models

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 6, 2022 License: MPL-2.0 Imports: 1 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Credentials added in v0.3.0 

type Credentials struct {
	Username string
	Token    string
}

Credentials the user credentials used by a provider to authenticate to an API

type Enricher added in v0.4.0 

type Enricher interface {
	Enrich(vulnerabilities []Vulnerability) (enriched []Vulnerability, err error)
}

Encricher defines methods that can enrich a collection of vulnerabilities

type Epss added in v0.4.0 

type Epss struct {
	Status     string      `json:"status,omitempty"`
	StatusCode int64       `json:"status-code,omitempty"`
	Version    string      `json:"version,omitempty"`
	Access     string      `json:"access,omitempty"`
	Total      int64       `json:"total,omitempty"`
	Offset     int64       `json:"offset,omitempty"`
	Limit      int64       `json:"limit,omitempty"`
	Scores     []EpssScore `json:"data,omitempty"`
}

Epss encapsulates the response of a query to the Epss scoring API

type EpssScore added in v0.4.0 

type EpssScore struct {
	Cve        string `json:"cve,omitempty"`
	Epss       string `json:"epss,omitempty"`
	Percentile string `json:"percentile,omitempty"`
	Date       string `json:"date,omitempty"`
}

EpssScore contains epss score data for a specific CVE

type Meta added in v0.2.1 

type Meta struct {
	Generator string    `json:"generator"`
	URL       string    `json:"url"`
	Version   string    `json:"version"`
	Provider  string    `json:"provider"`
	Date      time.Time `json:"date"`
}

Meta contains system and execution information about the results from bomber

type Package 

type Package struct {
	Purl            string          `json:"coordinates"`
	Reference       string          `json:"reference,omitempty"`
	Description     string          `json:"description,omitempty"`
	Vulnerabilities []Vulnerability `json:"vulnerabilities"`
}

Package encapsulates information about a package/component and it's vulnerabilities

type Provider 

type Provider interface {
	Info() string
	Scan(purls []string, credentials *Credentials) (packages []Package, err error)
}

Provider defines the methods that a provider must contain

type Renderer added in v0.3.0 

type Renderer interface {
	Render(results Results) error
}

Renderer defines the methods that a renderer must contain

type Results added in v0.3.0 

type Results struct {
	Meta     Meta          `json:"meta,omitempty"`
	Files    []ScannedFile `json:"files,omitempty"`
	Licenses []string      `json:"licenses,omitempty"`
	Summary  Summary       `json:"summary,omitempty"`
	Packages []Package     `json:"packages,omitempty"`
}

Results is the high level JSON object used to define vulnerabilities processed by bomber.

func NewResults added in v0.3.0 

func NewResults(packages []Package, summary Summary, scanned []ScannedFile, licenses []string, version, providerName string) Results

NewResults defines the high level output of bomber

type ScannedFile added in v0.3.5 

type ScannedFile struct {
	Name   string `json:"name"`
	SHA256 string `json:"sha256"`
}

ScannedFile contains the absolute name and sha256 of a processed file

type Summary added in v0.2.1 

type Summary struct {
	Unspecified int
	Low         int
	Moderate    int
	High        int
	Critical    int
}

Summary is a struct used to keep track of severity counts

type Vulnerability 

type Vulnerability struct {
	ID                 string        `json:"id,omitempty"`
	DisplayName        string        `json:"displayName,omitempty"`
	Title              string        `json:"title,omitempty"`
	Description        string        `json:"description,omitempty"`
	CvssScore          float64       `json:"cvssScore,omitempty"`
	CvssVector         string        `json:"cvssVector,omitempty"`
	Cwe                string        `json:"cwe,omitempty"`
	Reference          string        `json:"reference,omitempty"`
	ExternalReferences []interface{} `json:"externalReferences,omitempty"`
	Severity           string        `json:"severity,omitempty"`
	Epss               EpssScore     `json:"epss,omitempty"`
}

Vulnerability encapsulates the information describing a detected vulnerability

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.