osvscanner

package

v1.8.0 Latest Latest Go to latest Published: Jun 20, 2024 License: Apache-2.0 Imports: 33 Imported by: 6

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/google/osv-scanner

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func DoScan(actions ScannerActions, r reporter.Reporter) (models.VulnerabilityResults, error)
func PURLToPackage(purl string) (models.PackageInfo, error)deprecated
type ExperimentalScannerActions
type ScannerActions

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrAPIFailed = errors.New("API query failed")

ErrAPIFailed describes errors related to querying API endpoints.

View Source

var NoPackagesFoundErr = errors.New("no packages found in scan")

NoPackagesFoundErr for when no packages are found during a scan.

View Source

var OnlyUncalledVulnerabilitiesFoundErr = errors.New("only uncalled vulnerabilities found")

Deprecated: This error is no longer returned, check the results to determine if this is the case

View Source

var VulnerabilitiesFoundErr = errors.New("vulnerabilities found")

VulnerabilitiesFoundErr includes both vulnerabilities being found or license violations being found, however, will not be raised if only uncalled vulnerabilities are found.

Functions ¶

func DoScan ¶

func DoScan(actions ScannerActions, r reporter.Reporter) (models.VulnerabilityResults, error)

Perform osv scanner action, with optional reporter to output information

func PURLToPackage deprecated

func PURLToPackage(purl string) (models.PackageInfo, error)

PURLToPackage converts a Package URL string to models.PackageInfo

Deprecated: Use the PURLToPackage in the models package instead.

Types ¶

type ExperimentalScannerActions ¶ added in v1.4.0

type ExperimentalScannerActions struct {
	CompareOffline        bool
	DownloadDatabases     bool
	ShowAllPackages       bool
	ScanLicensesSummary   bool
	ScanLicensesAllowlist []string
	ScanOCIImage          string

	LocalDBPath string
}

type ScannerActions ¶

type ScannerActions struct {
	LockfilePaths        []string
	SBOMPaths            []string
	DirectoryPaths       []string
	GitCommits           []string
	Recursive            bool
	SkipGit              bool
	NoIgnore             bool
	DockerContainerNames []string
	ConfigOverridePath   string
	CallAnalysisStates   map[string]bool

	ExperimentalScannerActions
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL