attestation

package
v0.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 28, 2024 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	PredicateClearlyDefined = "https://in-toto.io/attestation/clearlydefined/v0.1"
)

PredicateVuln This is a new predicate type for vulnerabilities based off https://github.com/sigstore/cosign/blob/main/specs/COSIGN_VULN_ATTESTATION_SPEC.md. This is used by the certifier to attest to vulnerabilities in an artifact. Currently, the predicate is defined here but the intention is to upstream this to https://github.com/in-toto/attestation in the near future once the quirks are worked out.

Variables

This section is empty.

Functions

This section is empty.

Types

type Attribution 

type Attribution struct {
	Unknown int      `json:"unknown"`
	Parties []string `json:"parties"`
}

Attribution struct

type ClearlyDefinedPredicate 

type ClearlyDefinedPredicate struct {
	Definition Definition `json:"definition,omitempty"`
	Metadata   Metadata   `json:"metadata,omitempty"`
}

ClearlyDefinedPredicate defines predicate definition of the license attestation

type ClearlyDefinedStatement 

type ClearlyDefinedStatement struct {
	attestationv1.Statement
	// Predicate contains type specific metadata.
	Predicate ClearlyDefinedPredicate `json:"predicate"`
}

ClearlyDefinedStatement defines the statement header and the license predicate

type Coordinates 

type Coordinates struct {
	Type      string `json:"type"`
	Provider  string `json:"provider"`
	Namespace string `json:"namespace"`
	Name      string `json:"name"`
	Revision  string `json:"revision"`
}

Coordinates struct

type Definition 

type Definition struct {
	Licensed struct {
		Declared  string    `json:"declared"`
		ToolScore ToolScore `json:"toolScore"`
		Facets    Facets    `json:"facets"`
		Score     Score     `json:"score"`
	} `json:"licensed"`
	Described   Described   `json:"described"`
	Coordinates Coordinates `json:"coordinates"`
	Meta        Meta        `json:"_meta"`
	Scores      Scores      `json:"scores"`
}

Definition represents the structure of the data returned by the API Definition struct

type Described 

type Described struct {
	ReleaseDate    string          `json:"releaseDate"`
	Urls           Urls            `json:"urls"`
	Hashes         Hashes          `json:"hashes"`
	Files          int             `json:"files"`
	Tools          []string        `json:"tools"`
	ToolScore      ToolScore       `json:"toolScore"`
	SourceLocation *SourceLocation `json:"sourceLocation"`
	Score          Score           `json:"score"`
}

Described struct

type Discovered 

type Discovered struct {
	Unknown     int      `json:"unknown"`
	Expressions []string `json:"expressions"`
}

Discovered struct

type Facets 

type Facets struct {
	Core struct {
		Attribution Attribution `json:"attribution"`
		Discovered  Discovered  `json:"discovered"`
		Files       int         `json:"files"`
	} `json:"core"`
}

Facets struct

type Hashes 

type Hashes struct {
	Sha1   string `json:"sha1"`
	Sha256 string `json:"sha256"`
}

Hashes struct

type Meta 

type Meta struct {
	SchemaVersion string    `json:"schemaVersion"`
	Updated       time.Time `json:"updated"`
}

Meta struct

type Metadata 

type Metadata struct {
	ScannedOn *time.Time `json:"scannedOn,omitempty"`
}

type Score 

type Score struct {
	Total  int `json:"total"`
	Date   int `json:"date"`
	Source int `json:"source"`
}

Score struct

type Scores 

type Scores struct {
	Effective int `json:"effective"`
	Tool      int `json:"tool"`
}

Scores struct

type SourceLocation 

type SourceLocation struct {
	Type      string `json:"type"`
	Provider  string `json:"provider"`
	Namespace string `json:"namespace"`
	Name      string `json:"name"`
	Revision  string `json:"revision"`
	URL       string `json:"url"`
}

SourceLocation struct

type ToolScore 

type ToolScore struct {
	Total       int `json:"total"`
	Declared    int `json:"declared"`
	Discovered  int `json:"discovered"`
	Consistency int `json:"consistency"`
	Spdx        int `json:"spdx"`
	Texts       int `json:"texts"`
}

ToolScore struct

type Urls 

type Urls struct {
	Registry string `json:"registry"`
	Version  string `json:"version"`
	Download string `json:"download"`
}

Urls struct

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.