go
- policy_condition.go
- policy_violation.go
- policy_violation_analysis.go
- project.go
- project_property.go
- repository.go
- tag.go
- team.go
- user.go
- util.go
- vex.go
- vulnerability.go
Directories
¶
| Path | Synopsis |
|---|---|
|
Package notification provides the functionality to process notifications sent by Dependency-Track.
|
Package notification provides the functionality to process notifications sent by Dependency-Track. |
Click to show internal directories.
Click to hide internal directories.