utils

package
v2.34.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 23, 2023 License: Apache-2.0 Imports: 33 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ApplicabilityFeatureId = "contextual_analysis"
	AnalyzerManagerZipName = "analyzerManager.zip"
)
View Source 
const (
	ApplicableStringValue                = "Applicable"
	NotApplicableStringValue             = "Not Applicable"
	ApplicabilityUndeterminedStringValue = "Undetermined"
)

Variables

View Source 
var CurationOutputFormats = []string{string(Table), string(Json)}
View Source 
var OutputFormats = []string{string(Table), string(Json), string(SimpleJson), string(Sarif)}
View Source 
var Severities = map[string]map[string]*Severity{
	"Critical": {
		ApplicableStringValue:    {/* contains filtered or unexported fields */},
		NotApplicableStringValue: {/* contains filtered or unexported fields */},
	},
	"High": {
		ApplicableStringValue:    {/* contains filtered or unexported fields */},
		NotApplicableStringValue: {/* contains filtered or unexported fields */},
	},
	"Medium": {
		ApplicableStringValue:    {/* contains filtered or unexported fields */},
		NotApplicableStringValue: {/* contains filtered or unexported fields */},
	},
	"Low": {
		ApplicableStringValue:    {/* contains filtered or unexported fields */},
		NotApplicableStringValue: {/* contains filtered or unexported fields */},
	},
}

Functions

func CheckIfFailBuild added in v2.7.0 

func CheckIfFailBuild(results []services.ScanResponse) bool

func CreateAnalyzerManagerLogDir added in v2.33.0 

func CreateAnalyzerManagerLogDir() error

func DownloadIndexerIfNeeded 

func DownloadIndexerIfNeeded(xrayManager *xray.XrayServicesManager, xrayVersionStr string) (indexerPath string, err error)

func GenerateSarifFileFromScan added in v2.19.0 

func GenerateSarifFileFromScan(currentScan []services.ScanResponse, extendedResults *ExtendedScanResults, isMultipleRoots, simplifiedOutput bool) (string, error)

func GetAnalyzerManagerDirAbsolutePath added in v2.34.1 

func GetAnalyzerManagerDirAbsolutePath() (string, error)

func GetAnalyzerManagerDownloadPath added in v2.34.1 

func GetAnalyzerManagerDownloadPath() (string, error)

func GetAnalyzerManagerExecutableName added in v2.34.1 

func GetAnalyzerManagerExecutableName() string

func GetSeveritiesFormat added in v2.32.0 

func GetSeveritiesFormat(severity string) (string, error)

func IsEmptyScanResponse added in v2.19.0 

func IsEmptyScanResponse(results []services.ScanResponse) bool

func NewFailBuildError added in v2.7.0 

func NewFailBuildError() error

func PrepareLicenses added in v2.12.2 

func PrepareLicenses(licenses []services.License) ([]formats.LicenseRow, error)

func PrepareViolations added in v2.12.2 

func PrepareViolations(violations []services.Violation, extendedResults *ExtendedScanResults, multipleRoots, simplifiedOutput bool) ([]formats.VulnerabilityOrViolationRow, []formats.LicenseViolationRow, []formats.OperationalRiskViolationRow, error)

Prepare violations for all non-table formats (without style or emoji)

func PrepareVulnerabilities added in v2.12.2 

func PrepareVulnerabilities(vulnerabilities []services.Vulnerability, extendedResults *ExtendedScanResults, multipleRoots, simplifiedOutput bool) ([]formats.VulnerabilityOrViolationRow, error)

Prepare vulnerabilities for all non-table formats (without style or emoji)

func PrintJson added in v2.1.0 

func PrintJson(output interface{}) error

func PrintLicensesTable added in v2.1.0 

func PrintLicensesTable(licenses []services.License, printExtended, scan bool) error

PrintLicensesTable prints the licenses in a table. Set multipleRoots to true in case the given licenses array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.

func PrintScanResults added in v2.4.0 

func PrintScanResults(results *ExtendedScanResults, errors []formats.SimpleJsonError, format OutputFormat, includeVulnerabilities, includeLicenses, isMultipleRoots, printExtended, scan bool) error

PrintScanResults prints Xray scan results in the given format. Note that errors are printed only on SimpleJson format. If the scan argument is set to true, print the scan tables.

func PrintViolationsTable 

func PrintViolationsTable(violations []services.Violation, extendedResults *ExtendedScanResults, multipleRoots, printExtended, scan bool) error

PrintViolationsTable prints the violations in 4 tables: security violations, license compliance violations, operational risk violations and ignore rule URLs. Set multipleRoots to true in case the given violations array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. In case one (or more) of the violations contains the field FailBuild set to true, CliError with exit code 3 will be returned. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.

func PrintVulnerabilitiesTable 

func PrintVulnerabilitiesTable(vulnerabilities []services.Vulnerability, extendedResults *ExtendedScanResults, multipleRoots, printExtended, scan bool) error

PrintVulnerabilitiesTable prints the vulnerabilities in a table. Set multipleRoots to true in case the given vulnerabilities array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.

func RemoveDuplicateValues added in v2.33.0 

func RemoveDuplicateValues(stringSlice []string) []string

func SetAnalyzerManagerEnvVariables added in v2.33.0 

func SetAnalyzerManagerEnvVariables(serverDetails *config.ServerDetails) error

func SplitComponentId added in v2.27.0 

func SplitComponentId(componentId string) (string, string, string)

SplitComponentId splits a Xray component ID to the component name, version and package type. In case componentId doesn't contain a version, the returned version will be an empty string. In case componentId's format is invalid, it will be returned as the component name and empty strings will be returned instead of the version and the package type. Examples:

  1. componentId: "gav://antparent:ant:1.6.5" Returned values: Component name: "antparent:ant" Component version: "1.6.5" Package type: "Maven"
  2. componentId: "generic://sha256:244fd47e07d1004f0aed9c156aa09083c82bf8944eceb67c946ff7430510a77b/foo.jar" Returned values: Component name: "foo.jar" Component version: "" Package type: "Generic"
  3. componentId: "invalid-comp-id" Returned values: Component name: "invalid-comp-id" Component version: "" Package type: ""

func SplitScanResults added in v2.29.2 

func SplitScanResults(results []services.ScanResponse) ([]services.Violation, []services.Vulnerability, []services.License)

Splits scan responses into aggregated lists of violations, vulnerabilities and licenses.

Types

type AnalyzerManager added in v2.33.0 

type AnalyzerManager struct {
	// contains filtered or unexported fields
}

func (*AnalyzerManager) Exec added in v2.33.0 

func (am *AnalyzerManager) Exec(configFile string) error

func (*AnalyzerManager) ExistLocally added in v2.33.0 

func (am *AnalyzerManager) ExistLocally() (bool, error)

type AnalyzerManagerInterface added in v2.33.0 

type AnalyzerManagerInterface interface {
	ExistLocally() (bool, error)
	Exec(string) error
}

AnalyzerManagerInterface represents the analyzer manager executable file that exists locally as a Jfrog dependency. It triggers JAS capabilities by verifying user's entitlements and running the JAS scanners. Analyzer manager input:

  • scan command: ca (contextual analysis) / sec (secrets) / iac
  • path to configuration file

Analyzer manager output:

  • sarif file containing the scan results

type ExtendedScanResults added in v2.33.0 

type ExtendedScanResults struct {
	XrayResults                 []services.ScanResponse
	ApplicabilityScannerResults map[string]string
	EntitledForJas              bool
}

type GraphBasicParams added in v2.33.0 

type GraphBasicParams struct {
	// contains filtered or unexported fields
}

func (*GraphBasicParams) Args added in v2.33.0 

func (gbp *GraphBasicParams) Args() []string

func (*GraphBasicParams) DepsRepo added in v2.33.0 

func (gbp *GraphBasicParams) DepsRepo() string

func (*GraphBasicParams) ExcludeTestDependencies added in v2.33.0 

func (gbp *GraphBasicParams) ExcludeTestDependencies() bool

func (*GraphBasicParams) FullDependenciesTree added in v2.34.0 

func (gbp *GraphBasicParams) FullDependenciesTree() []*xrayUtils.GraphNode

func (*GraphBasicParams) IgnoreConfigFile added in v2.33.0 

func (gbp *GraphBasicParams) IgnoreConfigFile() bool

func (*GraphBasicParams) InsecureTls added in v2.33.0 

func (gbp *GraphBasicParams) InsecureTls() bool

func (*GraphBasicParams) OutputFormat added in v2.33.0 

func (gbp *GraphBasicParams) OutputFormat() OutputFormat

func (*GraphBasicParams) PipRequirementsFile added in v2.34.0 

func (gbp *GraphBasicParams) PipRequirementsFile() string

func (*GraphBasicParams) Progress added in v2.33.0 

func (gbp *GraphBasicParams) Progress() ioUtils.ProgressMgr

func (*GraphBasicParams) ReleasesRepo added in v2.33.0 

func (gbp *GraphBasicParams) ReleasesRepo() string

func (*GraphBasicParams) ServerDetails added in v2.33.0 

func (gbp *GraphBasicParams) ServerDetails() (*config.ServerDetails, error)

func (*GraphBasicParams) SetDepsRepo added in v2.33.0 

func (gbp *GraphBasicParams) SetDepsRepo(depsRepo string) *GraphBasicParams

func (*GraphBasicParams) SetExcludeTestDependencies added in v2.33.0 

func (gbp *GraphBasicParams) SetExcludeTestDependencies(excludeTestDependencies bool) *GraphBasicParams

func (*GraphBasicParams) SetFullDependenciesTree added in v2.34.0 

func (gbp *GraphBasicParams) SetFullDependenciesTree(fullDependenciesTree []*xrayUtils.GraphNode) *GraphBasicParams

func (*GraphBasicParams) SetIgnoreConfigFile added in v2.33.0 

func (gbp *GraphBasicParams) SetIgnoreConfigFile(ignoreConfigFile bool) *GraphBasicParams

func (*GraphBasicParams) SetInsecureTls added in v2.33.0 

func (gbp *GraphBasicParams) SetInsecureTls(insecureTls bool) *GraphBasicParams

func (*GraphBasicParams) SetNpmScope added in v2.33.0 

func (gbp *GraphBasicParams) SetNpmScope(depType string) *GraphBasicParams

func (*GraphBasicParams) SetOutputFormat added in v2.33.0 

func (gbp *GraphBasicParams) SetOutputFormat(format OutputFormat) *GraphBasicParams

func (*GraphBasicParams) SetPipRequirementsFile added in v2.33.0 

func (gbp *GraphBasicParams) SetPipRequirementsFile(requirementsFile string) *GraphBasicParams

func (*GraphBasicParams) SetProgress added in v2.33.0 

func (gbp *GraphBasicParams) SetProgress(progress ioUtils.ProgressMgr)

func (*GraphBasicParams) SetReleasesRepo added in v2.34.0 

func (gbp *GraphBasicParams) SetReleasesRepo(releasesRepo string) *GraphBasicParams

func (*GraphBasicParams) SetServerDetails added in v2.33.0 

func (gbp *GraphBasicParams) SetServerDetails(serverDetails *config.ServerDetails) *GraphBasicParams

func (*GraphBasicParams) SetTechnologies added in v2.33.0 

func (gbp *GraphBasicParams) SetTechnologies(technologies []string) *GraphBasicParams

func (*GraphBasicParams) SetUseWrapper added in v2.33.0 

func (gbp *GraphBasicParams) SetUseWrapper(useWrapper bool) *GraphBasicParams

func (*GraphBasicParams) Technologies added in v2.33.0 

func (gbp *GraphBasicParams) Technologies() []string

func (*GraphBasicParams) UseWrapper added in v2.33.0 

func (gbp *GraphBasicParams) UseWrapper() bool

type OutputFormat added in v2.7.0 

type OutputFormat string
const (
	// OutputFormat values
	Table      OutputFormat = "table"
	Json       OutputFormat = "json"
	SimpleJson OutputFormat = "simple-json"
	Sarif      OutputFormat = "sarif"
)

type Severity added in v2.32.0 

type Severity struct {
	// contains filtered or unexported fields
}

func GetSeverity added in v2.32.0 

func GetSeverity(severityTitle string, applicable string) *Severity

func (*Severity) NumValue added in v2.32.0 

func (s *Severity) NumValue() int

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.