attestation

package
v0.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 16, 2025 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

View Source
const (
	PredicateClearlyDefined = "https://in-toto.io/attestation/clearlydefined/v0.1"
)

PredicateVuln This is a new predicate type for vulnerabilities based off https://github.com/sigstore/cosign/blob/main/specs/COSIGN_VULN_ATTESTATION_SPEC.md. This is used by the certifier to attest to vulnerabilities in an artifact. Currently, the predicate is defined here but the intention is to upstream this to https://github.com/in-toto/attestation in the near future once the quirks are worked out.

Variables

This section is empty.

Functions

This section is empty.

Types

type Attribution

type Attribution struct {
	Unknown int      `json:"unknown"`
	Parties []string `json:"parties"`
}

Attribution struct

type ClearlyDefinedPredicate

type ClearlyDefinedPredicate struct {
	Definition Definition `json:"definition,omitempty"`
	Metadata   Metadata   `json:"metadata,omitempty"`
}

ClearlyDefinedPredicate defines predicate definition of the license attestation

type ClearlyDefinedStatement

type ClearlyDefinedStatement struct {
	attestationv1.Statement
	// Predicate contains type specific metadata.
	Predicate ClearlyDefinedPredicate `json:"predicate"`
}

ClearlyDefinedStatement defines the statement header and the license predicate

type Coordinates

type Coordinates struct {
	Type      string `json:"type"`
	Provider  string `json:"provider"`
	Namespace string `json:"namespace"`
	Name      string `json:"name"`
	Revision  string `json:"revision"`
}

Coordinates struct

type Definition

type Definition struct {
	Licensed struct {
		Declared  string    `json:"declared"`
		ToolScore ToolScore `json:"toolScore"`
		Facets    Facets    `json:"facets"`
		Score     Score     `json:"score"`
	} `json:"licensed"`
	Described   Described   `json:"described"`
	Coordinates Coordinates `json:"coordinates"`
	Meta        Meta        `json:"_meta"`
	Scores      Scores      `json:"scores"`
}

Definition represents the structure of the data returned by the API Definition struct

type Described

type Described struct {
	ReleaseDate    string          `json:"releaseDate"`
	Urls           Urls            `json:"urls"`
	Hashes         Hashes          `json:"hashes"`
	Files          int             `json:"files"`
	Tools          []string        `json:"tools"`
	ToolScore      ToolScore       `json:"toolScore"`
	SourceLocation *SourceLocation `json:"sourceLocation"`
	Score          Score           `json:"score"`
}

Described struct

type Discovered

type Discovered struct {
	Unknown     int      `json:"unknown"`
	Expressions []string `json:"expressions"`
}

Discovered struct

type Facets

type Facets struct {
	Core struct {
		Attribution Attribution `json:"attribution"`
		Discovered  Discovered  `json:"discovered"`
		Files       int         `json:"files"`
	} `json:"core"`
}

Facets struct

type Hashes

type Hashes struct {
	Sha1   string `json:"sha1"`
	Sha256 string `json:"sha256"`
}

Hashes struct

type Meta

type Meta struct {
	SchemaVersion string    `json:"schemaVersion"`
	Updated       time.Time `json:"updated"`
}

Meta struct

type Metadata

type Metadata struct {
	ScannedOn *time.Time `json:"scannedOn,omitempty"`
}

type Score

type Score struct {
	Total  int `json:"total"`
	Date   int `json:"date"`
	Source int `json:"source"`
}

Score struct

type Scores

type Scores struct {
	Effective int `json:"effective"`
	Tool      int `json:"tool"`
}

Scores struct

type SourceLocation

type SourceLocation struct {
	Type      string `json:"type"`
	Provider  string `json:"provider"`
	Namespace string `json:"namespace"`
	Name      string `json:"name"`
	Revision  string `json:"revision"`
	URL       string `json:"url"`
}

SourceLocation struct

type ToolScore

type ToolScore struct {
	Total       int `json:"total"`
	Declared    int `json:"declared"`
	Discovered  int `json:"discovered"`
	Consistency int `json:"consistency"`
	Spdx        int `json:"spdx"`
	Texts       int `json:"texts"`
}

ToolScore struct

type Urls

type Urls struct {
	Registry string `json:"registry"`
	Version  string `json:"version"`
	Download string `json:"download"`
}

Urls struct

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL