Documentation ¶
Index ¶
- Constants
- type Closer
- type Config
- type Curator
- func (c *Curator) Delete() error
- func (c *Curator) GetStore() (grypeDB.StoreReader, grypeDB.DBCloser, error)
- func (c *Curator) ImportFrom(dbArchivePath string) error
- func (c *Curator) IsUpdateAvailable() (bool, *Metadata, *ListingEntry, error)
- func (c Curator) ListingFromURL() (Listing, error)
- func (c *Curator) Status() Status
- func (c Curator) SupportedSchema() int
- func (c *Curator) Update() (bool, error)
- func (c *Curator) UpdateTo(listing *ListingEntry, downloadProgress, importProgress *progress.Manual, ...) error
- func (c *Curator) Validate() error
- type Listing
- type ListingEntry
- type ListingEntryJSON
- type MatchExclusionProvider
- type Metadata
- type MetadataJSON
- type Provider
- type Status
- type VulnerabilityMetadataProvider
- type VulnerabilityProvider
- func (pr *VulnerabilityProvider) Get(id, namespace string) ([]vulnerability.Vulnerability, error)
- func (pr *VulnerabilityProvider) GetByCPE(requestCPE cpe.CPE) ([]vulnerability.Vulnerability, error)
- func (pr *VulnerabilityProvider) GetByDistro(d *distro.Distro, p pkg.Package) ([]vulnerability.Vulnerability, error)
- func (pr *VulnerabilityProvider) GetByLanguage(l syftPkg.Language, p pkg.Package) ([]vulnerability.Vulnerability, error)
Constants ¶
const (
FileName = grypeDB.VulnerabilityStoreFileName
)
const ListingFileName = "listing.json"
const MetadataFileName = "metadata.json"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Closer ¶ added in v0.43.0
Closer lets receiver close the db connection and free any allocated db resources. It's especially useful if vulnerability DB loaded repeatedly during some periodic SBOM scanning process.
type Curator ¶
type Curator struct {
// contains filtered or unexported fields
}
func NewCurator ¶
func (*Curator) ImportFrom ¶
ImportFrom takes a DB archive file and imports it into the final DB location.
func (*Curator) IsUpdateAvailable ¶
func (c *Curator) IsUpdateAvailable() (bool, *Metadata, *ListingEntry, error)
IsUpdateAvailable indicates if there is a new update available as a boolean, and returns the latest listing information available for this schema.
func (Curator) ListingFromURL ¶ added in v0.26.0
ListingFromURL loads a Listing from a URL.
func (Curator) SupportedSchema ¶ added in v0.26.0
func (*Curator) UpdateTo ¶
func (c *Curator) UpdateTo(listing *ListingEntry, downloadProgress, importProgress *progress.Manual, stage *progress.AtomicStage) error
UpdateTo updates the existing DB with the specific other version provided from a listing entry.
type Listing ¶ added in v0.32.0
type Listing struct {
Available map[int][]ListingEntry `json:"available"`
}
Listing represents the json file which is served up and made available for applications to download and consume one or more vulnerability db flat files.
func NewListing ¶ added in v0.32.0
func NewListing(entries ...ListingEntry) Listing
NewListing creates a listing from one or more given ListingEntries.
func NewListingFromFile ¶ added in v0.32.0
NewListingFromFile loads a Listing from a given filepath.
func (*Listing) BestUpdate ¶ added in v0.32.0
func (l *Listing) BestUpdate(targetSchema int) *ListingEntry
BestUpdate returns the ListingEntry from a Listing that meets the given version constraints.
type ListingEntry ¶ added in v0.32.0
ListingEntry represents basic metadata about a database archive such as what is in the archive (built/version) as well as how to obtain and verify the archive (URL/checksum).
func NewListingEntryFromArchive ¶ added in v0.32.0
func NewListingEntryFromArchive(fs afero.Fs, metadata Metadata, dbArchivePath string, baseURL *url.URL) (ListingEntry, error)
NewListingEntryFromArchive creates a new ListingEntry based on the metadata from a database flat file.
func (*ListingEntry) MarshalJSON ¶ added in v0.32.0
func (l *ListingEntry) MarshalJSON() ([]byte, error)
func (ListingEntry) String ¶ added in v0.32.0
func (l ListingEntry) String() string
func (*ListingEntry) UnmarshalJSON ¶ added in v0.32.0
func (l *ListingEntry) UnmarshalJSON(data []byte) error
type ListingEntryJSON ¶ added in v0.32.0
type ListingEntryJSON struct { Built string `json:"built"` Version int `json:"version"` URL string `json:"url"` Checksum string `json:"checksum"` }
ListingEntryJSON is a helper struct for converting a ListingEntry into JSON (or parsing from JSON)
func (ListingEntryJSON) ToListingEntry ¶ added in v0.32.0
func (l ListingEntryJSON) ToListingEntry() (ListingEntry, error)
ToListingEntry converts a ListingEntryJSON to a ListingEntry.
type MatchExclusionProvider ¶ added in v0.41.0
type MatchExclusionProvider struct {
// contains filtered or unexported fields
}
func NewMatchExclusionProvider ¶ added in v0.41.0
func NewMatchExclusionProvider(reader grypeDB.VulnerabilityMatchExclusionStoreReader) *MatchExclusionProvider
func (*MatchExclusionProvider) GetRules ¶ added in v0.41.0
func (pr *MatchExclusionProvider) GetRules(vulnerabilityID string) ([]match.IgnoreRule, error)
type Metadata ¶ added in v0.32.0
Metadata represents the basic identifying information of a database flat file (built/version) and a way to verify the contents (checksum).
func NewMetadataFromDir ¶ added in v0.32.0
NewMetadataFromDir generates a Metadata object from a directory containing a vulnerability.db flat file.
func (*Metadata) IsSupersededBy ¶ added in v0.32.0
func (m *Metadata) IsSupersededBy(entry *ListingEntry) bool
IsSupersededBy takes a ListingEntry and determines if the entry candidate is newer than what is hinted at in the current Metadata object.
func (*Metadata) UnmarshalJSON ¶ added in v0.32.0
type MetadataJSON ¶ added in v0.32.0
type MetadataJSON struct { Built string `json:"built"` // RFC 3339 Version int `json:"version"` Checksum string `json:"checksum"` Providers []Provider `json:"providers,omitempty"` }
MetadataJSON is a helper struct for parsing and assembling Metadata objects to and from JSON.
func (MetadataJSON) ToMetadata ¶ added in v0.32.0
func (m MetadataJSON) ToMetadata() (Metadata, error)
ToMetadata converts a MetadataJSON object to a Metadata object.
type VulnerabilityMetadataProvider ¶ added in v0.32.0
type VulnerabilityMetadataProvider struct {
// contains filtered or unexported fields
}
func NewVulnerabilityMetadataProvider ¶ added in v0.32.0
func NewVulnerabilityMetadataProvider(reader grypeDB.VulnerabilityMetadataStoreReader) *VulnerabilityMetadataProvider
func (*VulnerabilityMetadataProvider) GetMetadata ¶ added in v0.32.0
func (pr *VulnerabilityMetadataProvider) GetMetadata(id, namespace string) (*vulnerability.Metadata, error)
type VulnerabilityProvider ¶ added in v0.32.0
type VulnerabilityProvider struct {
// contains filtered or unexported fields
}
func NewVulnerabilityProvider ¶ added in v0.32.0
func NewVulnerabilityProvider(reader grypeDB.VulnerabilityStoreReader) (*VulnerabilityProvider, error)
func (*VulnerabilityProvider) Get ¶ added in v0.54.0
func (pr *VulnerabilityProvider) Get(id, namespace string) ([]vulnerability.Vulnerability, error)
func (*VulnerabilityProvider) GetByCPE ¶ added in v0.32.0
func (pr *VulnerabilityProvider) GetByCPE(requestCPE cpe.CPE) ([]vulnerability.Vulnerability, error)
func (*VulnerabilityProvider) GetByDistro ¶ added in v0.32.0
func (pr *VulnerabilityProvider) GetByDistro(d *distro.Distro, p pkg.Package) ([]vulnerability.Vulnerability, error)
func (*VulnerabilityProvider) GetByLanguage ¶ added in v0.32.0
func (pr *VulnerabilityProvider) GetByLanguage(l syftPkg.Language, p pkg.Package) ([]vulnerability.Vulnerability, error)