Documentation ¶
Index ¶
- Constants
- Variables
- func CheckIfFailBuild(results []services.ScanResponse) bool
- func CreateAnalyzerManagerLogDir() error
- func DownloadIndexerIfNeeded(xrayManager *xray.XrayServicesManager, xrayVersionStr string) (indexerPath string, err error)
- func ExtractRelativePath(resultPath string, projectRoot string) string
- func GenerateSarifFileFromScan(extendedResults *ExtendedScanResults, isMultipleRoots, markdownOutput bool, ...) (string, error)
- func GetAnalyzerManagerDirAbsolutePath() (string, error)
- func GetAnalyzerManagerDownloadPath() (string, error)
- func GetAnalyzerManagerExecutableName() string
- func GetResultFileName(result *sarif.Result) string
- func GetResultLocationInFile(result *sarif.Result) string
- func GetResultSeverity(result *sarif.Result) string
- func GetSeveritiesFormat(severity string) (string, error)
- func IsEmptyScanResponse(results []services.ScanResponse) bool
- func IsNotEntitledError(err error) bool
- func IsUnsupportedCommandError(err error) bool
- func NewFailBuildError() error
- func PrepareIacs(iacs []IacOrSecretResult) []formats.IacSecretsRow
- func PrepareLicenses(licenses []services.License) ([]formats.LicenseRow, error)
- func PrepareSecrets(secrets []IacOrSecretResult) []formats.IacSecretsRow
- func PrepareViolations(violations []services.Violation, extendedResults *ExtendedScanResults, ...) ([]formats.VulnerabilityOrViolationRow, []formats.LicenseViolationRow, ...)
- func PrepareVulnerabilities(vulnerabilities []services.Vulnerability, extendedResults *ExtendedScanResults, ...) ([]formats.VulnerabilityOrViolationRow, error)
- func PrintIacTable(iacs []IacOrSecretResult, entitledForIacScan bool) error
- func PrintJson(output interface{}) error
- func PrintLicensesTable(licenses []services.License, printExtended, scan bool) error
- func PrintScanResults(results *ExtendedScanResults, simpleJsonError []formats.SimpleJsonError, ...) error
- func PrintSecretsTable(secrets []IacOrSecretResult, entitledForSecretsScan bool) error
- func PrintViolationsTable(violations []services.Violation, extendedResults *ExtendedScanResults, ...) error
- func PrintVulnerabilitiesTable(vulnerabilities []services.Vulnerability, extendedResults *ExtendedScanResults, ...) error
- func RemoveDuplicateValues(stringSlice []string) []string
- func SetAnalyzerManagerEnvVariables(serverDetails *config.ServerDetails) error
- func SplitComponentId(componentId string) (string, string, string)
- func SplitScanResults(results []services.ScanResponse) ([]services.Violation, []services.Vulnerability, []services.License)
- type AnalyzerManager
- type AnalyzerManagerInterface
- type ExtendedScanResults
- type GraphBasicParams
- func (gbp *GraphBasicParams) Args() []string
- func (gbp *GraphBasicParams) DepsRepo() string
- func (gbp *GraphBasicParams) ExcludeTestDependencies() bool
- func (gbp *GraphBasicParams) FullDependenciesTree() []*xrayUtils.GraphNode
- func (gbp *GraphBasicParams) IgnoreConfigFile() bool
- func (gbp *GraphBasicParams) InsecureTls() bool
- func (gbp *GraphBasicParams) OutputFormat() OutputFormat
- func (gbp *GraphBasicParams) PipRequirementsFile() string
- func (gbp *GraphBasicParams) Progress() ioUtils.ProgressMgr
- func (gbp *GraphBasicParams) ServerDetails() (*config.ServerDetails, error)
- func (gbp *GraphBasicParams) SetDepsRepo(depsRepo string) *GraphBasicParams
- func (gbp *GraphBasicParams) SetExcludeTestDependencies(excludeTestDependencies bool) *GraphBasicParams
- func (gbp *GraphBasicParams) SetFullDependenciesTree(fullDependenciesTree []*xrayUtils.GraphNode) *GraphBasicParams
- func (gbp *GraphBasicParams) SetIgnoreConfigFile(ignoreConfigFile bool) *GraphBasicParams
- func (gbp *GraphBasicParams) SetInsecureTls(insecureTls bool) *GraphBasicParams
- func (gbp *GraphBasicParams) SetNpmScope(depType string) *GraphBasicParams
- func (gbp *GraphBasicParams) SetOutputFormat(format OutputFormat) *GraphBasicParams
- func (gbp *GraphBasicParams) SetPipRequirementsFile(requirementsFile string) *GraphBasicParams
- func (gbp *GraphBasicParams) SetProgress(progress ioUtils.ProgressMgr)
- func (gbp *GraphBasicParams) SetServerDetails(serverDetails *config.ServerDetails) *GraphBasicParams
- func (gbp *GraphBasicParams) SetTechnologies(technologies []string) *GraphBasicParams
- func (gbp *GraphBasicParams) SetUseWrapper(useWrapper bool) *GraphBasicParams
- func (gbp *GraphBasicParams) Technologies() []string
- func (gbp *GraphBasicParams) UseWrapper() bool
- type IacOrSecretResult
- type OutputFormat
- type Severity
Constants ¶
const ( EntitlementsMinVersion = "3.66.5" ApplicabilityFeatureId = "contextual_analysis" AnalyzerManagerZipName = "analyzerManager.zip" SeverityDefaultValue = "Medium" )
const ( ApplicableStringValue = "Applicable" NotApplicableStringValue = "Not Applicable" ApplicabilityUndeterminedStringValue = "Undetermined" )
Variables ¶
var OutputFormats = []string{string(Table), string(Json), string(SimpleJson), string(Sarif)}
var Severities = map[string]map[string]*Severity{ "Critical": { ApplicableStringValue: {/* contains filtered or unexported fields */}, ApplicabilityUndeterminedStringValue: {/* contains filtered or unexported fields */}, NotApplicableStringValue: {/* contains filtered or unexported fields */}, }, "High": { ApplicableStringValue: {/* contains filtered or unexported fields */}, ApplicabilityUndeterminedStringValue: {/* contains filtered or unexported fields */}, NotApplicableStringValue: {/* contains filtered or unexported fields */}, }, "Medium": { ApplicableStringValue: {/* contains filtered or unexported fields */}, ApplicabilityUndeterminedStringValue: {/* contains filtered or unexported fields */}, NotApplicableStringValue: {/* contains filtered or unexported fields */}, }, "Low": { ApplicableStringValue: {/* contains filtered or unexported fields */}, ApplicabilityUndeterminedStringValue: {/* contains filtered or unexported fields */}, NotApplicableStringValue: {/* contains filtered or unexported fields */}, }, }
Functions ¶
func CheckIfFailBuild ¶ added in v2.7.0
func CheckIfFailBuild(results []services.ScanResponse) bool
func CreateAnalyzerManagerLogDir ¶ added in v2.33.0
func CreateAnalyzerManagerLogDir() error
func DownloadIndexerIfNeeded ¶
func DownloadIndexerIfNeeded(xrayManager *xray.XrayServicesManager, xrayVersionStr string) (indexerPath string, err error)
func ExtractRelativePath ¶ added in v2.36.0
func GenerateSarifFileFromScan ¶ added in v2.19.0
func GenerateSarifFileFromScan(extendedResults *ExtendedScanResults, isMultipleRoots, markdownOutput bool, scanningTool, toolURI string) (string, error)
func GetAnalyzerManagerDirAbsolutePath ¶ added in v2.34.1
func GetAnalyzerManagerDownloadPath ¶ added in v2.34.1
func GetAnalyzerManagerExecutableName ¶ added in v2.34.1
func GetAnalyzerManagerExecutableName() string
func GetResultFileName ¶ added in v2.36.0
func GetResultLocationInFile ¶ added in v2.36.0
func GetResultSeverity ¶ added in v2.36.0
func GetSeveritiesFormat ¶ added in v2.32.0
func IsEmptyScanResponse ¶ added in v2.19.0
func IsEmptyScanResponse(results []services.ScanResponse) bool
func IsNotEntitledError ¶ added in v2.36.0
func IsUnsupportedCommandError ¶ added in v2.36.0
func NewFailBuildError ¶ added in v2.7.0
func NewFailBuildError() error
func PrepareIacs ¶ added in v2.36.0
func PrepareIacs(iacs []IacOrSecretResult) []formats.IacSecretsRow
Prepare iacs for all non-table formats (without style or emoji)
func PrepareLicenses ¶ added in v2.12.2
func PrepareLicenses(licenses []services.License) ([]formats.LicenseRow, error)
func PrepareSecrets ¶ added in v2.36.0
func PrepareSecrets(secrets []IacOrSecretResult) []formats.IacSecretsRow
Prepare secrets for all non-table formats (without style or emoji)
func PrepareViolations ¶ added in v2.12.2
func PrepareViolations(violations []services.Violation, extendedResults *ExtendedScanResults, multipleRoots, simplifiedOutput bool) ([]formats.VulnerabilityOrViolationRow, []formats.LicenseViolationRow, []formats.OperationalRiskViolationRow, error)
Prepare violations for all non-table formats (without style or emoji)
func PrepareVulnerabilities ¶ added in v2.12.2
func PrepareVulnerabilities(vulnerabilities []services.Vulnerability, extendedResults *ExtendedScanResults, multipleRoots, simplifiedOutput bool) ([]formats.VulnerabilityOrViolationRow, error)
Prepare vulnerabilities for all non-table formats (without style or emoji)
func PrintIacTable ¶ added in v2.36.0
func PrintIacTable(iacs []IacOrSecretResult, entitledForIacScan bool) error
func PrintLicensesTable ¶ added in v2.1.0
PrintLicensesTable prints the licenses in a table. Set multipleRoots to true in case the given licenses array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.
func PrintScanResults ¶ added in v2.4.0
func PrintScanResults(results *ExtendedScanResults, simpleJsonError []formats.SimpleJsonError, format OutputFormat, includeVulnerabilities, includeLicenses, isMultipleRoots, printExtended, scan bool, messages []string) error
PrintScanResults prints the scan results in the specified format. Note that errors are printed only with SimpleJson format.
results - The scan results. simpleJsonError - Errors to be added to output of the SimpleJson format. format - The output format. includeVulnerabilities - If trie, include all vulnerabilities as part of the output. Else, include violations only. includeLicenses - If true, also include license violations as part of the output. isMultipleRoots - multipleRoots is set to true, in case the given results array contains (or may contain) results of several projects (like in binary scan). printExtended -If true, show extended results. scan - If true, use an output layout suitable for `jf scan` or `jf docker scan` results. Otherwise, use a layout compatible for `jf audit` . messages - Option array of messages, to be displayed if the format is Table
func PrintSecretsTable ¶ added in v2.36.0
func PrintSecretsTable(secrets []IacOrSecretResult, entitledForSecretsScan bool) error
func PrintViolationsTable ¶
func PrintViolationsTable(violations []services.Violation, extendedResults *ExtendedScanResults, multipleRoots, printExtended, scan bool) error
PrintViolationsTable prints the violations in 4 tables: security violations, license compliance violations, operational risk violations and ignore rule URLs. Set multipleRoots to true in case the given violations array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. In case one (or more) of the violations contains the field FailBuild set to true, CliError with exit code 3 will be returned. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.
func PrintVulnerabilitiesTable ¶
func PrintVulnerabilitiesTable(vulnerabilities []services.Vulnerability, extendedResults *ExtendedScanResults, multipleRoots, printExtended, scan bool) error
PrintVulnerabilitiesTable prints the vulnerabilities in a table. Set multipleRoots to true in case the given vulnerabilities array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.
func RemoveDuplicateValues ¶ added in v2.33.0
func SetAnalyzerManagerEnvVariables ¶ added in v2.33.0
func SetAnalyzerManagerEnvVariables(serverDetails *config.ServerDetails) error
func SplitComponentId ¶ added in v2.27.0
SplitComponentId splits a Xray component ID to the component name, version and package type. In case componentId doesn't contain a version, the returned version will be an empty string. In case componentId's format is invalid, it will be returned as the component name and empty strings will be returned instead of the version and the package type. Examples:
- componentId: "gav://antparent:ant:1.6.5" Returned values: Component name: "antparent:ant" Component version: "1.6.5" Package type: "Maven"
- componentId: "generic://sha256:244fd47e07d1004f0aed9c156aa09083c82bf8944eceb67c946ff7430510a77b/foo.jar" Returned values: Component name: "foo.jar" Component version: "" Package type: "Generic"
- componentId: "invalid-comp-id" Returned values: Component name: "invalid-comp-id" Component version: "" Package type: ""
func SplitScanResults ¶ added in v2.29.2
func SplitScanResults(results []services.ScanResponse) ([]services.Violation, []services.Vulnerability, []services.License)
Splits scan responses into aggregated lists of violations, vulnerabilities and licenses.
Types ¶
type AnalyzerManager ¶ added in v2.33.0
type AnalyzerManager struct {
// contains filtered or unexported fields
}
func (*AnalyzerManager) Exec ¶ added in v2.33.0
func (am *AnalyzerManager) Exec(configFile string, scanCommand string) (err error)
func (*AnalyzerManager) ExistLocally ¶ added in v2.33.0
func (am *AnalyzerManager) ExistLocally() (bool, error)
type AnalyzerManagerInterface ¶ added in v2.33.0
AnalyzerManagerInterface represents the analyzer manager executable file that exists locally as a Jfrog dependency. It triggers JAS capabilities by verifying user's entitlements and running the JAS scanners. Analyzer manager input:
- scan command: ca (contextual analysis) / sec (secrets) / iac
- path to configuration file
Analyzer manager output:
- sarif file containing the scan results
type ExtendedScanResults ¶ added in v2.33.0
type ExtendedScanResults struct { XrayResults []services.ScanResponse ApplicabilityScanResults map[string]string SecretsScanResults []IacOrSecretResult IacScanResults []IacOrSecretResult EntitledForJas bool EligibleForApplicabilityScan bool EligibleForSecretScan bool EligibleForIacScan bool }
type GraphBasicParams ¶ added in v2.33.0
type GraphBasicParams struct {
// contains filtered or unexported fields
}
func (*GraphBasicParams) Args ¶ added in v2.33.0
func (gbp *GraphBasicParams) Args() []string
func (*GraphBasicParams) DepsRepo ¶ added in v2.33.0
func (gbp *GraphBasicParams) DepsRepo() string
func (*GraphBasicParams) ExcludeTestDependencies ¶ added in v2.33.0
func (gbp *GraphBasicParams) ExcludeTestDependencies() bool
func (*GraphBasicParams) FullDependenciesTree ¶ added in v2.34.0
func (gbp *GraphBasicParams) FullDependenciesTree() []*xrayUtils.GraphNode
func (*GraphBasicParams) IgnoreConfigFile ¶ added in v2.33.0
func (gbp *GraphBasicParams) IgnoreConfigFile() bool
func (*GraphBasicParams) InsecureTls ¶ added in v2.33.0
func (gbp *GraphBasicParams) InsecureTls() bool
func (*GraphBasicParams) OutputFormat ¶ added in v2.33.0
func (gbp *GraphBasicParams) OutputFormat() OutputFormat
func (*GraphBasicParams) PipRequirementsFile ¶ added in v2.34.0
func (gbp *GraphBasicParams) PipRequirementsFile() string
func (*GraphBasicParams) Progress ¶ added in v2.33.0
func (gbp *GraphBasicParams) Progress() ioUtils.ProgressMgr
func (*GraphBasicParams) ServerDetails ¶ added in v2.33.0
func (gbp *GraphBasicParams) ServerDetails() (*config.ServerDetails, error)
func (*GraphBasicParams) SetDepsRepo ¶ added in v2.33.0
func (gbp *GraphBasicParams) SetDepsRepo(depsRepo string) *GraphBasicParams
func (*GraphBasicParams) SetExcludeTestDependencies ¶ added in v2.33.0
func (gbp *GraphBasicParams) SetExcludeTestDependencies(excludeTestDependencies bool) *GraphBasicParams
func (*GraphBasicParams) SetFullDependenciesTree ¶ added in v2.34.0
func (gbp *GraphBasicParams) SetFullDependenciesTree(fullDependenciesTree []*xrayUtils.GraphNode) *GraphBasicParams
func (*GraphBasicParams) SetIgnoreConfigFile ¶ added in v2.33.0
func (gbp *GraphBasicParams) SetIgnoreConfigFile(ignoreConfigFile bool) *GraphBasicParams
func (*GraphBasicParams) SetInsecureTls ¶ added in v2.33.0
func (gbp *GraphBasicParams) SetInsecureTls(insecureTls bool) *GraphBasicParams
func (*GraphBasicParams) SetNpmScope ¶ added in v2.33.0
func (gbp *GraphBasicParams) SetNpmScope(depType string) *GraphBasicParams
func (*GraphBasicParams) SetOutputFormat ¶ added in v2.33.0
func (gbp *GraphBasicParams) SetOutputFormat(format OutputFormat) *GraphBasicParams
func (*GraphBasicParams) SetPipRequirementsFile ¶ added in v2.33.0
func (gbp *GraphBasicParams) SetPipRequirementsFile(requirementsFile string) *GraphBasicParams
func (*GraphBasicParams) SetProgress ¶ added in v2.33.0
func (gbp *GraphBasicParams) SetProgress(progress ioUtils.ProgressMgr)
func (*GraphBasicParams) SetServerDetails ¶ added in v2.33.0
func (gbp *GraphBasicParams) SetServerDetails(serverDetails *config.ServerDetails) *GraphBasicParams
func (*GraphBasicParams) SetTechnologies ¶ added in v2.33.0
func (gbp *GraphBasicParams) SetTechnologies(technologies []string) *GraphBasicParams
func (*GraphBasicParams) SetUseWrapper ¶ added in v2.33.0
func (gbp *GraphBasicParams) SetUseWrapper(useWrapper bool) *GraphBasicParams
func (*GraphBasicParams) Technologies ¶ added in v2.33.0
func (gbp *GraphBasicParams) Technologies() []string
func (*GraphBasicParams) UseWrapper ¶ added in v2.33.0
func (gbp *GraphBasicParams) UseWrapper() bool
type IacOrSecretResult ¶ added in v2.36.0
type OutputFormat ¶ added in v2.7.0
type OutputFormat string
const ( // OutputFormat values Table OutputFormat = "table" Json OutputFormat = "json" SimpleJson OutputFormat = "simple-json" Sarif OutputFormat = "sarif" )
type Severity ¶ added in v2.32.0
type Severity struct {
// contains filtered or unexported fields
}