Documentation
¶
Index ¶
- func PurlsDepsDevScan(ctx context.Context, purls []string) ([]assembler.CertifyScorecardIngest, []assembler.HasSourceAtIngest, error)
- func PurlsEOLScan(ctx context.Context, purls []string) ([]assembler.HasMetadataIngest, error)
- func PurlsLicenseScan(ctx context.Context, purls []string) ([]assembler.CertifyLegalIngest, []assembler.HasSourceAtIngest, error)
- func PurlsVulnScan(ctx context.Context, purls []string) ([]assembler.VulnEqualIngest, []assembler.CertifyVulnIngest, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func PurlsDepsDevScan ¶ added in v0.12.0
func PurlsDepsDevScan(ctx context.Context, purls []string) ([]assembler.CertifyScorecardIngest, []assembler.HasSourceAtIngest, error)
PurlDepsDevScan scans the purls and returns for metadata linked to the repository and returns the list of scorecards and sources associations it finds from Deps.dev This generally takes about 300ms - 600ms. With tests including 1-30 PURLs.
func PurlsEOLScan ¶ added in v0.12.0
func PurlsLicenseScan ¶
func PurlsLicenseScan(ctx context.Context, purls []string) ([]assembler.CertifyLegalIngest, []assembler.HasSourceAtIngest, error)
PurlsLicenseScan takes a slice of purls and queries clearly defined (skipping purls that start with "pkg:guac"). Once the query returns, an attestation is generated and passed to the clearly defined parser for ingestion
func PurlsVulnScan ¶
func PurlsVulnScan(ctx context.Context, purls []string) ([]assembler.VulnEqualIngest, []assembler.CertifyVulnIngest, error)
PurlsVulnScan takes a slice of purls and bulk queries OSV (skipping purls that start with "pkg:guac"). Once the query returns, an attestation is generated and passed to the vulnerability parser for ingestion
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.