Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FillGitHubSecurityAlerts ¶
func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (nCVEs int, err error)
FillGitHubSecurityAlerts access to owner/repo on GitHub and fetch scurity alerts of the repository via GitHub API v4 GraphQL and then set to the given ScanResult. https://help.github.com/articles/about-security-alerts-for-vulnerable-dependencies/
Types ¶
type SecurityAlerts ¶
type SecurityAlerts struct { Data struct { Repository struct { URL string `json:"url"` VulnerabilityAlerts struct { PageInfo struct { EndCursor string `json:"endCursor"` HasNextPage bool `json:"hasNextPage"` StartCursor string `json:"startCursor"` } `json:"pageInfo"` Edges []struct { Node struct { ID string `json:"id"` DismissReason string `json:"dismissReason"` DismissedAt time.Time `json:"dismissedAt"` SecurityVulnerability struct { Package struct { Name string `json:"name"` Ecosystem string `json:"ecosystem"` } `json:"package"` Severity string `json:"severity"` VulnerableVersionRange string `json:"vulnerableVersionRange"` FirstPatchedVersion struct { Identifier string `json:"identifier"` } `json:"firstPatchedVersion"` } `json:"securityVulnerability"` SecurityAdvisory struct { Description string `json:"description"` GhsaID string `json:"ghsaId"` Permalink string `json:"permalink"` PublishedAt time.Time `json:"publishedAt"` Summary string `json:"summary"` UpdatedAt time.Time `json:"updatedAt"` WithdrawnAt time.Time `json:"withdrawnAt"` Origin string `json:"origin"` Severity string `json:"severity"` References []struct { URL string `json:"url"` } `json:"references"` Identifiers []struct { Type string `json:"type"` Value string `json:"value"` } `json:"identifiers"` } `json:"securityAdvisory"` } `json:"node"` } `json:"edges"` } `json:"vulnerabilityAlerts"` } `json:"repository"` } `json:"data"` }
SecurityAlerts has detected CVE-IDs, PackageNames, Refs
Click to show internal directories.
Click to hide internal directories.