formats

package
v1.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 22, 2024 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ConvertToIacOrSastTableRow

func ConvertToIacOrSastTableRow(rows []SourceCodeRow) (tableRows []iacOrSastTableRow)

func ConvertToLicenseScanTableRow

func ConvertToLicenseScanTableRow(rows []LicenseRow) (tableRows []licenseScanTableRow)

func ConvertToLicenseTableRow

func ConvertToLicenseTableRow(rows []LicenseRow) (tableRows []licenseTableRow)

func ConvertToLicenseViolationScanTableRow

func ConvertToLicenseViolationScanTableRow(rows []LicenseRow) (tableRows []licenseViolationScanTableRow)

func ConvertToLicenseViolationTableRow

func ConvertToLicenseViolationTableRow(rows []LicenseRow) (tableRows []licenseViolationTableRow)

func ConvertToOperationalRiskViolationScanTableRow

func ConvertToOperationalRiskViolationScanTableRow(rows []OperationalRiskViolationRow) (tableRows []operationalRiskViolationScanTableRow)

func ConvertToOperationalRiskViolationTableRow

func ConvertToOperationalRiskViolationTableRow(rows []OperationalRiskViolationRow) (tableRows []operationalRiskViolationTableRow)

func ConvertToSecretsTableRow

func ConvertToSecretsTableRow(rows []SourceCodeRow) (tableRows []secretsTableRow)

func ConvertToVulnerabilityScanTableRow

func ConvertToVulnerabilityScanTableRow(rows []VulnerabilityOrViolationRow) (tableRows []vulnerabilityScanTableRow)

func ConvertToVulnerabilityTableRow

func ConvertToVulnerabilityTableRow(rows []VulnerabilityOrViolationRow) (tableRows []vulnerabilityTableRow)

Types

type Applicability

type Applicability struct {
	Status             string     `json:"status"`
	ScannerDescription string     `json:"scannerDescription,omitempty"`
	UndeterminedReason string     `json:"undeterminedReason,omitempty"`
	Evidence           []Evidence `json:"evidence,omitempty"`
}

type BlockedPackages added in v1.7.2

type BlockedPackages struct {
	Policy    string         `json:"policy,omitempty"`
	Condition string         `json:"condition,omitempty"`
	Packages  map[string]int `json:"packages"`
}

type Bom added in v1.6.0

type Bom struct {
	Vulnerabilities struct {
		Vulnerability []struct {
			BomRef string `xml:"bom-ref,attr"`
			Id     string `xml:"id"`
		} `xml:"vulnerability"`
	} `xml:"vulnerabilities"`
}

type ComponentRow

type ComponentRow struct {
	Name    string `json:"name"`
	Version string `json:"version"`
}

type CuratedPackages added in v1.6.3

type CuratedPackages struct {
	Blocked      []BlockedPackages `json:"blocked,omitempty"`
	PackageCount int               `json:"num_packages,omitempty"`
}

func (*CuratedPackages) GetApprovedCount added in v1.7.2

func (cp *CuratedPackages) GetApprovedCount() int

func (*CuratedPackages) GetBlockedCount added in v1.7.2

func (cp *CuratedPackages) GetBlockedCount() int

type CveRow

type CveRow struct {
	Id            string         `json:"id"`
	CvssV2        string         `json:"cvssV2"`
	CvssV3        string         `json:"cvssV3"`
	Applicability *Applicability `json:"applicability,omitempty"`
}

type EnrichJson added in v1.6.0

type EnrichJson struct {
	Vulnerability []struct {
		BomRef string `json:"bom-ref,"`
		Id     string `json:"id"`
	} `json:"vulnerabilities"`
}

type Evidence

type Evidence struct {
	Location
	Reason string `json:"reason,omitempty"`
}

type ImpactedDependencyDetails

type ImpactedDependencyDetails struct {
	SeverityDetails
	ImpactedDependencyName    string         `json:"impactedPackageName"`
	ImpactedDependencyVersion string         `json:"impactedPackageVersion"`
	ImpactedDependencyType    string         `json:"impactedPackageType"`
	Components                []ComponentRow `json:"components"`
}

type JfrogResearchInformation

type JfrogResearchInformation struct {
	SeverityDetails
	Summary         string                        `json:"summary,omitempty"`
	Details         string                        `json:"details,omitempty"`
	SeverityReasons []JfrogResearchSeverityReason `json:"severityReasons,omitempty"`
	Remediation     string                        `json:"remediation,omitempty"`
}

type JfrogResearchSeverityReason

type JfrogResearchSeverityReason struct {
	Name        string `json:"name,omitempty"`
	Description string `json:"description,omitempty"`
	IsPositive  bool   `json:"isPositive,omitempty"`
}

type LicenseRow

type LicenseRow struct {
	ImpactedDependencyDetails
	LicenseKey  string           `json:"licenseKey"`
	ImpactPaths [][]ComponentRow `json:"impactPaths"`
}

type Location

type Location struct {
	File        string `json:"file"`
	StartLine   int    `json:"startLine,omitempty"`
	StartColumn int    `json:"startColumn,omitempty"`
	EndLine     int    `json:"endLine,omitempty"`
	EndColumn   int    `json:"endColumn,omitempty"`
	Snippet     string `json:"snippet,omitempty"`
}

type OperationalRiskViolationRow

type OperationalRiskViolationRow struct {
	ImpactedDependencyDetails
	RiskReason    string `json:"riskReason"`
	IsEol         string `json:"isEndOfLife"`
	EolMessage    string `json:"endOfLifeMessage"`
	Cadence       string `json:"cadence"`
	Commits       string `json:"commits"`
	Committers    string `json:"committers"`
	NewerVersions string `json:"newerVersions"`
	LatestVersion string `json:"latestVersion"`
}

type ResultSummary added in v1.7.2

type ResultSummary map[string]map[string]int

Severity -> status -> Count

func MergeResultSummaries added in v1.7.2

func MergeResultSummaries(summaries ...ResultSummary) (merged ResultSummary)

func (ResultSummary) GetTotal added in v1.7.2

func (rs ResultSummary) GetTotal(filterSeverities ...string) (total int)

type ResultsSummary added in v1.7.2

type ResultsSummary struct {
	Scans []ScanSummary `json:"scans"`
}

func (*ResultsSummary) GetTotalViolations added in v1.7.2

func (rs *ResultsSummary) GetTotalViolations(filterTypes ...SummaryResultType) (total int)

func (*ResultsSummary) GetTotalVulnerabilities added in v1.7.2

func (rs *ResultsSummary) GetTotalVulnerabilities(filterTypes ...SummaryResultType) (total int)

func (*ResultsSummary) HasViolations added in v1.7.2

func (rs *ResultsSummary) HasViolations() bool

type ScaScanResultSummary added in v1.7.2

type ScaScanResultSummary struct {
	ScanIds         []string      `json:"scan_ids,omitempty"`
	MoreInfoUrls    []string      `json:"more_info_urls,omitempty"`
	Security        ResultSummary `json:"security,omitempty"`
	License         ResultSummary `json:"license,omitempty"`
	OperationalRisk ResultSummary `json:"operational_risk,omitempty"`
}

type ScanResultSummary added in v1.7.2

type ScanResultSummary struct {
	ScaResults     *ScaScanResultSummary `json:"sca,omitempty"`
	IacResults     *ResultSummary        `json:"iac,omitempty"`
	SecretsResults *ResultSummary        `json:"secrets,omitempty"`
	SastResults    *ResultSummary        `json:"sast,omitempty"`
}

func GetVulnerabilitiesSummaries added in v1.7.2

func GetVulnerabilitiesSummaries(summaries ...ResultsSummary) *ScanResultSummary

func (*ScanResultSummary) GetMoreInfoUrls added in v1.7.2

func (srs *ScanResultSummary) GetMoreInfoUrls() (urls []string)

func (*ScanResultSummary) GetScanIds added in v1.7.2

func (srs *ScanResultSummary) GetScanIds() (scanIds []string)

func (*ScanResultSummary) GetSummaryBySeverity added in v1.7.2

func (ss *ScanResultSummary) GetSummaryBySeverity() (summary ResultSummary)

Returns a ResultSummary with the counts described in the summary Severity -> status -> Count

func (*ScanResultSummary) GetTotal added in v1.7.2

func (srs *ScanResultSummary) GetTotal(filterTypes ...SummaryResultType) (total int)

func (*ScanResultSummary) HasIssues added in v1.7.2

func (srs *ScanResultSummary) HasIssues() bool

type ScanSummary added in v1.7.2

type ScanSummary struct {
	Target          string                 `json:"target"`
	Vulnerabilities *ScanResultSummary     `json:"vulnerabilities,omitempty"`
	Violations      *ScanViolationsSummary `json:"violations,omitempty"`
	CuratedPackages *CuratedPackages       `json:"curated,omitempty"`
}

func (*ScanSummary) GetScanIds added in v1.7.2

func (sc *ScanSummary) GetScanIds() (scanIds []string)

func (*ScanSummary) HasBlockedPackages added in v1.7.2

func (sc *ScanSummary) HasBlockedPackages() bool

func (*ScanSummary) HasCuratedPackages added in v1.7.2

func (sc *ScanSummary) HasCuratedPackages() bool

func (*ScanSummary) HasViolations added in v1.7.2

func (sc *ScanSummary) HasViolations() bool

func (*ScanSummary) HasVulnerabilities added in v1.7.2

func (sc *ScanSummary) HasVulnerabilities() bool

type ScanViolationsSummary added in v1.7.2

type ScanViolationsSummary struct {
	Watches   []string `json:"watches,omitempty"`
	FailBuild bool     `json:"fail_build,omitempty"`
	ScanResultSummary
}

func GetViolationSummaries added in v1.7.2

func GetViolationSummaries(summaries ...ResultsSummary) *ScanViolationsSummary

type SeverityDetails

type SeverityDetails struct {
	Severity         string `json:"severity"`
	SeverityNumValue int    `json:"-"` // For sorting
}

type SimpleJsonError

type SimpleJsonError struct {
	FilePath     string `json:"filePath"`
	ErrorMessage string `json:"errorMessage"`
}

type SimpleJsonResults

type SimpleJsonResults struct {
	Vulnerabilities           []VulnerabilityOrViolationRow `json:"vulnerabilities"`
	SecurityViolations        []VulnerabilityOrViolationRow `json:"securityViolations"`
	LicensesViolations        []LicenseRow                  `json:"licensesViolations"`
	Licenses                  []LicenseRow                  `json:"licenses"`
	OperationalRiskViolations []OperationalRiskViolationRow `json:"operationalRiskViolations"`
	Secrets                   []SourceCodeRow               `json:"secrets"`
	Iacs                      []SourceCodeRow               `json:"iacViolations"`
	Sast                      []SourceCodeRow               `json:"sastViolations"`
	Errors                    []SimpleJsonError             `json:"errors"`
	MultiScanId               string                        `json:"multiScanId,omitempty"`
}

This struct holds the sorted results of the simple-json output.

type SourceCodeRow

type SourceCodeRow struct {
	SeverityDetails
	Location
	Finding            string         `json:"finding,omitempty"`
	Fingerprint        string         `json:"fingerprint,omitempty"`
	Applicability      *Applicability `json:"applicability,omitempty"`
	ScannerDescription string         `json:"scannerDescription,omitempty"`
	CodeFlow           [][]Location   `json:"codeFlow,omitempty"`
}

type SummaryResultType added in v1.7.2

type SummaryResultType string
const (
	IacResult            SummaryResultType = "IAC"
	SecretsResult        SummaryResultType = "Secrets"
	SastResult           SummaryResultType = "SAST"
	ScaResult            SummaryResultType = "SCA"
	ScaSecurityResult    SummaryResultType = "Security"
	ScaLicenseResult     SummaryResultType = "License"
	ScaOperationalResult SummaryResultType = "Operational"

	NoStatus = ""
)

func (SummaryResultType) String added in v1.7.2

func (srt SummaryResultType) String() string

type Vulnerabilities added in v1.6.0

type Vulnerabilities struct {
	Vulnerabilities XMLVulnerability `xml:"vulnerabilities"`
}

type Vulnerability added in v1.6.0

type Vulnerability struct {
	BomRef string `json:"bom-ref" xml:"bom-ref,attr"`
	ID     string `json:"id" xml:"id"`
}

type VulnerabilityOrViolationRow

type VulnerabilityOrViolationRow struct {
	ImpactedDependencyDetails
	Summary                  string                    `json:"summary"`
	Applicable               string                    `json:"applicable"`
	FixedVersions            []string                  `json:"fixedVersions"`
	Cves                     []CveRow                  `json:"cves"`
	IssueId                  string                    `json:"issueId"`
	References               []string                  `json:"references"`
	ImpactPaths              [][]ComponentRow          `json:"impactPaths"`
	JfrogResearchInformation *JfrogResearchInformation `json:"jfrogResearchInformation"`
	Technology               techutils.Technology      `json:"-"`
}

Used for vulnerabilities and security violations

type XMLVulnerability added in v1.6.0

type XMLVulnerability struct {
	Vulnerability []Vulnerability `xml:"vulnerability"`
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL