models

package
v0.28.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 22, 2021 License: Apache-2.0 Imports: 12 Imported by: 29

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateAnalysis

func GenerateAnalysis(t *testing.T) (match.Matches, []pkg.Package, pkg.Context, vulnerability.MetadataProvider, interface{}, interface{})

Types

type Advisory added in v0.13.0

type Advisory struct {
	ID   string `json:"id"`
	Link string `json:"link"`
}

type Cvss

type Cvss struct {
	Version        string      `json:"version"`
	Vector         string      `json:"vector"`
	Metrics        CvssMetrics `json:"metrics"`
	VendorMetadata interface{} `json:"vendorMetadata"`
}

func NewCVSS added in v0.13.0

func NewCVSS(metadata *vulnerability.Metadata) []Cvss

type CvssMetrics added in v0.13.0

type CvssMetrics struct {
	BaseScore           float64  `json:"baseScore"`
	ExploitabilityScore *float64 `json:"exploitabilityScore,omitempty"`
	ImpactScore         *float64 `json:"impactScore,omitempty"`
}

type Document

type Document struct {
	Matches        []Match        `json:"matches"`
	IgnoredMatches []IgnoredMatch `json:"ignoredMatches,omitempty"`
	Source         *source        `json:"source"`
	Distro         distribution   `json:"distro"`
	Descriptor     descriptor     `json:"descriptor"`
}

Document represents the JSON document to be presented

func NewDocument

func NewDocument(packages []pkg.Package, context pkg.Context, matches match.Matches, ignoredMatches []match.IgnoredMatch, metadataProvider vulnerability.MetadataProvider, appConfig interface{}, dbStatus interface{}) (Document, error)

NewDocument creates and populates a new Document struct, representing the populated JSON document.

type Fix added in v0.13.0

type Fix struct {
	Versions []string `json:"versions"`
	State    string   `json:"state"`
}

type IgnoreRule added in v0.21.1

type IgnoreRule struct {
	Vulnerability string             `json:"vulnerability,omitempty"`
	FixState      string             `json:"fix-state,omitempty"`
	Package       *IgnoreRulePackage `json:"package,omitempty"`
}

type IgnoreRulePackage added in v0.21.1

type IgnoreRulePackage struct {
	Name     string `json:"name,omitempty"`
	Version  string `json:"version,omitempty"`
	Type     string `json:"type,omitempty"`
	Location string `json:"location,omitempty"`
}

type IgnoredMatch added in v0.21.1

type IgnoredMatch struct {
	Match
	AppliedIgnoreRules []IgnoreRule `json:"appliedIgnoreRules"`
}

type Match

type Match struct {
	Vulnerability          Vulnerability           `json:"vulnerability"`
	RelatedVulnerabilities []VulnerabilityMetadata `json:"relatedVulnerabilities"`
	MatchDetails           []MatchDetails          `json:"matchDetails"`
	Artifact               Package                 `json:"artifact"`
}

Match is a single item for the JSON array reported

type MatchDetails

type MatchDetails struct {
	Matcher    string      `json:"matcher"`
	SearchedBy interface{} `json:"searchedBy"`
	Found      interface{} `json:"found"`
}

MatchDetails contains all data that indicates how the result match was found

type MetadataMock

type MetadataMock struct {
	// contains filtered or unexported fields
}

MetadataMock provides the behavior required for a vulnerability.MetadataProvider for the purpose of testing.

func NewMetadataMock

func NewMetadataMock() *MetadataMock

NewMetadataMock returns a new instance of MetadataMock.

func (*MetadataMock) GetMetadata

func (m *MetadataMock) GetMetadata(id, namespace string) (*vulnerability.Metadata, error)

GetMetadata returns vulnerability metadata for a given id and recordSource.

type MockVendorMetadata added in v0.13.0

type MockVendorMetadata struct {
	BaseSeverity string
	Status       string
}

type Package

type Package struct {
	Name      string                   `json:"name"`
	Version   string                   `json:"version"`
	Type      syftPkg.Type             `json:"type"`
	Locations []syftSource.Coordinates `json:"locations"`
	Language  syftPkg.Language         `json:"language"`
	Licenses  []string                 `json:"licenses"`
	CPEs      []string                 `json:"cpes"`
	PURL      string                   `json:"purl"`
	Metadata  interface{}              `json:"metadata"`
}

Package is meant to be only the fields that are needed when displaying a single pkg.Package object for the JSON presenter.

type Vulnerability

type Vulnerability struct {
	VulnerabilityMetadata
	Fix        Fix        `json:"fix"`
	Advisories []Advisory `json:"advisories"`
}

func NewVulnerability

func NewVulnerability(vuln vulnerability.Vulnerability, metadata *vulnerability.Metadata) Vulnerability

type VulnerabilityMetadata added in v0.13.0

type VulnerabilityMetadata struct {
	ID          string   `json:"id"`
	DataSource  string   `json:"dataSource"`
	Namespace   string   `json:"namespace,omitempty"`
	Severity    string   `json:"severity,omitempty"`
	URLs        []string `json:"urls"`
	Description string   `json:"description,omitempty"`
	Cvss        []Cvss   `json:"cvss"`
}

func NewVulnerabilityMetadata added in v0.13.0

func NewVulnerabilityMetadata(id, namespace string, metadata *vulnerability.Metadata) VulnerabilityMetadata

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL