vulnerability

package

v1.0.20 Latest Latest Go to latest Published: Nov 26, 2021 License: Apache-2.0 Imports: 6 Imported by: 3

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/ZupIT/horusec-devkit

Links

Open Source Insights

Documentation ¶

Index ¶

type Vulnerability

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Vulnerability ¶

type Vulnerability struct {
	VulnerabilityID uuid.UUID             `json:"vulnerabilityID" gorm:"Column:vulnerability_id" example:"00000000-0000-0000-0000-000000000000"`
	Line            string                `json:"line" gorm:"Column:line" example:"1"`
	Column          string                `json:"column" gorm:"Column:column" example:"1"`
	Confidence      confidence.Confidence `json:"confidence" gorm:"Column:confidence" example:"HIGH" enums:"HIGH,MEDIUM,LOW"`
	File            string                `json:"file" gorm:"Column:file" example:"/deployments/cert.pem"`
	Code            string                `json:"code" gorm:"Column:code" example:"-----BEGIN RSA PRIVATE KEY-----"`
	Details         string                `` /* 374-byte string literal not displayed */
	SecurityTool    tools.Tool            `` /* 239-byte string literal not displayed */
	Language        languages.Language    `` /* 172-byte string literal not displayed */
	Severity        severities.Severity   `json:"severity" gorm:"Column:severity" example:"CRITICAL" enums:"CRITICAL, HIGH, MEDIUM, LOW, INFO"`
	Type            vulnerability.Type    `json:"type" gorm:"Column:type" example:"Vulnerability" enums:"Vulnerability, Risk Accepted, False Positive, Corrected"`
	CommitAuthor    string                `json:"commitAuthor" gorm:"Column:commit_author" example:"horusec"`
	CommitEmail     string                `json:"commitEmail" gorm:"Column:commit_email" example:"horusec@zup.com.br"`
	CommitHash      string                `json:"commitHash" gorm:"Column:commit_hash" example:"a21fa164c00a15f3e91f5ee6659cb6a793b39a8d"`
	CommitMessage   string                `json:"commitMessage" gorm:"Column:commit_message" example:"Initial commit"`
	CommitDate      string                `json:"commitDate" gorm:"Column:commit_date" example:"2021-12-30"`

	// RuleID is the rule id used to generate Vulnerability.
	// This field can bem empty if Vulnerability was not generated from horusec-engine.
	RuleID string `json:"-" gorm:"-" swaggerignore:"true"`

	// VulnHash is the vulnerability hash
	VulnHash string `json:"vulnHash" gorm:"Column:vuln_hash" example:"8bcac7908eb950419537b91e19adc83ce2c9cbfdacf4f81157fdadfec11f7017"`

	// VulnHashInvalid is a breaking change version of VulnHash. On version v2.6.0 we introduce a bug
	// that generate different hashes which cause a breaking change. Since some users update their
	// false positive/risk accept hashes to new version and some users not we need to check both of
	// them to ignore.
	//
	// NOTE: This field should **only** be used to compare false positive and risk accept hashes from
	// config file on cli, other cases should use VulnHash.
	//
	// For more info see https://github.com/ZupIT/horusec/issues/680
	VulnHashInvalid string `json:"-" gorm:"-" swaggerignore:"true"`
}

func (*Vulnerability) GenerateID ¶

func (v *Vulnerability) GenerateID()

func (*Vulnerability) GetTable ¶

func (v *Vulnerability) GetTable() string

func (*Vulnerability) SetSeverity ¶

func (v *Vulnerability) SetSeverity(severity severities.Severity)

func (*Vulnerability) SetType ¶

func (v *Vulnerability) SetType(vulnType vulnerability.Type)

Source Files ¶

View all Source files

vulnerability.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL