models

package

v0.4.3 Latest Latest Go to latest Published: Apr 13, 2023 License: MPL-2.0 Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/devops-kung-fu/bomber

Links

Open Source Insights

Documentation ¶

Overview ¶

Package models contains structs and interfaces used by bomber

Index ¶

type Credentials
type Enricher
type Epss
type EpssScore
type Meta
type Package
type Provider
type Renderer
type Results
- func NewResults(packages []Package, summary Summary, scanned []ScannedFile, licenses []string, ...) Results
type ScannedFile
type Summary
type Vulnerability

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Credentials ¶ added in v0.3.0

type Credentials struct {
	Username string
	Token    string
}

Credentials the user credentials used by a provider to authenticate to an API

type Enricher ¶ added in v0.4.0

type Enricher interface {
	Enrich(vulnerabilities []Vulnerability) (enriched []Vulnerability, err error)
}

Enricher defines methods that can enrich a collection of vulnerabilities

type Epss ¶ added in v0.4.0

type Epss struct {
	Status     string      `json:"status,omitempty"`
	StatusCode int64       `json:"status-code,omitempty"`
	Version    string      `json:"version,omitempty"`
	Access     string      `json:"access,omitempty"`
	Total      int64       `json:"total,omitempty"`
	Offset     int64       `json:"offset,omitempty"`
	Limit      int64       `json:"limit,omitempty"`
	Scores     []EpssScore `json:"data,omitempty"`
}

Epss encapsulates the response of a query to the Epss scoring API

type EpssScore ¶ added in v0.4.0

type EpssScore struct {
	Cve        string `json:"cve,omitempty"`
	Epss       string `json:"epss,omitempty"`
	Percentile string `json:"percentile,omitempty"`
	Date       string `json:"date,omitempty"`
}

EpssScore contains epss score data for a specific CVE

type Meta ¶ added in v0.2.1

type Meta struct {
	Generator string    `json:"generator"`
	URL       string    `json:"url"`
	Version   string    `json:"version"`
	Provider  string    `json:"provider"`
	Date      time.Time `json:"date"`
}

Meta contains system and execution information about the results from bomber

type Package ¶

type Package struct {
	Purl            string          `json:"coordinates"`
	Reference       string          `json:"reference,omitempty"`
	Description     string          `json:"description,omitempty"`
	Vulnerabilities []Vulnerability `json:"vulnerabilities"`
}

Package encapsulates information about a package/component and it's vulnerabilities

type Provider ¶

type Provider interface {
	Info() string
	Scan(purls []string, credentials *Credentials) (packages []Package, err error)
}

Provider defines the methods that a provider must contain

type Renderer ¶ added in v0.3.0

type Renderer interface {
	Render(results Results) error
}

Renderer defines the methods that a renderer must contain

type Results ¶ added in v0.3.0

type Results struct {
	Meta     Meta          `json:"meta,omitempty"`
	Files    []ScannedFile `json:"files,omitempty"`
	Licenses []string      `json:"licenses,omitempty"`
	Summary  Summary       `json:"summary,omitempty"`
	Packages []Package     `json:"packages,omitempty"`
}

Results is the high level JSON object used to define vulnerabilities processed by bomber.

func NewResults ¶ added in v0.3.0

func NewResults(packages []Package, summary Summary, scanned []ScannedFile, licenses []string, version, providerName string) Results

NewResults defines the high level output of bomber

type ScannedFile ¶ added in v0.3.5

type ScannedFile struct {
	Name   string `json:"name"`
	SHA256 string `json:"sha256"`
}

ScannedFile contains the absolute name and sha256 of a processed file

type Summary ¶ added in v0.2.1

type Summary struct {
	Unspecified int
	Low         int
	Moderate    int
	High        int
	Critical    int
}

Summary is a struct used to keep track of severity counts

type Vulnerability ¶

type Vulnerability struct {
	ID                 string        `json:"id,omitempty"`
	DisplayName        string        `json:"displayName,omitempty"`
	Title              string        `json:"title,omitempty"`
	Description        string        `json:"description,omitempty"`
	CvssScore          float64       `json:"cvssScore,omitempty"`
	CvssVector         string        `json:"cvssVector,omitempty"`
	Cwe                string        `json:"cwe,omitempty"`
	Cve                string        `json:"cve,omitempty"`
	Reference          string        `json:"reference,omitempty"`
	ExternalReferences []interface{} `json:"externalReferences,omitempty"`
	Severity           string        `json:"severity,omitempty"`
	Epss               EpssScore     `json:"epss,omitempty"`
}

Vulnerability encapsulates the information describing a detected vulnerability

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL