utils

package
v2.37.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 29, 2023 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	EntitlementsMinVersion = "3.66.5"
	ApplicabilityFeatureId = "contextual_analysis"
	AnalyzerManagerZipName = "analyzerManager.zip"

	SeverityDefaultValue = "Medium"
)
View Source 
const (
	ApplicableStringValue                = "Applicable"
	NotApplicableStringValue             = "Not Applicable"
	ApplicabilityUndeterminedStringValue = "Undetermined"
)

Variables

View Source 
var CurationOutputFormats = []string{string(Table), string(Json)}
View Source 
var OutputFormats = []string{string(Table), string(Json), string(SimpleJson), string(Sarif)}
View Source 
var Severities = map[string]map[string]*Severity{
	"Critical": {
		ApplicableStringValue:                {/* contains filtered or unexported fields */},
		ApplicabilityUndeterminedStringValue: {/* contains filtered or unexported fields */},
		NotApplicableStringValue:             {/* contains filtered or unexported fields */},
	},
	"High": {
		ApplicableStringValue:                {/* contains filtered or unexported fields */},
		ApplicabilityUndeterminedStringValue: {/* contains filtered or unexported fields */},
		NotApplicableStringValue:             {/* contains filtered or unexported fields */},
	},
	"Medium": {
		ApplicableStringValue:                {/* contains filtered or unexported fields */},
		ApplicabilityUndeterminedStringValue: {/* contains filtered or unexported fields */},
		NotApplicableStringValue:             {/* contains filtered or unexported fields */},
	},
	"Low": {
		ApplicableStringValue:                {/* contains filtered or unexported fields */},
		ApplicabilityUndeterminedStringValue: {/* contains filtered or unexported fields */},
		NotApplicableStringValue:             {/* contains filtered or unexported fields */},
	},
}

Functions

func CheckIfFailBuild added in v2.7.0 

func CheckIfFailBuild(results []services.ScanResponse) bool

func CreateAnalyzerManagerLogDir added in v2.33.0 

func CreateAnalyzerManagerLogDir() error

func DownloadIndexerIfNeeded 

func DownloadIndexerIfNeeded(xrayManager *xray.XrayServicesManager, xrayVersionStr string) (indexerPath string, err error)

func ExtractRelativePath added in v2.36.0 

func ExtractRelativePath(resultPath string, projectRoot string) string

func GenerateSarifFileFromScan added in v2.19.0 

func GenerateSarifFileFromScan(extendedResults *ExtendedScanResults, isMultipleRoots, markdownOutput bool, scanningTool, toolURI string) (string, error)

func GetAnalyzerManagerDirAbsolutePath added in v2.34.1 

func GetAnalyzerManagerDirAbsolutePath() (string, error)

func GetAnalyzerManagerDownloadPath added in v2.34.1 

func GetAnalyzerManagerDownloadPath() (string, error)

func GetAnalyzerManagerExecutableName added in v2.34.1 

func GetAnalyzerManagerExecutableName() string

func GetResultFileName added in v2.36.0 

func GetResultFileName(result *sarif.Result) string

func GetResultLocationInFile added in v2.36.0 

func GetResultLocationInFile(result *sarif.Result) string

func GetResultSeverity added in v2.36.0 

func GetResultSeverity(result *sarif.Result) string

func GetSeveritiesFormat added in v2.32.0 

func GetSeveritiesFormat(severity string) (string, error)

func IsEmptyScanResponse added in v2.19.0 

func IsEmptyScanResponse(results []services.ScanResponse) bool

func IsNotEntitledError added in v2.36.0 

func IsNotEntitledError(err error) bool

func IsUnsupportedCommandError added in v2.36.0 

func IsUnsupportedCommandError(err error) bool

func NewFailBuildError added in v2.7.0 

func NewFailBuildError() error

func PrepareIacs added in v2.36.0 

func PrepareIacs(iacs []IacOrSecretResult) []formats.IacSecretsRow

Prepare iacs for all non-table formats (without style or emoji)

func PrepareLicenses added in v2.12.2 

func PrepareLicenses(licenses []services.License) ([]formats.LicenseRow, error)

func PrepareSecrets added in v2.36.0 

func PrepareSecrets(secrets []IacOrSecretResult) []formats.IacSecretsRow

Prepare secrets for all non-table formats (without style or emoji)

func PrepareViolations added in v2.12.2 

func PrepareViolations(violations []services.Violation, extendedResults *ExtendedScanResults, multipleRoots, simplifiedOutput bool) ([]formats.VulnerabilityOrViolationRow, []formats.LicenseViolationRow, []formats.OperationalRiskViolationRow, error)

Prepare violations for all non-table formats (without style or emoji)

func PrepareVulnerabilities added in v2.12.2 

func PrepareVulnerabilities(vulnerabilities []services.Vulnerability, extendedResults *ExtendedScanResults, multipleRoots, simplifiedOutput bool) ([]formats.VulnerabilityOrViolationRow, error)

Prepare vulnerabilities for all non-table formats (without style or emoji)

func PrintIacTable added in v2.36.0 

func PrintIacTable(iacs []IacOrSecretResult, entitledForIacScan bool) error

func PrintJson added in v2.1.0 

func PrintJson(output interface{}) error

func PrintLicensesTable added in v2.1.0 

func PrintLicensesTable(licenses []services.License, printExtended, scan bool) error

PrintLicensesTable prints the licenses in a table. Set multipleRoots to true in case the given licenses array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.

func PrintScanResults added in v2.4.0 

func PrintScanResults(results *ExtendedScanResults, simpleJsonError []formats.SimpleJsonError, format OutputFormat, includeVulnerabilities, includeLicenses, isMultipleRoots, printExtended, scan bool, messages []string) error

PrintScanResults prints the scan results in the specified format. Note that errors are printed only with SimpleJson format.

results - The scan results. simpleJsonError - Errors to be added to output of the SimpleJson format. format - The output format. includeVulnerabilities - If trie, include all vulnerabilities as part of the output. Else, include violations only. includeLicenses - If true, also include license violations as part of the output. isMultipleRoots - multipleRoots is set to true, in case the given results array contains (or may contain) results of several projects (like in binary scan). printExtended -If true, show extended results. scan - If true, use an output layout suitable for `jf scan` or `jf docker scan` results. Otherwise, use a layout compatible for `jf audit` . messages - Option array of messages, to be displayed if the format is Table

func PrintSecretsTable added in v2.36.0 

func PrintSecretsTable(secrets []IacOrSecretResult, entitledForSecretsScan bool) error

func PrintViolationsTable 

func PrintViolationsTable(violations []services.Violation, extendedResults *ExtendedScanResults, multipleRoots, printExtended, scan bool) error

PrintViolationsTable prints the violations in 4 tables: security violations, license compliance violations, operational risk violations and ignore rule URLs. Set multipleRoots to true in case the given violations array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. In case one (or more) of the violations contains the field FailBuild set to true, CliError with exit code 3 will be returned. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.

func PrintVulnerabilitiesTable 

func PrintVulnerabilitiesTable(vulnerabilities []services.Vulnerability, extendedResults *ExtendedScanResults, multipleRoots, printExtended, scan bool) error

PrintVulnerabilitiesTable prints the vulnerabilities in a table. Set multipleRoots to true in case the given vulnerabilities array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.

func RemoveDuplicateValues added in v2.33.0 

func RemoveDuplicateValues(stringSlice []string) []string

func SetAnalyzerManagerEnvVariables added in v2.33.0 

func SetAnalyzerManagerEnvVariables(serverDetails *config.ServerDetails) error

func SplitComponentId added in v2.27.0 

func SplitComponentId(componentId string) (string, string, string)

SplitComponentId splits a Xray component ID to the component name, version and package type. In case componentId doesn't contain a version, the returned version will be an empty string. In case componentId's format is invalid, it will be returned as the component name and empty strings will be returned instead of the version and the package type. Examples:

  1. componentId: "gav://antparent:ant:1.6.5" Returned values: Component name: "antparent:ant" Component version: "1.6.5" Package type: "Maven"
  2. componentId: "generic://sha256:244fd47e07d1004f0aed9c156aa09083c82bf8944eceb67c946ff7430510a77b/foo.jar" Returned values: Component name: "foo.jar" Component version: "" Package type: "Generic"
  3. componentId: "invalid-comp-id" Returned values: Component name: "invalid-comp-id" Component version: "" Package type: ""

func SplitScanResults added in v2.29.2 

func SplitScanResults(results []services.ScanResponse) ([]services.Violation, []services.Vulnerability, []services.License)

Splits scan responses into aggregated lists of violations, vulnerabilities and licenses.

Types

type AnalyzerManager added in v2.33.0 

type AnalyzerManager struct {
	// contains filtered or unexported fields
}

func (*AnalyzerManager) Exec added in v2.33.0 

func (am *AnalyzerManager) Exec(configFile string, scanCommand string) (err error)

func (*AnalyzerManager) ExistLocally added in v2.33.0 

func (am *AnalyzerManager) ExistLocally() (bool, error)

type AnalyzerManagerInterface added in v2.33.0 

type AnalyzerManagerInterface interface {
	ExistLocally() (bool, error)
	Exec(string, string) error
}

AnalyzerManagerInterface represents the analyzer manager executable file that exists locally as a Jfrog dependency. It triggers JAS capabilities by verifying user's entitlements and running the JAS scanners. Analyzer manager input:

  • scan command: ca (contextual analysis) / sec (secrets) / iac
  • path to configuration file

Analyzer manager output:

  • sarif file containing the scan results

type ExtendedScanResults added in v2.33.0 

type ExtendedScanResults struct {
	XrayResults                  []services.ScanResponse
	ApplicabilityScanResults     map[string]string
	SecretsScanResults           []IacOrSecretResult
	IacScanResults               []IacOrSecretResult
	EntitledForJas               bool
	EligibleForApplicabilityScan bool
	EligibleForSecretScan        bool
	EligibleForIacScan           bool
}

type GraphBasicParams added in v2.33.0 

type GraphBasicParams struct {
	// contains filtered or unexported fields
}

func (*GraphBasicParams) Args added in v2.33.0 

func (gbp *GraphBasicParams) Args() []string

func (*GraphBasicParams) DepsRepo added in v2.33.0 

func (gbp *GraphBasicParams) DepsRepo() string

func (*GraphBasicParams) ExcludeTestDependencies added in v2.33.0 

func (gbp *GraphBasicParams) ExcludeTestDependencies() bool

func (*GraphBasicParams) FullDependenciesTree added in v2.34.0 

func (gbp *GraphBasicParams) FullDependenciesTree() []*xrayUtils.GraphNode

func (*GraphBasicParams) IgnoreConfigFile added in v2.33.0 

func (gbp *GraphBasicParams) IgnoreConfigFile() bool

func (*GraphBasicParams) InsecureTls added in v2.33.0 

func (gbp *GraphBasicParams) InsecureTls() bool

func (*GraphBasicParams) OutputFormat added in v2.33.0 

func (gbp *GraphBasicParams) OutputFormat() OutputFormat

func (*GraphBasicParams) PipRequirementsFile added in v2.34.0 

func (gbp *GraphBasicParams) PipRequirementsFile() string

func (*GraphBasicParams) Progress added in v2.33.0 

func (gbp *GraphBasicParams) Progress() ioUtils.ProgressMgr

func (*GraphBasicParams) ReleasesRepo added in v2.33.0 

func (gbp *GraphBasicParams) ReleasesRepo() string

func (*GraphBasicParams) ServerDetails added in v2.33.0 

func (gbp *GraphBasicParams) ServerDetails() (*config.ServerDetails, error)

func (*GraphBasicParams) SetDepsRepo added in v2.33.0 

func (gbp *GraphBasicParams) SetDepsRepo(depsRepo string) *GraphBasicParams

func (*GraphBasicParams) SetExcludeTestDependencies added in v2.33.0 

func (gbp *GraphBasicParams) SetExcludeTestDependencies(excludeTestDependencies bool) *GraphBasicParams

func (*GraphBasicParams) SetFullDependenciesTree added in v2.34.0 

func (gbp *GraphBasicParams) SetFullDependenciesTree(fullDependenciesTree []*xrayUtils.GraphNode) *GraphBasicParams

func (*GraphBasicParams) SetIgnoreConfigFile added in v2.33.0 

func (gbp *GraphBasicParams) SetIgnoreConfigFile(ignoreConfigFile bool) *GraphBasicParams

func (*GraphBasicParams) SetInsecureTls added in v2.33.0 

func (gbp *GraphBasicParams) SetInsecureTls(insecureTls bool) *GraphBasicParams

func (*GraphBasicParams) SetNpmScope added in v2.33.0 

func (gbp *GraphBasicParams) SetNpmScope(depType string) *GraphBasicParams

func (*GraphBasicParams) SetOutputFormat added in v2.33.0 

func (gbp *GraphBasicParams) SetOutputFormat(format OutputFormat) *GraphBasicParams

func (*GraphBasicParams) SetPipRequirementsFile added in v2.33.0 

func (gbp *GraphBasicParams) SetPipRequirementsFile(requirementsFile string) *GraphBasicParams

func (*GraphBasicParams) SetProgress added in v2.33.0 

func (gbp *GraphBasicParams) SetProgress(progress ioUtils.ProgressMgr)

func (*GraphBasicParams) SetReleasesRepo added in v2.34.0 

func (gbp *GraphBasicParams) SetReleasesRepo(releasesRepo string) *GraphBasicParams

func (*GraphBasicParams) SetServerDetails added in v2.33.0 

func (gbp *GraphBasicParams) SetServerDetails(serverDetails *config.ServerDetails) *GraphBasicParams

func (*GraphBasicParams) SetTechnologies added in v2.33.0 

func (gbp *GraphBasicParams) SetTechnologies(technologies []string) *GraphBasicParams

func (*GraphBasicParams) SetUseWrapper added in v2.33.0 

func (gbp *GraphBasicParams) SetUseWrapper(useWrapper bool) *GraphBasicParams

func (*GraphBasicParams) Technologies added in v2.33.0 

func (gbp *GraphBasicParams) Technologies() []string

func (*GraphBasicParams) UseWrapper added in v2.33.0 

func (gbp *GraphBasicParams) UseWrapper() bool

type IacOrSecretResult added in v2.36.0 

type IacOrSecretResult struct {
	Severity   string
	File       string
	LineColumn string
	Type       string
	Text       string
}

type OutputFormat added in v2.7.0 

type OutputFormat string
const (
	// OutputFormat values
	Table      OutputFormat = "table"
	Json       OutputFormat = "json"
	SimpleJson OutputFormat = "simple-json"
	Sarif      OutputFormat = "sarif"
)

type Severity added in v2.32.0 

type Severity struct {
	// contains filtered or unexported fields
}

func GetSeverity added in v2.32.0 

func GetSeverity(severityTitle string, applicable string) *Severity

func (*Severity) Emoji added in v2.36.0 

func (s *Severity) Emoji() string

func (*Severity) NumValue added in v2.32.0 

func (s *Severity) NumValue() int

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.