vuln

package
v0.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 10, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

Package vuln attestation parser parses the attestation defined by by the certifier using the predicate type "https://in-toto.io/attestation/vulns/v0.1" Three different types of ingest predicates are created.

- IsOccurences are created mapping between any package purls found in the subject, and any digests found under those.

- CertifyVulnerabilies are created mapping any package purl found in the subject and any vulnerabilites found in the scanner results. The vulnerabilites are treated as OSV.

- IsVulnerabilities are created between any found vulnerability in the scanner results (OSV) and either a CVE or GHSA vulnerability that is created by parsing the OSV ID.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewVulnCertificationParser

func NewVulnCertificationParser() common.DocumentParser

NewVulnCertificationParser initializes the parser

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL