gogrype

package module
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 5, 2025 License: MIT Imports: 9 Imported by: 0

README

Go Grype

Build Status Lint Status Go Report Card Docs LOC License

gogrype is a package to interact with github.com/anchore/grype.

Usage

Generate Grype JSON output from SBOM
% grype sbom:./sbom.spdx.json --add-cpes-if-none > grypeout.json
Generate Grype JSON output from JAR
% grype log4shell-vulnerable-app-all.jar -o json > grypeout.json
Convert Grype JSON output to XLSX file
% go run cmd/json2xlsx/main.go grypeout.json grypeout.xlsx
Integrate with GoVEX
import (
    "github.com/grokify/gogrype"
	"github.com/grokify/mogo/fmt/fmtutil"
	"github.com/grokify/mogo/log/logutil"
)

g, err := gogrype.ReadFileGrypeOutputJSON(f)
logutil.FatalErr(err)
fmtutil.PrintJSON(g)
fmtutil.PrintJSON(g.GoVEXes())

Documentation

Index

Constants

View Source
const (
	KeyArtifactName             = "artifact_name"
	KeyArtifactVersion          = "artifact_version"
	KeyArtifactType             = "artifact_type"
	KeyVulnerabilityID          = "vulnerability_id"
	KeyVulnerabilityIDLinkMD    = "vulnerability_id_link_markdown"
	KeyVulnerabilityFixVersions = "vulnerability_fix_versions"
	KeyVulnerabiltyNVDURL       = "vulnerability_nvd_url"
	KeyVulnerabilitySeverity    = "vulnerability_severity"
)
View Source
const StateFixed = "fixed"

Variables

This section is empty.

Functions

func DefaultTableColumnDefinitionSet added in v0.1.1

func DefaultTableColumnDefinitionSet() table.ColumnDefinitionSet

Types

type Artifact

type Artifact struct {
	Name    string `json:"name"`
	Version string `json:"version"`
	Type    string `json:"type"`
}

type CVSS added in v0.1.2

type CVSS struct {
	Version        string         `json:"version"`
	Vector         string         `json:"vector"`
	Metrics        CVSSMetrics    `json:"metrics"`
	VendorMetadata VendorMetadata `json:"vendorMetadata"`
}

type CVSSMetrics added in v0.1.2

type CVSSMetrics struct {
	BaseScore           float32 `json:"baseScore"`
	ExploitabilityScore float32 `json:"exploitabilityScore"`
	ImpactScore         float32 `json:"impactScore"`
}

type Fix

type Fix struct {
	Versions []string `json:"versions"`
	State    string   `json:"state"`
}

func (Fix) VersionsFixed

func (f Fix) VersionsFixed() []string

type GrypeOutputJSON

type GrypeOutputJSON struct {
	Matches Matches `json:"matches"`
}

func ReadFileGrypeOutputJSON

func ReadFileGrypeOutputJSON(filename string) (*GrypeOutputJSON, error)

func (GrypeOutputJSON) GoVEXes added in v0.1.2

func (out GrypeOutputJSON) GoVEXes() govex.Vulnerabilities

func (GrypeOutputJSON) Len

func (out GrypeOutputJSON) Len() int

type Match

type Match struct {
	Vulnerability Vulnerability `json:"vulnerability"`
	Artifact      Artifact      `json:"artifact"`
}

func (Match) Get

func (m Match) Get(key string) string

func (Match) GoVex added in v0.1.2

func (m Match) GoVex() govex.Vulnerability

func (Match) Slice

func (m Match) Slice(keys []string) []string

type Matches

type Matches []Match

func (Matches) Table

func (ms Matches) Table(colDefs *table.ColumnDefinitionSet) *table.Table

func (Matches) WriteFileXLSX

func (ms Matches) WriteFileXLSX(filename string, colDefs *table.ColumnDefinitionSet) error

type VendorMetadata added in v0.1.2

type VendorMetadata struct {
	BaseSeverity string `json:"base_severity"`
	Status       string `json:"status"`
}

type Vulnerability

type Vulnerability struct {
	ID          string   `json:"id"`
	CVSS        []CVSS   `json:"cvss"`
	DataSource  string   `json:"dataSource"`
	Description string   `json:"description"`
	Fix         Fix      `json:"fix"`
	Namespace   string   `json:"namespace"`
	Severity    string   `json:"severity"`
	URLs        []string `json:"urls"`
}

func (Vulnerability) IDLinkMarkdown

func (v Vulnerability) IDLinkMarkdown() string

Directories

Path Synopsis
cmd
examples

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL