Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ChainIsDev ¶
func ChainIsDev(dc DependencyChain, groups map[manifest.RequirementKey][]string) bool
func ComputeChains ¶ added in v1.7.0
func ComputeChains(g *resolve.Graph, nodes []resolve.NodeID) [][]DependencyChain
ComputeChains computes all paths from each specified NodeID to the root node.
Types ¶
type DependencyChain ¶
type DependencyChain struct {
Graph *resolve.Graph
Edges []resolve.Edge // Edge from root node is at the end of the list
}
func (DependencyChain) At ¶ added in v1.7.0
func (dc DependencyChain) At(index int) (resolve.VersionKey, string)
At returns the dependency information of the dependency at the specified index along the chain. Returns the resolved VersionKey of the dependency, and the version requirement string. index 0 is the end dependency (usually the vulnerability) index len(Edges)-1 is the direct dependency from the root node
func (DependencyChain) Direct ¶ added in v1.7.0
func (dc DependencyChain) Direct() (resolve.VersionKey, string)
func (DependencyChain) End ¶ added in v1.7.0
func (dc DependencyChain) End() (resolve.VersionKey, string)
type Difference ¶ added in v1.9.0
type Difference struct {
Original *Result
New *Result
RemovedVulns []Vulnerability
AddedVulns []Vulnerability
manifest.Patch
}
func (Difference) Compare ¶ added in v1.9.0
func (a Difference) Compare(b Difference) int
Compare compares ResolutionDiffs based on 'effectiveness' (best first):
Sort order:
- (number of fixed vulns - introduced vulns) / (number of changed direct dependencies) [descending] (i.e. more efficient first)
- number of fixed vulns [descending]
- number of changed direct dependencies [ascending]
- changed direct dependency name package names [ascending]
- size of changed direct dependency bump [ascending]
type ResolveOpts ¶ added in v1.9.0
type ResolveOpts struct {
MavenManagement bool // whether to include unresolved dependencyManagement dependencies in resolved graph.
}
type Result ¶ added in v1.9.0
type Result struct {
Manifest manifest.Manifest
Graph *resolve.Graph
Vulns []Vulnerability
UnfilteredVulns []Vulnerability
}
func Resolve ¶
func Resolve(ctx context.Context, cl client.ResolutionClient, m manifest.Manifest, opts ResolveOpts) (*Result, error)
func (*Result) CalculateDiff ¶ added in v1.9.0
func (res *Result) CalculateDiff(other *Result) Difference
func (*Result) FilterVulns ¶ added in v1.9.0
func (res *Result) FilterVulns(matchFn func(Vulnerability) bool)
FilterVulns populates Vulns with the UnfilteredVulns that satisfy matchFn
type Vulnerability ¶ added in v1.9.0
type Vulnerability struct {
OSV models.Vulnerability
DevOnly bool
// Chains are paths through requirements from direct dependency to vulnerable package.
// A 'Problem' chain constrains the package to a vulnerable version.
// 'NonProblem' chains re-use the vulnerable version, but would not resolve to a vulnerable version in isolation.
ProblemChains []DependencyChain
NonProblemChains []DependencyChain
}
func (Vulnerability) IsDirect ¶ added in v1.9.0
func (rv Vulnerability) IsDirect() bool
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.