Documentation ¶
Index ¶
- func New(pom string, opts Opts) api.DependencyManager
- type CVSSv2
- type CVSSv3
- type Dependency
- type Maven
- func (m Maven) DependencyTree() (api.DependencyTree, error)
- func (m Maven) IsMultiModules() (bool, error)
- func (m Maven) StageUpdate() error
- func (m Maven) SubModule(moduleGAV string) (api.DependencyManager, error)
- func (m Maven) UpdateDependency(dep api.DependencyTreeNode) (string, error)
- func (m Maven) Verify() (api.TestReport, error)
- type Opts
- type Vulnerability
- type VulnerabilityReport
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type CVSSv2 ¶
type CVSSv2 struct { ConfidentialImpact string `json:"confidentialImpact"` Severity string `json:"severity"` Score float64 `json:"score"` ExploitabilityScore string `json:"exploitabilityScore"` AccessComplexity string `json:"accessComplexity"` AvailabilityImpact string `json:"availabilityImpact"` IntegrityImpact string `json:"integrityImpact"` ImpactScore string `json:"impactScore"` Version string `json:"version"` AccessVector string `json:"accessVector"` Authenticationr string `json:"authenticationr"` }
type CVSSv3 ¶
type CVSSv3 struct { ExploitabilityScore string `json:"exploitabilityScore"` AvailabilityImpact string `json:"availabilityImpact"` BaseScore float64 `json:"baseScore"` PrivilegesRequired string `json:"privilegesRequired"` UserInteraction string `json:"userInteraction"` Version string `json:"version"` BaseSeverity string `json:"baseSeverity"` ConfidentialityImpact string `json:"confidentialityImpact"` AttackComplexity string `json:"attackComplexity"` Scope string `json:"scope"` AttackVector string `json:"attackVector"` IntegrityImpact string `json:"integrityImpact"` ImpactScore string `json:"impactScore"` }
type Dependency ¶
type Dependency struct { Sha1 string `json:"sha1"` FileName string `json:"fileName"` ProjectReferences []string `json:"projectReferences"` Sha256 string `json:"sha256"` VulnerabilityIDs []struct { Confidence string `json:"confidence"` ID string `json:"id"` Url string `json:"url"` } `json:"vulnerabilityIds"` FilePath string `json:"filePath"` Description string `json:"description"` Vulnerabilities []Vulnerability `json:"vulnerabilities"` IsVirtual bool `json:"isVirtual"` EvidenceCollected struct { ProductEvidence []struct { Confidence string `json:"confidence"` Name string `json:"name"` Source string `json:"source"` Type string `json:"type"` Value string `json:"value"` } `json:"productEvidence"` VendorEvidence []struct { Confidence string `json:"confidence"` Name string `json:"name"` Source string `json:"source"` Type string `json:"type"` Value string `json:"value"` } `json:"vendorEvidence"` VersionEvidence []struct { Confidence string `json:"confidence"` Name string `json:"name"` Source string `json:"source"` Type string `json:"type"` Value string `json:"value"` } `json:"versionEvidence"` } `json:"evidenceCollected"` Packages []struct { Confidence string `json:"confidence"` ID string `json:"id"` Url string `json:"url"` } `json:"packages"` Md5 string `json:"md5"` }
type Maven ¶ added in v0.3.5
type Maven struct { POM string // contains filtered or unexported fields }
func (Maven) DependencyTree ¶ added in v0.3.5
func (m Maven) DependencyTree() (api.DependencyTree, error)
func (Maven) IsMultiModules ¶ added in v0.4.0
func (Maven) StageUpdate ¶ added in v0.3.5
func (Maven) SubModule ¶ added in v0.4.0
func (m Maven) SubModule(moduleGAV string) (api.DependencyManager, error)
func (Maven) UpdateDependency ¶ added in v0.3.5
func (m Maven) UpdateDependency(dep api.DependencyTreeNode) (string, error)
type Opts ¶
type Opts struct { Output io.WriteCloser DependencyCheckProps []string }
type Vulnerability ¶
type Vulnerability struct { Severity string `json:"severity"` Notes string `json:"notes"` References []struct { Name string `json:"name"` Source string `json:"source"` Url string `json:"url"` } `json:"references"` Name string `json:"name"` Description string `json:"description"` Source string `json:"source"` Cvssv2 CVSSv2 `json:"cvssv2"` Cvssv3 CVSSv3 `json:"cvssv3"` Cwes []string `json:"cwes"` VulnerableSoftware []struct { Software struct { VersionEndIncluding string `json:"versionEndIncluding"` ID string `json:"id"` VulnerabilityIDMatched string `json:"vulnerabilityIdMatched"` } `json:"software"` } `json:"vulnerableSoftware"` }
type VulnerabilityReport ¶
type VulnerabilityReport struct { ProjectInfo struct { ReportDate string `json:"reportDate"` //Credits struct { // RETIREJS string `json:"RETIREJS"` // NPM string `json:"NPM"` // NVD string `json:"NVD"` // OSSINDEX string `json:"OSSINDEX"` //} `json:"credits"` GroupID string `json:"groupID"` Name string `json:"name"` ArtifactID string `json:"artifactID"` Version string `json:"version"` } `json:"projectInfo"` ReportSchema string `json:"reportSchema"` ScanInfo struct { EngineVersion string `json:"engineVersion"` DataSource []struct { Name string `json:"name"` Timestamp string `json:"timestamp"` } `json:"dataSource"` } `json:"scanInfo"` Dependencies []Dependency `json:"dependencies"` }
func (*VulnerabilityReport) HighOrCritical ¶
func (vr *VulnerabilityReport) HighOrCritical() []Dependency
HighOrCritical returns Dependency with CVSS score greater or equal to 7.0 (HIGH-CRITICAL)
Click to show internal directories.
Click to hide internal directories.