types

package
v0.24.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 22, 2022 License: Apache-2.0 Imports: 6 Imported by: 128

Documentation

Index

Constants

View Source
const (
	ClassOSPkg   = "os-pkgs"
	ClassLangPkg = "lang-pkgs"
	ClassConfig  = "config"
)
View Source
const (
	// VulnTypeUnknown is a vulnerability type of unknown
	VulnTypeUnknown = VulnType("unknown")

	// VulnTypeOS is a vulnerability type of OS packages
	VulnTypeOS = VulnType("os")

	// VulnTypeLibrary is a vulnerability type of programming language dependencies
	VulnTypeLibrary = VulnType("library")

	// SecurityCheckUnknown is a security check of unknown
	SecurityCheckUnknown = SecurityCheck("unknown")

	// SecurityCheckVulnerability is a security check of vulnerabilities
	SecurityCheckVulnerability = SecurityCheck("vuln")

	// SecurityCheckConfig is a security check of misconfigurations
	SecurityCheckConfig = SecurityCheck("config")
)

Variables

This section is empty.

Functions

func GetDockerOption

func GetDockerOption(insecureTlsSkip bool) (types.DockerOption, error)

GetDockerOption returns the Docker scanning options using DockerConfig

Types

type BySeverity added in v0.13.0

type BySeverity []DetectedVulnerability

BySeverity implements sort.Interface based on the Severity field.

func (BySeverity) Len added in v0.13.0

func (v BySeverity) Len() int

Len returns the length of DetectedVulnerabilities

func (BySeverity) Less added in v0.13.0

func (v BySeverity) Less(i, j int) bool

Less compares 2 DetectedVulnerabilities based on package name, severity and vulnerabilityID

func (BySeverity) Swap added in v0.13.0

func (v BySeverity) Swap(i, j int)

Swap swaps 2 vulnerability

type DetectedMisconfiguration added in v0.19.0

type DetectedMisconfiguration struct {
	Type        string             `json:",omitempty"`
	ID          string             `json:",omitempty"`
	Title       string             `json:",omitempty"`
	Description string             `json:",omitempty"`
	Message     string             `json:",omitempty"`
	Namespace   string             `json:",omitempty"`
	Query       string             `json:",omitempty"`
	Resolution  string             `json:",omitempty"`
	Severity    string             `json:",omitempty"`
	PrimaryURL  string             `json:",omitempty"`
	References  []string           `json:",omitempty"`
	Status      MisconfStatus      `json:",omitempty"`
	Layer       ftypes.Layer       `json:",omitempty"`
	IacMetadata ftypes.IacMetadata `json:",omitempty"`

	// For debugging
	Traces []string `json:",omitempty"`
}

DetectedMisconfiguration holds detected misconfigurations

type DetectedVulnerability added in v0.2.0

type DetectedVulnerability struct {
	VulnerabilityID  string         `json:",omitempty"`
	VendorIDs        []string       `json:",omitempty"`
	PkgName          string         `json:",omitempty"`
	PkgPath          string         `json:",omitempty"` // It will be filled in the case of language-specific packages such as egg/wheel and gemspec
	InstalledVersion string         `json:",omitempty"`
	FixedVersion     string         `json:",omitempty"`
	Layer            ftypes.Layer   `json:",omitempty"`
	SeveritySource   types.SourceID `json:",omitempty"`
	PrimaryURL       string         `json:",omitempty"`

	// DataSource holds where the advisory comes from
	DataSource *types.DataSource `json:",omitempty"`

	// Custom is for extensibility and not supposed to be used in OSS
	Custom interface{} `json:",omitempty"`

	// Embed vulnerability details
	types.Vulnerability
}

DetectedVulnerability holds the information of detected vulnerabilities

type DockerConfig

type DockerConfig struct {
	UserName      string `env:"TRIVY_USERNAME"`
	Password      string `env:"TRIVY_PASSWORD"`
	RegistryToken string `env:"TRIVY_REGISTRY_TOKEN"`
	NonSSL        bool   `env:"TRIVY_NON_SSL" envDefault:"false"`
}

DockerConfig holds the config of Docker

type Library

type Library struct {
	Name    string
	Version string
}

Library holds the attribute of a package library

type Metadata added in v0.24.0

type Metadata struct {
	Size int64      `json:",omitempty"`
	OS   *ftypes.OS `json:",omitempty"`

	// Container image
	ImageID     string        `json:",omitempty"`
	DiffIDs     []string      `json:",omitempty"`
	RepoTags    []string      `json:",omitempty"`
	RepoDigests []string      `json:",omitempty"`
	ImageConfig v1.ConfigFile `json:",omitempty"`
}

Metadata represents a metadata of artifact

type MisconfStatus added in v0.19.0

type MisconfStatus string

MisconfStatus represents a status of misconfiguration

const (
	// StatusPassed represents successful status
	StatusPassed MisconfStatus = "PASS"

	// StatusFailure represents failure status
	StatusFailure MisconfStatus = "FAIL"

	// StatusException Passed represents the status of exception
	StatusException MisconfStatus = "EXCEPTION"
)

type MisconfSummary added in v0.24.0

type MisconfSummary struct {
	Successes  int
	Failures   int
	Exceptions int
}

func (MisconfSummary) Empty added in v0.24.0

func (s MisconfSummary) Empty() bool

type Report added in v0.24.0

type Report struct {
	SchemaVersion int                 `json:",omitempty"`
	ArtifactName  string              `json:",omitempty"`
	ArtifactType  ftypes.ArtifactType `json:",omitempty"`
	Metadata      Metadata            `json:",omitempty"`
	Results       Results             `json:",omitempty"`
}

Report represents a scan result

type Result added in v0.24.0

type Result struct {
	Target            string                     `json:"Target"`
	Class             ResultClass                `json:"Class,omitempty"`
	Type              string                     `json:"Type,omitempty"`
	Packages          []ftypes.Package           `json:"Packages,omitempty"`
	Vulnerabilities   []DetectedVulnerability    `json:"Vulnerabilities,omitempty"`
	MisconfSummary    *MisconfSummary            `json:"MisconfSummary,omitempty"`
	Misconfigurations []DetectedMisconfiguration `json:"Misconfigurations,omitempty"`
	CustomResources   []ftypes.CustomResource    `json:"CustomResources,omitempty"`
}

Result holds a target and detected vulnerabilities

type ResultClass added in v0.24.0

type ResultClass string

type Results added in v0.24.0

type Results []Result

Results to hold list of Result

func (Results) Failed added in v0.24.0

func (results Results) Failed() bool

Failed returns whether the result includes any vulnerabilities or misconfigurations

type ScanOptions

type ScanOptions struct {
	VulnType            []string
	SecurityChecks      []string
	ScanRemovedPackages bool
	ListAllPackages     bool
}

ScanOptions holds the attributes for scanning vulnerabilities

type SecurityCheck added in v0.18.2

type SecurityCheck = string

SecurityCheck represents the type of security check

func NewSecurityCheck added in v0.18.2

func NewSecurityCheck(s string) SecurityCheck

NewSecurityCheck returns an instance of SecurityCheck

type VulnType added in v0.18.2

type VulnType = string

VulnType represents vulnerability type

func NewVulnType added in v0.18.2

func NewVulnType(s string) VulnType

NewVulnType returns an instance of VulnType

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL