formats

package

v1.13.4 Latest Latest Go to latest Published: Nov 29, 2024 License: Apache-2.0 Imports: 6 Imported by: 4

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jfrog/jfrog-cli-security

Links

Open Source Insights

Documentation ¶

Index ¶

func ConvertLicenseTableRowToScanTableRow(tableRows []licenseTableRow) (scanTableRows []licenseScanTableRow)
func ConvertLicenseViolationTableRowToScanTableRow(tableRows []licenseViolationTableRow) (scanTableRows []licenseViolationScanTableRow)
func ConvertOperationalRiskTableRowToScanTableRow(tableRows []operationalRiskViolationTableRow) (scanTableRows []operationalRiskViolationScanTableRow)
func ConvertSecurityTableRowToScanTableRow(tableRows []vulnerabilityTableRow) (scanTableRows []vulnerabilityScanTableRow)
func ConvertToIacOrSastTableRow(rows []SourceCodeRow) (tableRows []iacOrSastTableRow)
func ConvertToLicenseTableRow(rows []LicenseRow) (tableRows []licenseTableRow)
func ConvertToLicenseViolationTableRow(rows []LicenseRow) (tableRows []licenseViolationTableRow)
func ConvertToOperationalRiskViolationTableRow(rows []OperationalRiskViolationRow) (tableRows []operationalRiskViolationTableRow)
func ConvertToSecretsTableRow(rows []SourceCodeRow) (tableRows []secretsTableRow)
func ConvertToVulnerabilityTableRow(rows []VulnerabilityOrViolationRow) (tableRows []vulnerabilityTableRow)
type Applicability
type BlockedPackages
type Bom
type ComponentRow
type CuratedPackages
- func (cp *CuratedPackages) GetApprovedCount() int
- func (cp *CuratedPackages) GetBlockedCount() int
type CveRow
type EnrichJson
type Evidence
type ImpactedDependencyDetails
type JfrogResearchInformation
type JfrogResearchSeverityReason
type LicenseRow
type Location
type OperationalRiskViolationRow
type ResultSummary
- func MergeResultSummaries(summaries ...ResultSummary) (merged ResultSummary)
- func (rs ResultSummary) GetTotal(filterSeverities ...string) (total int)
type ResultsSummary
- func (rs *ResultsSummary) GetTotalViolations(filterTypes ...SummaryResultType) (total int)
- func (rs *ResultsSummary) GetTotalVulnerabilities(filterTypes ...SummaryResultType) (total int)
- func (rs *ResultsSummary) HasViolations() bool
type ResultsTables
type ScaScanResultSummary
type ScanResultSummary
- func GetVulnerabilitiesSummaries(summaries ...ResultsSummary) *ScanResultSummary
- func (srs *ScanResultSummary) GetMoreInfoUrls() (urls []string)
- func (srs *ScanResultSummary) GetScanIds() (scanIds []string)
- func (ss *ScanResultSummary) GetSummaryBySeverity() (summary ResultSummary)
- func (srs *ScanResultSummary) GetTotal(filterTypes ...SummaryResultType) (total int)
- func (srs *ScanResultSummary) HasIssues() bool
type ScanSummary
- func (sc *ScanSummary) GetScanIds() (scanIds []string)
- func (sc *ScanSummary) HasBlockedPackages() bool
- func (sc *ScanSummary) HasCuratedPackages() bool
- func (sc *ScanSummary) HasViolations() bool
- func (sc *ScanSummary) HasVulnerabilities() bool
type ScanViolationsSummary
- func GetViolationSummaries(summaries ...ResultsSummary) *ScanViolationsSummary
type SeverityDetails
type SimpleJsonError
type SimpleJsonResults
type SourceCodeRow
type SummaryResultType
- func (srt SummaryResultType) String() string
type Vulnerabilities
type Vulnerability
type VulnerabilityOrViolationRow
type XMLVulnerability

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ConvertLicenseTableRowToScanTableRow ¶

func ConvertLicenseTableRowToScanTableRow(tableRows []licenseTableRow) (scanTableRows []licenseScanTableRow)

func ConvertLicenseViolationTableRowToScanTableRow ¶

func ConvertLicenseViolationTableRowToScanTableRow(tableRows []licenseViolationTableRow) (scanTableRows []licenseViolationScanTableRow)

func ConvertOperationalRiskTableRowToScanTableRow ¶

func ConvertOperationalRiskTableRowToScanTableRow(tableRows []operationalRiskViolationTableRow) (scanTableRows []operationalRiskViolationScanTableRow)

func ConvertSecurityTableRowToScanTableRow ¶

func ConvertSecurityTableRowToScanTableRow(tableRows []vulnerabilityTableRow) (scanTableRows []vulnerabilityScanTableRow)

func ConvertToIacOrSastTableRow ¶

func ConvertToIacOrSastTableRow(rows []SourceCodeRow) (tableRows []iacOrSastTableRow)

func ConvertToLicenseTableRow ¶

func ConvertToLicenseTableRow(rows []LicenseRow) (tableRows []licenseTableRow)

func ConvertToLicenseViolationTableRow ¶

func ConvertToLicenseViolationTableRow(rows []LicenseRow) (tableRows []licenseViolationTableRow)

func ConvertToOperationalRiskViolationTableRow ¶

func ConvertToOperationalRiskViolationTableRow(rows []OperationalRiskViolationRow) (tableRows []operationalRiskViolationTableRow)

func ConvertToSecretsTableRow ¶

func ConvertToSecretsTableRow(rows []SourceCodeRow) (tableRows []secretsTableRow)

func ConvertToVulnerabilityTableRow ¶

func ConvertToVulnerabilityTableRow(rows []VulnerabilityOrViolationRow) (tableRows []vulnerabilityTableRow)

Types ¶

type Applicability ¶

type Applicability struct {
	Status             string     `json:"status"`
	ScannerDescription string     `json:"scannerDescription,omitempty"`
	UndeterminedReason string     `json:"undeterminedReason,omitempty"`
	Evidence           []Evidence `json:"evidence,omitempty"`
}

type BlockedPackages ¶

type BlockedPackages struct {
	Policy    string         `json:"policy,omitempty"`
	Condition string         `json:"condition,omitempty"`
	Packages  map[string]int `json:"packages"`
}

type Bom ¶

type Bom struct {
	Vulnerabilities struct {
		Vulnerability []struct {
			BomRef string `xml:"bom-ref,attr"`
			Id     string `xml:"id"`
		} `xml:"vulnerability"`
	} `xml:"vulnerabilities"`
}

type ComponentRow ¶

type ComponentRow struct {
	Name     string    `json:"name"`
	Version  string    `json:"version"`
	Location *Location `json:"location,omitempty"`
}

type CuratedPackages ¶

type CuratedPackages struct {
	Blocked      []BlockedPackages `json:"blocked,omitempty"`
	PackageCount int               `json:"num_packages,omitempty"`
}

func (*CuratedPackages) GetApprovedCount ¶

func (cp *CuratedPackages) GetApprovedCount() int

func (*CuratedPackages) GetBlockedCount ¶

func (cp *CuratedPackages) GetBlockedCount() int

type CveRow ¶

type CveRow struct {
	Id            string         `json:"id"`
	CvssV2        string         `json:"cvssV2"`
	CvssV3        string         `json:"cvssV3"`
	Applicability *Applicability `json:"applicability,omitempty"`
}

type EnrichJson ¶

type EnrichJson struct {
	Vulnerability []struct {
		BomRef string `json:"bom-ref,"`
		Id     string `json:"id"`
	} `json:"vulnerabilities"`
}

type Evidence ¶

type Evidence struct {
	Location
	Reason string `json:"reason,omitempty"`
}

type ImpactedDependencyDetails ¶

type ImpactedDependencyDetails struct {
	SeverityDetails
	ImpactedDependencyName    string         `json:"impactedPackageName"`
	ImpactedDependencyVersion string         `json:"impactedPackageVersion"`
	ImpactedDependencyType    string         `json:"impactedPackageType"`
	Components                []ComponentRow `json:"components"`
}

type JfrogResearchInformation ¶

type JfrogResearchInformation struct {
	SeverityDetails
	Summary         string                        `json:"summary,omitempty"`
	Details         string                        `json:"details,omitempty"`
	SeverityReasons []JfrogResearchSeverityReason `json:"severityReasons,omitempty"`
	Remediation     string                        `json:"remediation,omitempty"`
}

type JfrogResearchSeverityReason ¶

type JfrogResearchSeverityReason struct {
	Name        string `json:"name,omitempty"`
	Description string `json:"description,omitempty"`
	IsPositive  bool   `json:"isPositive,omitempty"`
}

type LicenseRow ¶

type LicenseRow struct {
	ImpactedDependencyDetails
	LicenseKey  string           `json:"licenseKey"`
	ImpactPaths [][]ComponentRow `json:"impactPaths"`
}

type Location ¶

type Location struct {
	File        string `json:"file"`
	StartLine   int    `json:"startLine,omitempty"`
	StartColumn int    `json:"startColumn,omitempty"`
	EndLine     int    `json:"endLine,omitempty"`
	EndColumn   int    `json:"endColumn,omitempty"`
	Snippet     string `json:"snippet,omitempty"`
}

type OperationalRiskViolationRow ¶

type OperationalRiskViolationRow struct {
	ImpactedDependencyDetails
	RiskReason    string `json:"riskReason"`
	IsEol         string `json:"isEndOfLife"`
	EolMessage    string `json:"endOfLifeMessage"`
	Cadence       string `json:"cadence"`
	Commits       string `json:"commits"`
	Committers    string `json:"committers"`
	NewerVersions string `json:"newerVersions"`
	LatestVersion string `json:"latestVersion"`
}

type ResultSummary ¶

type ResultSummary map[string]map[string]int

Severity -> status -> Count

func MergeResultSummaries ¶

func MergeResultSummaries(summaries ...ResultSummary) (merged ResultSummary)

func (ResultSummary) GetTotal ¶

func (rs ResultSummary) GetTotal(filterSeverities ...string) (total int)

type ResultsSummary ¶

type ResultsSummary struct {
	Scans []ScanSummary `json:"scans"`
}

func (*ResultsSummary) GetTotalViolations ¶

func (rs *ResultsSummary) GetTotalViolations(filterTypes ...SummaryResultType) (total int)

func (*ResultsSummary) GetTotalVulnerabilities ¶

func (rs *ResultsSummary) GetTotalVulnerabilities(filterTypes ...SummaryResultType) (total int)

func (*ResultsSummary) HasViolations ¶

func (rs *ResultsSummary) HasViolations() bool

type ResultsTables ¶

type ResultsTables struct {
	SecurityVulnerabilitiesTable   []vulnerabilityTableRow
	SecurityViolationsTable        []vulnerabilityTableRow
	LicensesTable                  []licenseTableRow
	LicenseViolationsTable         []licenseViolationTableRow
	OperationalRiskViolationsTable []operationalRiskViolationTableRow
	IacTable                       []iacOrSastTableRow
	SastTable                      []iacOrSastTableRow
	SecretsTable                   []secretsTableRow
	Errors                         []error
}

type ScaScanResultSummary ¶

type ScaScanResultSummary struct {
	ScanIds         []string      `json:"scan_ids,omitempty"`
	MoreInfoUrls    []string      `json:"more_info_urls,omitempty"`
	Security        ResultSummary `json:"security,omitempty"`
	License         ResultSummary `json:"license,omitempty"`
	OperationalRisk ResultSummary `json:"operational_risk,omitempty"`
}

type ScanResultSummary ¶

type ScanResultSummary struct {
	ScaResults     *ScaScanResultSummary `json:"sca,omitempty"`
	IacResults     *ResultSummary        `json:"iac,omitempty"`
	SecretsResults *ResultSummary        `json:"secrets,omitempty"`
	SastResults    *ResultSummary        `json:"sast,omitempty"`
}

func GetVulnerabilitiesSummaries ¶

func GetVulnerabilitiesSummaries(summaries ...ResultsSummary) *ScanResultSummary

func (*ScanResultSummary) GetMoreInfoUrls ¶

func (srs *ScanResultSummary) GetMoreInfoUrls() (urls []string)

func (*ScanResultSummary) GetScanIds ¶

func (srs *ScanResultSummary) GetScanIds() (scanIds []string)

func (*ScanResultSummary) GetSummaryBySeverity ¶

func (ss *ScanResultSummary) GetSummaryBySeverity() (summary ResultSummary)

Returns a ResultSummary with the counts described in the summary Severity -> status -> Count

func (*ScanResultSummary) GetTotal ¶

func (srs *ScanResultSummary) GetTotal(filterTypes ...SummaryResultType) (total int)

func (*ScanResultSummary) HasIssues ¶

func (srs *ScanResultSummary) HasIssues() bool

type ScanSummary ¶

type ScanSummary struct {
	Target          string                 `json:"target"`
	Name            string                 `json:"name,omitempty"`
	Vulnerabilities *ScanResultSummary     `json:"vulnerabilities,omitempty"`
	Violations      *ScanViolationsSummary `json:"violations,omitempty"`
	CuratedPackages *CuratedPackages       `json:"curated,omitempty"`
}

func (*ScanSummary) GetScanIds ¶

func (sc *ScanSummary) GetScanIds() (scanIds []string)

func (*ScanSummary) HasBlockedPackages ¶

func (sc *ScanSummary) HasBlockedPackages() bool

func (*ScanSummary) HasCuratedPackages ¶

func (sc *ScanSummary) HasCuratedPackages() bool

func (*ScanSummary) HasViolations ¶

func (sc *ScanSummary) HasViolations() bool

func (*ScanSummary) HasVulnerabilities ¶

func (sc *ScanSummary) HasVulnerabilities() bool

type ScanViolationsSummary ¶

type ScanViolationsSummary struct {
	Watches   []string `json:"watches,omitempty"`
	FailBuild bool     `json:"fail_build,omitempty"`
	ScanResultSummary
}

func GetViolationSummaries ¶

func GetViolationSummaries(summaries ...ResultsSummary) *ScanViolationsSummary

type SeverityDetails ¶

type SeverityDetails struct {
	Severity         string `json:"severity"`
	SeverityNumValue int    `json:"-"` // For sorting
}

type SimpleJsonError ¶

type SimpleJsonError struct {
	FilePath     string `json:"filePath"`
	ErrorMessage string `json:"errorMessage"`
}

type SimpleJsonResults ¶

type SimpleJsonResults struct {
	Vulnerabilities           []VulnerabilityOrViolationRow `json:"vulnerabilities"`
	SecurityViolations        []VulnerabilityOrViolationRow `json:"securityViolations"`
	LicensesViolations        []LicenseRow                  `json:"licensesViolations"`
	Licenses                  []LicenseRow                  `json:"licenses"`
	OperationalRiskViolations []OperationalRiskViolationRow `json:"operationalRiskViolations"`
	Secrets                   []SourceCodeRow               `json:"secrets"`
	Iacs                      []SourceCodeRow               `json:"iacViolations"`
	Sast                      []SourceCodeRow               `json:"sastViolations"`
	Errors                    []SimpleJsonError             `json:"errors"`
	MultiScanId               string                        `json:"multiScanId,omitempty"`
}

This struct holds the sorted results of the simple-json output.

type SourceCodeRow ¶

type SourceCodeRow struct {
	SeverityDetails
	Location
	Finding            string         `json:"finding,omitempty"`
	Fingerprint        string         `json:"fingerprint,omitempty"`
	Applicability      *Applicability `json:"applicability,omitempty"`
	ScannerDescription string         `json:"scannerDescription,omitempty"`
	CodeFlow           [][]Location   `json:"codeFlow,omitempty"`
}

type SummaryResultType ¶

type SummaryResultType string

const (
	IacResult            SummaryResultType = "IAC"
	SecretsResult        SummaryResultType = "Secrets"
	SastResult           SummaryResultType = "SAST"
	ScaResult            SummaryResultType = "SCA"
	ScaSecurityResult    SummaryResultType = "Security"
	ScaLicenseResult     SummaryResultType = "License"
	ScaOperationalResult SummaryResultType = "Operational"

	NoStatus = ""
)

func (SummaryResultType) String ¶

func (srt SummaryResultType) String() string

type Vulnerabilities ¶

type Vulnerabilities struct {
	Vulnerabilities XMLVulnerability `xml:"vulnerabilities"`
}

type Vulnerability ¶

type Vulnerability struct {
	BomRef string `json:"bom-ref" xml:"bom-ref,attr"`
	ID     string `json:"id" xml:"id"`
}

type VulnerabilityOrViolationRow ¶

type VulnerabilityOrViolationRow struct {
	ImpactedDependencyDetails
	Summary                  string                    `json:"summary"`
	Applicable               string                    `json:"applicable"`
	FixedVersions            []string                  `json:"fixedVersions"`
	Cves                     []CveRow                  `json:"cves"`
	IssueId                  string                    `json:"issueId"`
	References               []string                  `json:"references"`
	ImpactPaths              [][]ComponentRow          `json:"impactPaths"`
	JfrogResearchInformation *JfrogResearchInformation `json:"jfrogResearchInformation"`
	Technology               techutils.Technology      `json:"-"`
}

Used for vulnerabilities and security violations

type XMLVulnerability ¶

type XMLVulnerability struct {
	Vulnerability []Vulnerability `xml:"vulnerability"`
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
sarifutils

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL