library

package

v0.15.0 Latest Latest Go to latest Published: Dec 21, 2020 License: Apache-2.0 Imports: 21 Imported by: 3

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aquasecurity/trivy

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type Advisory
- func NewAdvisory(ecosystem string, comparer comparer.Comparer) *Advisory
- func (s *Advisory) DetectVulnerabilities(pkgName, pkgVer string) ([]types.DetectedVulnerability, error)
type Detector
- func NewDetector(factory Factory) Detector
- func (d Detector) Detect(_, filePath string, _ time.Time, pkgs []ftypes.LibraryInfo) ([]types.DetectedVulnerability, error)
type Driver
- func NewDriver(advisories ...advisory) Driver
- func (d *Driver) Detect(pkgName string, pkgVer string) ([]types.DetectedVulnerability, error)
- func (d *Driver) Type() string
type DriverFactory
- func (d DriverFactory) NewDriver(filename string) (Driver, error)
type Factory
type MockOperation
type Operation
type OperationDetectArgs
type OperationDetectExpectation
type OperationDetectReturns

Constants ¶

This section is empty.

Variables ¶

View Source

var SuperSet = wire.NewSet(
	wire.Struct(new(DriverFactory)),
	wire.Bind(new(Factory), new(DriverFactory)),
	NewDetector,
	wire.Bind(new(Operation), new(Detector)),
)

SuperSet binds the dependencies for library scan

Functions ¶

This section is empty.

Types ¶

type Advisory ¶ added in v0.11.0

type Advisory struct {
	// contains filtered or unexported fields
}

Advisory represents security advisories for each programming language

func NewAdvisory ¶ added in v0.11.0

func NewAdvisory(ecosystem string, comparer comparer.Comparer) *Advisory

NewAdvisory is the factory method of Advisory

func (*Advisory) DetectVulnerabilities ¶ added in v0.11.0

func (s *Advisory) DetectVulnerabilities(pkgName, pkgVer string) ([]types.DetectedVulnerability, error)

DetectVulnerabilities scans buckets with the prefix according to the ecosystem in "Advisory". If "ecosystem" is pip, it looks for buckets with "pip::" and gets security advisories from those buckets. It allows us to add a new data source with the ecosystem prefix (e.g. pip::new-data-source) and detect vulnerabilities without specifying a specific bucket name.

type Detector ¶

type Detector struct {
	// contains filtered or unexported fields
}

Detector implements driverFactory

func NewDetector ¶

func NewDetector(factory Factory) Detector

NewDetector is the factory method for detector

func (Detector) Detect ¶

func (d Detector) Detect(_, filePath string, _ time.Time, pkgs []ftypes.LibraryInfo) ([]types.DetectedVulnerability, error)

Detect scans and returns vulnerabilities of library

type Driver ¶

type Driver struct {
	// contains filtered or unexported fields
}

Driver implements the advisory

func NewDriver ¶ added in v0.9.0

func NewDriver(advisories ...advisory) Driver

NewDriver is the factory method from drier

func (*Driver) Detect ¶

func (d *Driver) Detect(pkgName string, pkgVer string) ([]types.DetectedVulnerability, error)

Detect scans and returns vulnerabilities

func (*Driver) Type ¶

func (d *Driver) Type() string

Type returns the driver ecosystem

type DriverFactory ¶

type DriverFactory struct{}

DriverFactory implements Factory

func (DriverFactory) NewDriver ¶

func (d DriverFactory) NewDriver(filename string) (Driver, error)

NewDriver factory method for driver

type Factory ¶

type Factory interface {
	NewDriver(filename string) (Driver, error)
}

Factory defines library operations

type MockOperation ¶ added in v0.5.0

type MockOperation struct {
	mock.Mock
}

MockOperation is an autogenerated mock type for the Operation type

func (*MockOperation) ApplyDetectExpectation ¶ added in v0.5.0

func (_m *MockOperation) ApplyDetectExpectation(e OperationDetectExpectation)

func (*MockOperation) ApplyDetectExpectations ¶ added in v0.5.0

func (_m *MockOperation) ApplyDetectExpectations(expectations []OperationDetectExpectation)

func (*MockOperation) Detect ¶ added in v0.5.0

func (_m *MockOperation) Detect(imageName string, filePath string, created time.Time, pkgs []types.LibraryInfo) ([]pkgtypes.DetectedVulnerability, error)

Detect provides a mock function with given fields: imageName, filePath, created, pkgs

type Operation ¶

type Operation interface {
	Detect(imageName string, filePath string, created time.Time, pkgs []ftypes.LibraryInfo) (vulns []types.DetectedVulnerability, err error)
}

Operation defines library scan operations

type OperationDetectArgs ¶ added in v0.5.0

type OperationDetectArgs struct {
	ImageName         string
	ImageNameAnything bool
	FilePath          string
	FilePathAnything  bool
	Created           time.Time
	CreatedAnything   bool
	Pkgs              []types.LibraryInfo
	PkgsAnything      bool
}

type OperationDetectExpectation ¶ added in v0.5.0

type OperationDetectExpectation struct {
	Args    OperationDetectArgs
	Returns OperationDetectReturns
}

type OperationDetectReturns ¶ added in v0.5.0

type OperationDetectReturns struct {
	Vulns []pkgtypes.DetectedVulnerability
	Err   error
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
bundler
cargo
comparer
composer
ghsa
node
python

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL