utils

package
v1.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 7, 2025 License: Apache-2.0 Imports: 23 Imported by: 3

Documentation

Index

Constants

View Source
const (
	JfrogCurationDirName = "curation"

	CurationsDir = "JFROG_CLI_CURATION_DIR"

	// #nosec G101 -- Not credentials.
	CurationSupportFlag = "JFROG_CLI_CURATION"
)
View Source
const (
	NodeModulesPattern = "**/*node_modules*/**"
	JfMsiEnvVariable   = "JF_MSI"

	BaseDocumentationURL   = "https://docs.jfrog-applications.jfrog.io/jfrog-security-features/"
	JasInfoURL             = "https://jfrog.com/xray/"
	EntitlementsMinVersion = "3.66.5"

	JfrogExternalRunIdEnv   = "JFROG_CLI_USAGE_RUN_ID"
	JfrogExternalJobIdEnv   = "JFROG_CLI_USAGE_JOB_ID"
	JfrogExternalGitRepoEnv = "JFROG_CLI_USAGE_GIT_REPO"
)
View Source
const (
	ContextualAnalysisScan       SubScanType        = "contextual_analysis"
	ScaScan                      SubScanType        = "sca"
	IacScan                      SubScanType        = "iac"
	SastScan                     SubScanType        = "sast"
	SecretsScan                  SubScanType        = "secrets"
	SecretTokenValidationScan    SubScanType        = "secrets_token_validation"
	ViolationTypeSecurity        ViolationIssueType = "security"
	ViolationTypeLicense         ViolationIssueType = "license"
	ViolationTypeOperationalRisk ViolationIssueType = "operational_risk"
)

Variables

View Source
var (
	// Exclude pattern for files.
	DefaultJasExcludePatterns = []string{"**/.git/**", "**/*test*/**", "**/*venv*/**", NodeModulesPattern, "**/target/**", "**/dist/**"}
	// Exclude pattern for directories.
	DefaultScaExcludePatterns = []string{"*.git*", "*node_modules*", "*target*", "*venv*", "*test*", "dist"}
)

Functions

func DumpContentToFile added in v1.9.0

func DumpContentToFile(fileContent []byte, scanResultsOutputDir string, scanType string) (err error)

func GetAsJsonBytes added in v1.12.0

func GetAsJsonBytes(output interface{}, escapeValues, indent bool) (results []byte, err error)

func GetAsJsonString added in v1.12.0

func GetAsJsonString(output interface{}, escapeValues, indent bool) (string, error)

func GetCurationCacheFolder added in v1.0.4

func GetCurationCacheFolder() (string, error)

func GetCurationCacheFolderByTech added in v1.3.0

func GetCurationCacheFolderByTech(tech techutils.Technology) (projectDir string, err error)

func GetCurationNugetCacheFolder added in v1.8.1

func GetCurationNugetCacheFolder() (string, error)

func GetCurationPipCacheFolder added in v1.1.0

func GetCurationPipCacheFolder() (string, error)

func GetDependenciesGraph added in v1.3.0

func GetDependenciesGraph(projectDir string) (map[string][]string, error)

func GetDependenciesList added in v1.3.0

func GetDependenciesList(projectDir string, errorFunc utils.HandleErrorFunc) (map[string]bool, error)

func GetScanFindingsLog added in v1.14.0

func GetScanFindingsLog(scanType SubScanType, vulnerabilitiesCount, violationsCount, threadId int) string

func IsCI added in v1.12.0

func IsCI() bool

func IsScanRequested added in v1.12.0

func IsScanRequested(cmdType CommandType, subScan SubScanType, requestedScans ...SubScanType) bool

IsScanRequested returns true if the scan is requested, otherwise false. If requestedScans is empty, all scans are considered requested.

func Md5Hash added in v1.8.0

func Md5Hash(values ...string) (string, error)

func MergeMaps added in v1.5.0

func MergeMaps(maps ...map[string]string) map[string]string

Merge multiple maps into one, the last map will override the previous ones

func NewBoolPtr added in v1.12.0

func NewBoolPtr(v bool) *bool

func NewFloat64Ptr added in v1.12.0

func NewFloat64Ptr(v float64) *float64

func NewInt64Ptr added in v1.12.0

func NewInt64Ptr(v int64) *int64

func NewIntPtr added in v1.12.0

func NewIntPtr(v int) *int

func NewStrPtr added in v1.14.0

func NewStrPtr(v string) *string

func NewStringPtr added in v1.13.7

func NewStringPtr(v string) *string

func Sha1Hash added in v1.8.0

func Sha1Hash(values ...string) (string, error)

func ToCommandEnvVars added in v1.5.0

func ToCommandEnvVars(envVarsMap map[string]string) (converted []string)

map[string]string to []string (key=value format)

func ToEnvVarsMap added in v1.5.0

func ToEnvVarsMap(envVars []string) (converted map[string]string)

[]string (key=value format) to map[string]string

func UniqueIntersection added in v1.12.0

func UniqueIntersection[T comparable](arr []T, others ...T) []T

UniqueIntersection returns a new slice of strings that contains elements from both input slices without duplicates

func UniqueUnion added in v1.12.0

func UniqueUnion[T comparable](arr []T, elements ...T) []T

UniqueUnion returns a new slice of strings that contains elements from the input slice and the elements provided without duplicates

Types

type AuditBasicParams

type AuditBasicParams struct {
	// contains filtered or unexported fields
}

func (*AuditBasicParams) AllowPartialResults added in v1.11.4

func (abp *AuditBasicParams) AllowPartialResults() bool

func (*AuditBasicParams) AppendDependenciesForApplicabilityScan

func (abp *AuditBasicParams) AppendDependenciesForApplicabilityScan(directDependencies []string) *AuditBasicParams

func (*AuditBasicParams) Args

func (abp *AuditBasicParams) Args() []string

func (*AuditBasicParams) DepsRepo

func (abp *AuditBasicParams) DepsRepo() string

func (*AuditBasicParams) DirectDependencies

func (abp *AuditBasicParams) DirectDependencies() *[]string

func (*AuditBasicParams) ExcludeTestDependencies

func (abp *AuditBasicParams) ExcludeTestDependencies() bool

func (*AuditBasicParams) Exclusions added in v1.0.4

func (abp *AuditBasicParams) Exclusions() []string

func (*AuditBasicParams) GetXrayVersion added in v1.13.2

func (abp *AuditBasicParams) GetXrayVersion() string

func (*AuditBasicParams) GetXscVersion added in v1.13.2

func (abp *AuditBasicParams) GetXscVersion() string

func (*AuditBasicParams) IgnoreConfigFile

func (abp *AuditBasicParams) IgnoreConfigFile() bool

func (*AuditBasicParams) InsecureTls

func (abp *AuditBasicParams) InsecureTls() bool

func (*AuditBasicParams) InstallCommandArgs

func (abp *AuditBasicParams) InstallCommandArgs() []string

func (*AuditBasicParams) InstallCommandName

func (abp *AuditBasicParams) InstallCommandName() string

func (*AuditBasicParams) IsCurationCmd added in v1.0.2

func (abp *AuditBasicParams) IsCurationCmd() bool

func (*AuditBasicParams) IsMavenDepTreeInstalled

func (abp *AuditBasicParams) IsMavenDepTreeInstalled() bool

func (*AuditBasicParams) IsRecursiveScan added in v1.0.4

func (abp *AuditBasicParams) IsRecursiveScan() bool

func (*AuditBasicParams) MaxTreeDepth added in v1.13.5

func (abp *AuditBasicParams) MaxTreeDepth() string

func (*AuditBasicParams) OutputFormat

func (abp *AuditBasicParams) OutputFormat() format.OutputFormat

func (*AuditBasicParams) PipRequirementsFile

func (abp *AuditBasicParams) PipRequirementsFile() string

func (*AuditBasicParams) Progress

func (abp *AuditBasicParams) Progress() ioUtils.ProgressMgr

func (*AuditBasicParams) ScansToPerform added in v1.4.0

func (abp *AuditBasicParams) ScansToPerform() []SubScanType

func (*AuditBasicParams) ServerDetails

func (abp *AuditBasicParams) ServerDetails() (*config.ServerDetails, error)

func (*AuditBasicParams) SetAllowPartialResults added in v1.11.4

func (abp *AuditBasicParams) SetAllowPartialResults(allowPartialResults bool) *AuditBasicParams

func (*AuditBasicParams) SetConanProfile added in v1.6.5

func (abp *AuditBasicParams) SetConanProfile(file string) *AuditBasicParams

func (*AuditBasicParams) SetDepsRepo

func (abp *AuditBasicParams) SetDepsRepo(depsRepo string) *AuditBasicParams

func (*AuditBasicParams) SetExcludeTestDependencies

func (abp *AuditBasicParams) SetExcludeTestDependencies(excludeTestDependencies bool) *AuditBasicParams

func (*AuditBasicParams) SetExclusions added in v1.0.4

func (abp *AuditBasicParams) SetExclusions(exclusions []string) *AuditBasicParams

func (*AuditBasicParams) SetIgnoreConfigFile

func (abp *AuditBasicParams) SetIgnoreConfigFile(ignoreConfigFile bool) *AuditBasicParams

func (*AuditBasicParams) SetInsecureTls

func (abp *AuditBasicParams) SetInsecureTls(insecureTls bool) *AuditBasicParams

func (*AuditBasicParams) SetInstallCommandArgs

func (abp *AuditBasicParams) SetInstallCommandArgs(installCommandArgs []string) *AuditBasicParams

func (*AuditBasicParams) SetInstallCommandName

func (abp *AuditBasicParams) SetInstallCommandName(installCommandName string) *AuditBasicParams

func (*AuditBasicParams) SetIsCurationCmd added in v1.0.2

func (abp *AuditBasicParams) SetIsCurationCmd(isCurationCmd bool) *AuditBasicParams

func (*AuditBasicParams) SetIsMavenDepTreeInstalled

func (abp *AuditBasicParams) SetIsMavenDepTreeInstalled(isMavenDepTreeInstalled bool) *AuditBasicParams

func (*AuditBasicParams) SetIsRecursiveScan added in v1.0.4

func (abp *AuditBasicParams) SetIsRecursiveScan(isRecursiveScan bool) *AuditBasicParams

func (*AuditBasicParams) SetMaxTreeDepth added in v1.13.5

func (abp *AuditBasicParams) SetMaxTreeDepth(maxTreeDepth string) *AuditBasicParams

func (*AuditBasicParams) SetNpmScope

func (abp *AuditBasicParams) SetNpmScope(depType string) *AuditBasicParams

func (*AuditBasicParams) SetOutputFormat

func (abp *AuditBasicParams) SetOutputFormat(format format.OutputFormat) *AuditBasicParams

func (*AuditBasicParams) SetPipRequirementsFile

func (abp *AuditBasicParams) SetPipRequirementsFile(requirementsFile string) *AuditBasicParams

func (*AuditBasicParams) SetProgress

func (abp *AuditBasicParams) SetProgress(progress ioUtils.ProgressMgr)

func (*AuditBasicParams) SetScansToPerform added in v1.4.0

func (abp *AuditBasicParams) SetScansToPerform(scansToPerform []SubScanType) *AuditBasicParams

func (*AuditBasicParams) SetServerDetails

func (abp *AuditBasicParams) SetServerDetails(serverDetails *config.ServerDetails) *AuditBasicParams

func (*AuditBasicParams) SetSkipAutoInstall added in v1.11.2

func (abp *AuditBasicParams) SetSkipAutoInstall(skipAutoInstall bool) *AuditBasicParams

func (*AuditBasicParams) SetTechnologies

func (abp *AuditBasicParams) SetTechnologies(technologies []string) *AuditBasicParams

func (*AuditBasicParams) SetUseJas added in v1.4.0

func (abp *AuditBasicParams) SetUseJas(useJas bool) *AuditBasicParams

func (*AuditBasicParams) SetUseWrapper

func (abp *AuditBasicParams) SetUseWrapper(useWrapper bool) *AuditBasicParams

func (*AuditBasicParams) SetXrayVersion added in v1.13.2

func (abp *AuditBasicParams) SetXrayVersion(xrayVersion string) *AuditBasicParams

func (*AuditBasicParams) SetXscVersion added in v1.13.2

func (abp *AuditBasicParams) SetXscVersion(xscVersion string) *AuditBasicParams

func (*AuditBasicParams) SkipAutoInstall added in v1.11.2

func (abp *AuditBasicParams) SkipAutoInstall() bool

func (*AuditBasicParams) Technologies

func (abp *AuditBasicParams) Technologies() []string

func (*AuditBasicParams) UseJas added in v1.4.0

func (abp *AuditBasicParams) UseJas() bool

func (*AuditBasicParams) UseWrapper

func (abp *AuditBasicParams) UseWrapper() bool

type AuditNpmParams

type AuditNpmParams struct {
	AuditParams
	// contains filtered or unexported fields
}

func (AuditNpmParams) NpmIgnoreNodeModules

func (anp AuditNpmParams) NpmIgnoreNodeModules() bool

func (AuditNpmParams) NpmOverwritePackageLock

func (anp AuditNpmParams) NpmOverwritePackageLock() bool

func (AuditNpmParams) SetNpmIgnoreNodeModules

func (anp AuditNpmParams) SetNpmIgnoreNodeModules(ignoreNpmNodeModules bool) AuditNpmParams

func (AuditNpmParams) SetNpmOverwritePackageLock

func (anp AuditNpmParams) SetNpmOverwritePackageLock(overwritePackageLock bool) AuditNpmParams

type AuditParams

type AuditParams interface {
	DirectDependencies() *[]string
	AppendDependenciesForApplicabilityScan(directDependencies []string) *AuditBasicParams
	ServerDetails() (*config.ServerDetails, error)
	SetServerDetails(serverDetails *config.ServerDetails) *AuditBasicParams
	PipRequirementsFile() string
	SetPipRequirementsFile(requirementsFile string) *AuditBasicParams
	ExcludeTestDependencies() bool
	SetExcludeTestDependencies(excludeTestDependencies bool) *AuditBasicParams
	UseWrapper() bool
	SetUseWrapper(useWrapper bool) *AuditBasicParams
	InsecureTls() bool
	SetInsecureTls(insecureTls bool) *AuditBasicParams
	Technologies() []string
	SetTechnologies(technologies []string) *AuditBasicParams
	Progress() ioUtils.ProgressMgr
	SetProgress(progress ioUtils.ProgressMgr)
	Args() []string
	InstallCommandName() string
	InstallCommandArgs() []string
	SetNpmScope(depType string) *AuditBasicParams
	SetMaxTreeDepth(maxTreeDepth string) *AuditBasicParams
	MaxTreeDepth() string
	OutputFormat() format.OutputFormat
	DepsRepo() string
	SetDepsRepo(depsRepo string) *AuditBasicParams
	IgnoreConfigFile() bool
	SetIgnoreConfigFile(ignoreConfigFile bool) *AuditBasicParams
	IsMavenDepTreeInstalled() bool
	SetIsMavenDepTreeInstalled(isMavenDepTreeInstalled bool) *AuditBasicParams
	IsCurationCmd() bool
	SetIsCurationCmd(bool) *AuditBasicParams
	SetExclusions(exclusions []string) *AuditBasicParams
	Exclusions() []string
	SetIsRecursiveScan(isRecursiveScan bool) *AuditBasicParams
	IsRecursiveScan() bool
	SkipAutoInstall() bool
	AllowPartialResults() bool
	GetXrayVersion() string
}

type CommandType added in v1.8.0

type CommandType string
const (
	SourceCode  CommandType = "source_code"
	Binary      CommandType = "binary"
	DockerImage CommandType = "docker_image"
	Build       CommandType = "build"
	Curation    CommandType = "curation"
	SBOM        CommandType = "SBOM"
)

func (CommandType) IsTargetBinary added in v1.8.0

func (s CommandType) IsTargetBinary() bool

type SecurityParallelRunner added in v1.4.0

type SecurityParallelRunner struct {
	Runner        parallel.Runner
	ResultsMu     sync.Mutex
	ScaScansWg    sync.WaitGroup // Verify that the sca scan routines are done before running contextual scan
	JasScannersWg sync.WaitGroup // Verify that all scanners routines are done before cleaning temp dir
	JasWg         sync.WaitGroup // Verify that downloading analyzer manager and running all scanners are done
}

func CreateSecurityParallelRunner added in v1.4.0

func CreateSecurityParallelRunner(numOfParallelScans int) *SecurityParallelRunner

func NewSecurityParallelRunner added in v1.4.0

func NewSecurityParallelRunner(numOfParallelScans int) SecurityParallelRunner

type SubScanType added in v1.4.0

type SubScanType string

func GetAllSupportedScans added in v1.4.0

func GetAllSupportedScans() []SubScanType

func (SubScanType) String added in v1.4.0

func (s SubScanType) String() string

type ViolationIssueType added in v1.7.2

type ViolationIssueType string

func (ViolationIssueType) String added in v1.7.2

func (v ViolationIssueType) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL