models

package
v0.33.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 26, 2022 License: Apache-2.0 Imports: 15 Imported by: 29

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateAnalysis 

func GenerateAnalysis(t *testing.T) (match.Matches, []pkg.Package, pkg.Context, vulnerability.MetadataProvider, interface{}, interface{})

Types

type Advisory added in v0.13.0 

type Advisory struct {
	ID   string `json:"id"`
	Link string `json:"link"`
}

type Cvss 

type Cvss struct {
	Version        string      `json:"version"`
	Vector         string      `json:"vector"`
	Metrics        CvssMetrics `json:"metrics"`
	VendorMetadata interface{} `json:"vendorMetadata"`
}

func NewCVSS added in v0.13.0 

func NewCVSS(metadata *vulnerability.Metadata) []Cvss

type CvssMetrics added in v0.13.0 

type CvssMetrics struct {
	BaseScore           float64  `json:"baseScore"`
	ExploitabilityScore *float64 `json:"exploitabilityScore,omitempty"`
	ImpactScore         *float64 `json:"impactScore,omitempty"`
}

type Document 

type Document struct {
	Matches        []Match        `json:"matches"`
	IgnoredMatches []IgnoredMatch `json:"ignoredMatches,omitempty"`
	Source         *source        `json:"source"`
	Distro         distribution   `json:"distro"`
	Descriptor     descriptor     `json:"descriptor"`
}

Document represents the JSON document to be presented

func NewDocument 

func NewDocument(packages []pkg.Package, context pkg.Context, matches match.Matches, ignoredMatches []match.IgnoredMatch, metadataProvider vulnerability.MetadataProvider, appConfig interface{}, dbStatus interface{}) (Document, error)

NewDocument creates and populates a new Document struct, representing the populated JSON document.

type Fix added in v0.13.0 

type Fix struct {
	Versions []string `json:"versions"`
	State    string   `json:"state"`
}

type IgnoreRule added in v0.21.1 

type IgnoreRule struct {
	Vulnerability string             `json:"vulnerability,omitempty"`
	FixState      string             `json:"fix-state,omitempty"`
	Package       *IgnoreRulePackage `json:"package,omitempty"`
}

type IgnoreRulePackage added in v0.21.1 

type IgnoreRulePackage struct {
	Name     string `json:"name,omitempty"`
	Version  string `json:"version,omitempty"`
	Type     string `json:"type,omitempty"`
	Location string `json:"location,omitempty"`
}

type IgnoredMatch added in v0.21.1 

type IgnoredMatch struct {
	Match
	AppliedIgnoreRules []IgnoreRule `json:"appliedIgnoreRules"`
}

type Match 

type Match struct {
	Vulnerability          Vulnerability           `json:"vulnerability"`
	RelatedVulnerabilities []VulnerabilityMetadata `json:"relatedVulnerabilities"`
	MatchDetails           []MatchDetails          `json:"matchDetails"`
	Artifact               Package                 `json:"artifact"`
}

Match is a single item for the JSON array reported

type MatchDetails 

type MatchDetails struct {
	Type       string      `json:"type"`
	Matcher    string      `json:"matcher"`
	SearchedBy interface{} `json:"searchedBy"`
	Found      interface{} `json:"found"`
}

MatchDetails contains all data that indicates how the result match was found

type MetadataMock 

type MetadataMock struct {
	// contains filtered or unexported fields
}

MetadataMock provides the behavior required for a vulnerability.MetadataProvider for the purpose of testing.

func NewMetadataMock 

func NewMetadataMock() *MetadataMock

NewMetadataMock returns a new instance of MetadataMock.

func (*MetadataMock) GetMetadata 

func (m *MetadataMock) GetMetadata(id, namespace string) (*vulnerability.Metadata, error)

GetMetadata returns vulnerability metadata for a given id and recordSource.

type MockVendorMetadata added in v0.13.0 

type MockVendorMetadata struct {
	BaseSeverity string
	Status       string
}

type Package 

type Package struct {
	Name         string                   `json:"name"`
	Version      string                   `json:"version"`
	Type         syftPkg.Type             `json:"type"`
	Locations    []syftSource.Coordinates `json:"locations"`
	Language     syftPkg.Language         `json:"language"`
	Licenses     []string                 `json:"licenses"`
	CPEs         []string                 `json:"cpes"`
	PURL         string                   `json:"purl"`
	Upstreams    []UpstreamPackage        `json:"upstreams"`
	MetadataType pkg.MetadataType         `json:"metadataType,omitempty"`
	Metadata     interface{}              `json:"metadata,omitempty"`
}

Package is meant to be only the fields that are needed when displaying a single pkg.Package object for the JSON presenter.

type UpstreamPackage added in v0.33.0 

type UpstreamPackage struct {
	Name    string `json:"name"`
	Version string `json:"version,omitempty"`
}

type Vulnerability 

type Vulnerability struct {
	VulnerabilityMetadata
	Fix        Fix        `json:"fix"`
	Advisories []Advisory `json:"advisories"`
}

func NewVulnerability 

func NewVulnerability(vuln vulnerability.Vulnerability, metadata *vulnerability.Metadata) Vulnerability

type VulnerabilityMetadata added in v0.13.0 

type VulnerabilityMetadata struct {
	ID          string   `json:"id"`
	DataSource  string   `json:"dataSource"`
	Namespace   string   `json:"namespace,omitempty"`
	Severity    string   `json:"severity,omitempty"`
	URLs        []string `json:"urls"`
	Description string   `json:"description,omitempty"`
	Cvss        []Cvss   `json:"cvss"`
}

func NewVulnerabilityMetadata added in v0.13.0 

func NewVulnerabilityMetadata(id, namespace string, metadata *vulnerability.Metadata) VulnerabilityMetadata

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.