vex

package
v0.56.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 10, 2024 License: Apache-2.0 Imports: 29 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Filter added in v0.54.0

func Filter(ctx context.Context, report *types.Report, opts Options) error

Filter determines whether a detected vulnerability should be filtered out based on the provided VEX document. If the VEX document is passed and the vulnerability is either not affected or fixed according to the VEX statement, the vulnerability is filtered out.

Types

type CSAF added in v0.49.0

type CSAF struct {
	// contains filtered or unexported fields
}

func (*CSAF) Filter added in v0.49.0

func (v *CSAF) Filter(result *types.Result, bom *core.BOM)

func (*CSAF) NotAffected added in v0.52.0

func (v *CSAF) NotAffected(vuln types.DetectedVulnerability, product, subProduct *core.Component) (types.ModifiedFinding, bool)

type Client added in v0.54.0

type Client struct {
	VEXes []VEX
}

func New

func New(ctx context.Context, report *types.Report, opts Options) (*Client, error)

func (*Client) NotAffected added in v0.54.0

func (c *Client) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)

type CycloneDX

type CycloneDX struct {
	// contains filtered or unexported fields
}

func (*CycloneDX) NotAffected added in v0.54.0

func (v *CycloneDX) NotAffected(vuln types.DetectedVulnerability, product, _ *core.Component) (types.ModifiedFinding, bool)

type NotAffected added in v0.52.0

type NotAffected func(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)

type OCI added in v0.54.0

type OCI struct{}

type OpenVEX

type OpenVEX struct {
	// contains filtered or unexported fields
}

func NewOCI added in v0.54.0

func NewOCI(report *types.Report) (*OpenVEX, error)

func RetrieveVEXAttestation added in v0.54.0

func RetrieveVEXAttestation(p *purl.PackageURL) (*OpenVEX, error)

func (*OpenVEX) Filter

func (v *OpenVEX) Filter(result *types.Result, bom *core.BOM)

func (*OpenVEX) Matches added in v0.50.0

func (v *OpenVEX) Matches(vuln types.DetectedVulnerability, product, subComponent *core.Component) []openvex.Statement

func (*OpenVEX) NotAffected added in v0.52.0

func (v *OpenVEX) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)

type Options added in v0.54.0

type Options struct {
	CacheDir string
	Sources  []Source
}

type RepositoryIndex added in v0.54.0

type RepositoryIndex struct {
	Name string
	URL  string
	repo.Index
}

RepositoryIndex wraps the repository index

type RepositorySet added in v0.54.0

type RepositorySet struct {
	// contains filtered or unexported fields
}

func NewRepositorySet added in v0.54.0

func NewRepositorySet(ctx context.Context, cacheDir string) (*RepositorySet, error)

func (*RepositorySet) NotAffected added in v0.54.0

func (rs *RepositorySet) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)

func (*RepositorySet) OpenDocument added in v0.54.0

func (rs *RepositorySet) OpenDocument(source, dir string, entry repo.PackageEntry) (VEX, error)

type Source added in v0.54.0

type Source struct {
	Type     SourceType
	FilePath string // Used only for the file type
}

func NewSource added in v0.54.0

func NewSource(src string) Source

type SourceType added in v0.54.0

type SourceType string
const (
	TypeFile       SourceType = "file"
	TypeRepository SourceType = "repo"
	TypeOCI        SourceType = "oci"
)

type Statement

type Statement struct {
	Affects       []string
	Status        types.FindingStatus
	Justification string
}

type VEX

type VEX interface {
	NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)
}

VEX represents Vulnerability Exploitability eXchange. It abstracts multiple VEX formats. Note: This is in the experimental stage and does not yet support many specifications. The implementation may change significantly.

func NewDocument added in v0.54.0

func NewDocument(filePath string, report *types.Report) (VEX, error)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL