resolution

package
v1.8.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 21, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ChainIsDev 

func ChainIsDev(dc DependencyChain, groups map[manifest.RequirementKey][]string) bool

func ComputeChains added in v1.7.0 

func ComputeChains(g *resolve.Graph, nodes []resolve.NodeID) [][]DependencyChain

ComputeChains computes all paths from each specified NodeID to the root node.

Types

type DependencyChain 

type DependencyChain struct {
	Graph *resolve.Graph
	Edges []resolve.Edge // Edge from root node is at the end of the list
}

func (DependencyChain) At added in v1.7.0 

func (dc DependencyChain) At(index int) (resolve.VersionKey, string)

At returns the dependency information of the dependency at the specified index along the chain. Returns the resolved VersionKey of the dependency, and the version requirement string. index 0 is the end dependency (usually the vulnerability) index len(Edges)-1 is the direct dependency from the root node

func (DependencyChain) Direct added in v1.7.0 

func (dc DependencyChain) Direct() (resolve.VersionKey, string)

func (DependencyChain) End added in v1.7.0 

func (dc DependencyChain) End() (resolve.VersionKey, string)

type ResolutionDiff 

type ResolutionDiff struct {
	Original     *ResolutionResult
	New          *ResolutionResult
	RemovedVulns []ResolutionVuln
	AddedVulns   []ResolutionVuln
	manifest.ManifestPatch
}

func (ResolutionDiff) Compare 

func (a ResolutionDiff) Compare(b ResolutionDiff) int

Compare compares ResolutionDiffs based on 'effectiveness' (best first):

Sort order:

  1. (number of fixed vulns - introduced vulns) / (number of changed direct dependencies) [descending] (i.e. more efficient first)
  2. number of fixed vulns [descending]
  3. number of changed direct dependencies [ascending]
  4. changed direct dependency name package names [ascending]
  5. size of changed direct dependency bump [ascending]

type ResolutionError added in v1.7.0 

type ResolutionError struct {
	NodeID resolve.NodeID
	Error  resolve.NodeError
}

type ResolutionResult 

type ResolutionResult struct {
	Manifest        manifest.Manifest
	Graph           *resolve.Graph
	Vulns           []ResolutionVuln
	UnfilteredVulns []ResolutionVuln
}

func Resolve 

func Resolve(ctx context.Context, cl client.ResolutionClient, m manifest.Manifest) (*ResolutionResult, error)

func (*ResolutionResult) CalculateDiff 

func (res *ResolutionResult) CalculateDiff(other *ResolutionResult) ResolutionDiff

func (*ResolutionResult) Errors added in v1.7.0 

func (res *ResolutionResult) Errors() []ResolutionError

func (*ResolutionResult) FilterVulns 

func (res *ResolutionResult) FilterVulns(matchFn func(ResolutionVuln) bool)

FilterVulns populates Vulns with the UnfilteredVulns that satisfy matchFn

type ResolutionVuln 

type ResolutionVuln struct {
	Vulnerability models.Vulnerability
	DevOnly       bool
	// Chains are paths through requirements from direct dependency to vulnerable package.
	// A 'Problem' chain constrains the package to a vulnerable version.
	// 'NonProblem' chains re-use the vulnerable version, but would not resolve to a vulnerable version in isolation.
	ProblemChains    []DependencyChain
	NonProblemChains []DependencyChain
}

func (ResolutionVuln) IsDirect added in v1.7.0 

func (rv ResolutionVuln) IsDirect() bool

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.