Documentation ¶
Index ¶
- Constants
- Variables
- func CheckIfFailBuild(results []services.ScanResponse) bool
- func CombineSarifOutputFiles(dataFilePaths []string) (data []byte, err error)
- func ConvertXrayScanToSimpleJson(results *Results, isMultipleRoots, includeLicenses, simplifiedOutput bool, ...) (formats.SimpleJsonResults, error)
- func CreateRestsMockServer(testHandler restsTestHandler) *httptest.Server
- func CreateXrayRestsMockServer(testHandler restsTestHandler) (*httptest.Server, *config.ServerDetails)
- func CreateXscRestsMockServer(t *testing.T, testHandler restsTestHandler) (*httptest.Server, *config.ServerDetails, ...)
- func DumpContentToFile(fileContent []byte, scanResultsOutputDir string, scanType string) (err error)
- func GenerateSarifReportFromResults(results *Results, isMultipleRoots, includeLicenses bool, ...) (report *sarif.Report, err error)
- func GenerateSecuritySectionMarkdown(curationData []formats.ResultsSummary) (markdown string, err error)
- func GetCurationCacheFolder() (string, error)
- func GetCurationCacheFolderByTech(tech techutils.Technology) (projectDir string, err error)
- func GetCurationNugetCacheFolder() (string, error)
- func GetCurationPipCacheFolder() (string, error)
- func GetDependenciesGraph(projectDir string) (map[string][]string, error)
- func GetDependenciesList(projectDir string, errorFunc utils.HandleErrorFunc) (map[string]bool, error)
- func GetIssueIdentifier(cvesRow []formats.CveRow, issueId string) string
- func GetResultPropertyMetadata(result *sarif.Result) string
- func GetResultPropertyTokenValidation(result *sarif.Result) string
- func GetRuleUndeterminedReason(rule *sarif.ReportingDescriptor) string
- func GetScaScanFileName(r *Results) string
- func GetScanSummaryByTargets(r *Results, includeVulnerabilities, includeViolations bool, targets ...string) (summaries []formats.ScanSummary)
- func GetUniqueKey(vulnerableDependency, vulnerableVersion, xrayID string, fixVersionExist bool) string
- func GetViolatedLicenses(allowedLicenses []string, licenses []formats.LicenseRow) (violatedLicenses []formats.LicenseRow)
- func IsEmptyScanResponse(results []services.ScanResponse) bool
- func JSONMarshalNotEscaped(t interface{}) ([]byte, error)
- func Md5Hash(values ...string) (string, error)
- func MergeMaps(maps ...map[string]string) map[string]string
- func NewFailBuildError() error
- func NewSecurityJobSummary() (js *commandsummary.CommandSummary, err error)
- func PrepareIacs(iacs []*sarif.Run) []formats.SourceCodeRow
- func PrepareLicenses(licenses []services.License) ([]formats.LicenseRow, error)
- func PrepareSast(sasts []*sarif.Run) []formats.SourceCodeRow
- func PrepareSecrets(secrets []*sarif.Run) []formats.SourceCodeRow
- func PrepareViolations(violations []services.Violation, results *Results, ...) ([]formats.VulnerabilityOrViolationRow, []formats.LicenseRow, ...)
- func PrepareVulnerabilities(vulnerabilities []services.Vulnerability, results *Results, ...) ([]formats.VulnerabilityOrViolationRow, error)
- func PrintIacTable(iacs []*sarif.Run, entitledForIacScan bool) error
- func PrintJson(output interface{}) error
- func PrintLicensesTable(licenses []services.License, printExtended bool, scanType CommandType) error
- func PrintSarif(results *Results, isMultipleRoots, includeLicenses bool, ...) error
- func PrintSastTable(sast []*sarif.Run, entitledForSastScan bool) error
- func PrintSecretsTable(secrets []*sarif.Run, entitledForSecretsScan bool, tokenValidationEnabled bool) error
- func PrintViolationsTable(violations []services.Violation, results *Results, ...) error
- func PrintVulnerabilitiesTable(vulnerabilities []services.Vulnerability, results *Results, ...) error
- func RecordSarifOutput(cmdResults *Results, supportedScans []SubScanType) (err error)
- func RecordSecurityCommandSummary(content ScanCommandResultSummary) (err error)
- func Sha1Hash(values ...string) (string, error)
- func SplitComponentId(componentId string) (string, string, string)
- func SplitScanResults(results []*ScaScanResult) ([]services.Violation, []services.Vulnerability, []services.License)
- func ToCommandEnvVars(envVarsMap map[string]string) (converted []string)
- func ToEnvVarsMap(envVars []string) (converted map[string]string)
- func ToSummary(cmdResult *Results, includeVulnerabilities, includeViolations bool) (summary formats.ResultsSummary)
- func WriteSarifResultsAsString(report *sarif.Report, escape bool) (sarifStr string, err error)
- func XrayServer(t *testing.T, xrayVersion string) (*httptest.Server, *config.ServerDetails)
- func XscServer(t *testing.T, xscVersion string) (*httptest.Server, *config.ServerDetails)
- type AuditBasicParams
- func (abp *AuditBasicParams) AppendDependenciesForApplicabilityScan(directDependencies []string) *AuditBasicParams
- func (abp *AuditBasicParams) Args() []string
- func (abp *AuditBasicParams) DepsRepo() string
- func (abp *AuditBasicParams) DirectDependencies() *[]string
- func (abp *AuditBasicParams) ExcludeTestDependencies() bool
- func (abp *AuditBasicParams) Exclusions() []string
- func (abp *AuditBasicParams) IgnoreConfigFile() bool
- func (abp *AuditBasicParams) InsecureTls() bool
- func (abp *AuditBasicParams) InstallCommandArgs() []string
- func (abp *AuditBasicParams) InstallCommandName() string
- func (abp *AuditBasicParams) IsCurationCmd() bool
- func (abp *AuditBasicParams) IsMavenDepTreeInstalled() bool
- func (abp *AuditBasicParams) IsRecursiveScan() bool
- func (abp *AuditBasicParams) OutputFormat() format.OutputFormat
- func (abp *AuditBasicParams) PipRequirementsFile() string
- func (abp *AuditBasicParams) Progress() ioUtils.ProgressMgr
- func (abp *AuditBasicParams) ScansToPerform() []SubScanType
- func (abp *AuditBasicParams) ServerDetails() (*config.ServerDetails, error)
- func (abp *AuditBasicParams) SetConanProfile(file string) *AuditBasicParams
- func (abp *AuditBasicParams) SetDepsRepo(depsRepo string) *AuditBasicParams
- func (abp *AuditBasicParams) SetExcludeTestDependencies(excludeTestDependencies bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetExclusions(exclusions []string) *AuditBasicParams
- func (abp *AuditBasicParams) SetIgnoreConfigFile(ignoreConfigFile bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetInsecureTls(insecureTls bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetInstallCommandArgs(installCommandArgs []string) *AuditBasicParams
- func (abp *AuditBasicParams) SetInstallCommandName(installCommandName string) *AuditBasicParams
- func (abp *AuditBasicParams) SetIsCurationCmd(isCurationCmd bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetIsMavenDepTreeInstalled(isMavenDepTreeInstalled bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetIsRecursiveScan(isRecursiveScan bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetNpmScope(depType string) *AuditBasicParams
- func (abp *AuditBasicParams) SetOutputFormat(format format.OutputFormat) *AuditBasicParams
- func (abp *AuditBasicParams) SetPipRequirementsFile(requirementsFile string) *AuditBasicParams
- func (abp *AuditBasicParams) SetProgress(progress ioUtils.ProgressMgr)
- func (abp *AuditBasicParams) SetScansToPerform(scansToPerform []SubScanType) *AuditBasicParams
- func (abp *AuditBasicParams) SetServerDetails(serverDetails *config.ServerDetails) *AuditBasicParams
- func (abp *AuditBasicParams) SetSkipAutoInstall(skipAutoInstall bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetTechnologies(technologies []string) *AuditBasicParams
- func (abp *AuditBasicParams) SetUseJas(useJas bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetUseWrapper(useWrapper bool) *AuditBasicParams
- func (abp *AuditBasicParams) SkipAutoInstall() bool
- func (abp *AuditBasicParams) Technologies() []string
- func (abp *AuditBasicParams) UseJas() bool
- func (abp *AuditBasicParams) UseWrapper() bool
- type AuditNpmParams
- type AuditParams
- type CommandType
- type DynamicMarkdownGenerator
- type EmptyMarkdownGenerator
- type ExtendedScanResults
- type HtmlTag
- type ResultSummaryArgs
- type Results
- func (r *Results) CountScanResultsFindings(includeVulnerabilities, includeViolations bool) (total int)
- func (r *Results) GetScaScannedTechnologies() []techutils.Technology
- func (r *Results) GetScaScansXrayResults() (results []services.ScanResponse)
- func (r *Results) IsIssuesFound() bool
- func (r *Results) IsMultipleProject() bool
- func (r *Results) IsScaIssuesFound() bool
- type ResultsWriter
- func (rw *ResultsWriter) PrintScanResults() error
- func (rw *ResultsWriter) SetExtraMessages(messages []string) *ResultsWriter
- func (rw *ResultsWriter) SetHasViolationContext(hasViolationContext bool) *ResultsWriter
- func (rw *ResultsWriter) SetIncludeLicenses(licenses bool) *ResultsWriter
- func (rw *ResultsWriter) SetIncludeVulnerabilities(includeVulnerabilities bool) *ResultsWriter
- func (rw *ResultsWriter) SetIsMultipleRootProject(isMultipleRootProject bool) *ResultsWriter
- func (rw *ResultsWriter) SetOutputFormat(f format.OutputFormat) *ResultsWriter
- func (rw *ResultsWriter) SetPrintExtendedTable(extendedTable bool) *ResultsWriter
- func (rw *ResultsWriter) SetSimpleJsonError(jsonErrors []formats.SimpleJsonError) *ResultsWriter
- func (rw *ResultsWriter) SetSubScansPreformed(subScansPreformed []SubScanType) *ResultsWriter
- type ScaScanResult
- type ScanCommandResultSummary
- func NewAuditScanSummary(cmdResults *Results, serverDetails *config.ServerDetails, ...) (summary ScanCommandResultSummary)
- func NewBinaryScanSummary(cmdResults *Results, serverDetails *config.ServerDetails, ...) (summary ScanCommandResultSummary)
- func NewBuildScanSummary(cmdResults *Results, serverDetails *config.ServerDetails, ...) (summary ScanCommandResultSummary)
- func NewCurationSummary(cmdResult formats.ResultsSummary) (summary ScanCommandResultSummary)
- func NewDockerScanSummary(cmdResults *Results, serverDetails *config.ServerDetails, ...) (summary ScanCommandResultSummary)
- type SecurityJobSummary
- func (js *SecurityJobSummary) BinaryScan(filePaths []string) (generator DynamicMarkdownGenerator, err error)
- func (js *SecurityJobSummary) BuildScan(filePaths []string) (generator DynamicMarkdownGenerator, err error)
- func (js *SecurityJobSummary) DockerScan(filePaths []string) (generator DynamicMarkdownGenerator, err error)
- func (js *SecurityJobSummary) GenerateMarkdownFromFiles(dataFilePaths []string) (markdown string, err error)
- func (js *SecurityJobSummary) GetNonScannedResult() (generator EmptyMarkdownGenerator)
- type SecurityParallelRunner
- type SeverityDisplayStatus
- type SubScanType
- type ViolationIssueType
Constants ¶
const ( JfrogCurationDirName = "curation" CurationsDir = "JFROG_CLI_CURATION_DIR" // #nosec G101 -- Not credentials. CurationSupportFlag = "JFROG_CLI_CURATION" )
const ( BaseDocumentationURL = "https://docs.jfrog-applications.jfrog.io/jfrog-security-features/" CurrentWorkflowNameEnvVar = "GITHUB_WORKFLOW" CurrentWorkflowRunNumberEnvVar = "GITHUB_RUN_NUMBER" CurrentWorkflowWorkspaceEnvVar = "GITHUB_WORKSPACE" MissingCveScore = "0" )
const ( PreFormat HtmlTag = "<pre>%s</pre>" ImgTag HtmlTag = "<img alt=\"%s\" src=%s>" CenterContent HtmlTag = "<div style=\"display: flex; align-items: center; text-align: center\">%s</div>" BoldTxt HtmlTag = "<b>%s</b>" Link HtmlTag = "<a href=\"%s\">%s</a>" NewLine HtmlTag = "<br>%s" DetailsWithSummary HtmlTag = "<details><summary>%s</summary>%s</details>" DetailsOpenWithSummary HtmlTag = "<details open><summary><h3>%s</h3></summary>%s\n</details>" TabTag HtmlTag = "	%s" ApplicableStatusCount SeverityDisplayStatus = "%d Applicable" NotApplicableStatusCount SeverityDisplayStatus = "%d Not Applicable" )
const ( TestMsi = "27e175b8-e525-11ee-842b-7aa2c69b8f1f" TestScaScanId = "3d90ec4b-cf33-4846-6831-4bf9576f2235" TestMoreInfoUrl = "https://www.jfrog.com" TestConfigProfileName = "default-profile" )
const ( NodeModulesPattern = "**/*node_modules*/**" JfMsiEnvVariable = "JF_MSI" EntitlementsMinVersion = "3.66.5" )
const ( ContextualAnalysisScan SubScanType = "contextual_analysis" ScaScan SubScanType = "sca" IacScan SubScanType = "iac" SastScan SubScanType = "sast" SecretsScan SubScanType = "secrets" SecretTokenValidationScan SubScanType = "secrets_token_validation" ViolationTypeSecurity ViolationIssueType = "security" ViolationTypeLicense ViolationIssueType = "license" ViolationTypeOperationalRisk ViolationIssueType = "operational_risk" )
const (
NpmPackageTypeIdentifier = "npm://"
)
Variables ¶
var ( // Exclude pattern for files. DefaultJasExcludePatterns = []string{"**/.git/**", "**/*test*/**", "**/*venv*/**", NodeModulesPattern, "**/target/**"} // Exclude pattern for directories. DefaultScaExcludePatterns = []string{"*.git*", "*node_modules*", "*target*", "*venv*", "*test*"} )
var (
GithubBaseWorkflowDir = filepath.Join(".github", "workflows")
)
Functions ¶
func CheckIfFailBuild ¶
func CheckIfFailBuild(results []services.ScanResponse) bool
func CombineSarifOutputFiles ¶ added in v1.8.0
func CreateRestsMockServer ¶ added in v1.1.0
Create mock server to test REST APIs. testHandler - The HTTP handler of the test
func CreateXrayRestsMockServer ¶ added in v1.8.0
func CreateXrayRestsMockServer(testHandler restsTestHandler) (*httptest.Server, *config.ServerDetails)
func CreateXscRestsMockServer ¶ added in v1.1.0
func CreateXscRestsMockServer(t *testing.T, testHandler restsTestHandler) (*httptest.Server, *config.ServerDetails, artifactory.ArtifactoryServicesManager)
func DumpContentToFile ¶ added in v1.9.0
func GenerateSarifReportFromResults ¶ added in v1.8.0
func GenerateSecuritySectionMarkdown ¶ added in v1.7.2
func GenerateSecuritySectionMarkdown(curationData []formats.ResultsSummary) (markdown string, err error)
func GetCurationCacheFolder ¶ added in v1.0.4
func GetCurationCacheFolderByTech ¶ added in v1.3.0
func GetCurationCacheFolderByTech(tech techutils.Technology) (projectDir string, err error)
func GetCurationNugetCacheFolder ¶ added in v1.8.1
func GetCurationPipCacheFolder ¶ added in v1.1.0
func GetDependenciesGraph ¶ added in v1.3.0
func GetDependenciesList ¶ added in v1.3.0
func GetResultPropertyMetadata ¶ added in v1.10.0
func GetResultPropertyTokenValidation ¶ added in v1.10.0
func GetRuleUndeterminedReason ¶ added in v1.9.0
func GetRuleUndeterminedReason(rule *sarif.ReportingDescriptor) string
func GetScaScanFileName ¶ added in v1.6.0
func GetScanSummaryByTargets ¶ added in v1.7.2
func GetScanSummaryByTargets(r *Results, includeVulnerabilities, includeViolations bool, targets ...string) (summaries []formats.ScanSummary)
func GetUniqueKey ¶
func GetUniqueKey(vulnerableDependency, vulnerableVersion, xrayID string, fixVersionExist bool) string
GetUniqueKey returns a unique string key of format "vulnerableDependency:vulnerableVersion:xrayID:fixVersionExist"
func GetViolatedLicenses ¶
func GetViolatedLicenses(allowedLicenses []string, licenses []formats.LicenseRow) (violatedLicenses []formats.LicenseRow)
func IsEmptyScanResponse ¶
func IsEmptyScanResponse(results []services.ScanResponse) bool
func JSONMarshalNotEscaped ¶ added in v1.8.0
func MergeMaps ¶ added in v1.5.0
Merge multiple maps into one, the last map will override the previous ones
func NewFailBuildError ¶
func NewFailBuildError() error
func NewSecurityJobSummary ¶ added in v1.7.2
func NewSecurityJobSummary() (js *commandsummary.CommandSummary, err error)
Manage the job summary for security commands
func PrepareIacs ¶
func PrepareIacs(iacs []*sarif.Run) []formats.SourceCodeRow
Prepare iacs for all non-table formats (without style or emoji)
func PrepareLicenses ¶
func PrepareLicenses(licenses []services.License) ([]formats.LicenseRow, error)
func PrepareSast ¶
func PrepareSast(sasts []*sarif.Run) []formats.SourceCodeRow
func PrepareSecrets ¶
func PrepareSecrets(secrets []*sarif.Run) []formats.SourceCodeRow
Prepare secrets for all non-table formats (without style or emoji)
func PrepareViolations ¶
func PrepareViolations(violations []services.Violation, results *Results, multipleRoots, simplifiedOutput bool) ([]formats.VulnerabilityOrViolationRow, []formats.LicenseRow, []formats.OperationalRiskViolationRow, error)
Prepare violations for all non-table formats (without style or emoji)
func PrepareVulnerabilities ¶
func PrepareVulnerabilities(vulnerabilities []services.Vulnerability, results *Results, multipleRoots, simplifiedOutput bool) ([]formats.VulnerabilityOrViolationRow, error)
Prepare vulnerabilities for all non-table formats (without style or emoji)
func PrintLicensesTable ¶
func PrintLicensesTable(licenses []services.License, printExtended bool, scanType CommandType) error
PrintLicensesTable prints the licenses in a table. Set multipleRoots to true in case the given licenses array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.
func PrintSarif ¶
func PrintSarif(results *Results, isMultipleRoots, includeLicenses bool, subScans []SubScanType) error
func PrintSecretsTable ¶
func PrintViolationsTable ¶
func PrintViolationsTable(violations []services.Violation, results *Results, multipleRoots, printExtended bool) error
PrintViolationsTable prints the violations in 4 tables: security violations, license compliance violations, operational risk violations and ignore rule URLs. Set multipleRoots to true in case the given violations array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. In case one (or more) of the violations contains the field FailBuild set to true, CliError with exit code 3 will be returned. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.
func PrintVulnerabilitiesTable ¶
func PrintVulnerabilitiesTable(vulnerabilities []services.Vulnerability, results *Results, multipleRoots, printExtended bool, scanType CommandType) error
PrintVulnerabilitiesTable prints the vulnerabilities in a table. Set multipleRoots to true in case the given vulnerabilities array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.
func RecordSarifOutput ¶ added in v1.8.0
func RecordSarifOutput(cmdResults *Results, supportedScans []SubScanType) (err error)
func RecordSecurityCommandSummary ¶ added in v1.7.2
func RecordSecurityCommandSummary(content ScanCommandResultSummary) (err error)
Record the security command outputs
func SplitComponentId ¶
SplitComponentId splits a Xray component ID to the component name, version and package type. In case componentId doesn't contain a version, the returned version will be an empty string. In case componentId's format is invalid, it will be returned as the component name and empty strings will be returned instead of the version and the package type. Examples:
- componentId: "gav://antparent:ant:1.6.5" Returned values: Component name: "antparent:ant" Component version: "1.6.5" Package type: "Maven"
- componentId: "generic://sha256:244fd47e07d1004f0aed9c156aa09083c82bf8944eceb67c946ff7430510a77b/foo.jar" Returned values: Component name: "foo.jar" Component version: "" Package type: "Generic"
- componentId: "invalid-comp-id" Returned values: Component name: "invalid-comp-id" Component version: "" Package type: ""
func SplitScanResults ¶
func SplitScanResults(results []*ScaScanResult) ([]services.Violation, []services.Vulnerability, []services.License)
Splits scan responses into aggregated lists of violations, vulnerabilities and licenses.
func ToCommandEnvVars ¶ added in v1.5.0
map[string]string to []string (key=value format)
func ToEnvVarsMap ¶ added in v1.5.0
[]string (key=value format) to map[string]string
func ToSummary ¶ added in v1.7.2
func ToSummary(cmdResult *Results, includeVulnerabilities, includeViolations bool) (summary formats.ResultsSummary)
func WriteSarifResultsAsString ¶ added in v1.8.0
func XrayServer ¶ added in v1.8.0
Types ¶
type AuditBasicParams ¶
type AuditBasicParams struct {
// contains filtered or unexported fields
}
func (*AuditBasicParams) AppendDependenciesForApplicabilityScan ¶
func (abp *AuditBasicParams) AppendDependenciesForApplicabilityScan(directDependencies []string) *AuditBasicParams
func (*AuditBasicParams) Args ¶
func (abp *AuditBasicParams) Args() []string
func (*AuditBasicParams) DepsRepo ¶
func (abp *AuditBasicParams) DepsRepo() string
func (*AuditBasicParams) DirectDependencies ¶
func (abp *AuditBasicParams) DirectDependencies() *[]string
func (*AuditBasicParams) ExcludeTestDependencies ¶
func (abp *AuditBasicParams) ExcludeTestDependencies() bool
func (*AuditBasicParams) Exclusions ¶ added in v1.0.4
func (abp *AuditBasicParams) Exclusions() []string
func (*AuditBasicParams) IgnoreConfigFile ¶
func (abp *AuditBasicParams) IgnoreConfigFile() bool
func (*AuditBasicParams) InsecureTls ¶
func (abp *AuditBasicParams) InsecureTls() bool
func (*AuditBasicParams) InstallCommandArgs ¶
func (abp *AuditBasicParams) InstallCommandArgs() []string
func (*AuditBasicParams) InstallCommandName ¶
func (abp *AuditBasicParams) InstallCommandName() string
func (*AuditBasicParams) IsCurationCmd ¶ added in v1.0.2
func (abp *AuditBasicParams) IsCurationCmd() bool
func (*AuditBasicParams) IsMavenDepTreeInstalled ¶
func (abp *AuditBasicParams) IsMavenDepTreeInstalled() bool
func (*AuditBasicParams) IsRecursiveScan ¶ added in v1.0.4
func (abp *AuditBasicParams) IsRecursiveScan() bool
func (*AuditBasicParams) OutputFormat ¶
func (abp *AuditBasicParams) OutputFormat() format.OutputFormat
func (*AuditBasicParams) PipRequirementsFile ¶
func (abp *AuditBasicParams) PipRequirementsFile() string
func (*AuditBasicParams) Progress ¶
func (abp *AuditBasicParams) Progress() ioUtils.ProgressMgr
func (*AuditBasicParams) ScansToPerform ¶ added in v1.4.0
func (abp *AuditBasicParams) ScansToPerform() []SubScanType
func (*AuditBasicParams) ServerDetails ¶
func (abp *AuditBasicParams) ServerDetails() (*config.ServerDetails, error)
func (*AuditBasicParams) SetConanProfile ¶ added in v1.6.5
func (abp *AuditBasicParams) SetConanProfile(file string) *AuditBasicParams
func (*AuditBasicParams) SetDepsRepo ¶
func (abp *AuditBasicParams) SetDepsRepo(depsRepo string) *AuditBasicParams
func (*AuditBasicParams) SetExcludeTestDependencies ¶
func (abp *AuditBasicParams) SetExcludeTestDependencies(excludeTestDependencies bool) *AuditBasicParams
func (*AuditBasicParams) SetExclusions ¶ added in v1.0.4
func (abp *AuditBasicParams) SetExclusions(exclusions []string) *AuditBasicParams
func (*AuditBasicParams) SetIgnoreConfigFile ¶
func (abp *AuditBasicParams) SetIgnoreConfigFile(ignoreConfigFile bool) *AuditBasicParams
func (*AuditBasicParams) SetInsecureTls ¶
func (abp *AuditBasicParams) SetInsecureTls(insecureTls bool) *AuditBasicParams
func (*AuditBasicParams) SetInstallCommandArgs ¶
func (abp *AuditBasicParams) SetInstallCommandArgs(installCommandArgs []string) *AuditBasicParams
func (*AuditBasicParams) SetInstallCommandName ¶
func (abp *AuditBasicParams) SetInstallCommandName(installCommandName string) *AuditBasicParams
func (*AuditBasicParams) SetIsCurationCmd ¶ added in v1.0.2
func (abp *AuditBasicParams) SetIsCurationCmd(isCurationCmd bool) *AuditBasicParams
func (*AuditBasicParams) SetIsMavenDepTreeInstalled ¶
func (abp *AuditBasicParams) SetIsMavenDepTreeInstalled(isMavenDepTreeInstalled bool) *AuditBasicParams
func (*AuditBasicParams) SetIsRecursiveScan ¶ added in v1.0.4
func (abp *AuditBasicParams) SetIsRecursiveScan(isRecursiveScan bool) *AuditBasicParams
func (*AuditBasicParams) SetNpmScope ¶
func (abp *AuditBasicParams) SetNpmScope(depType string) *AuditBasicParams
func (*AuditBasicParams) SetOutputFormat ¶
func (abp *AuditBasicParams) SetOutputFormat(format format.OutputFormat) *AuditBasicParams
func (*AuditBasicParams) SetPipRequirementsFile ¶
func (abp *AuditBasicParams) SetPipRequirementsFile(requirementsFile string) *AuditBasicParams
func (*AuditBasicParams) SetProgress ¶
func (abp *AuditBasicParams) SetProgress(progress ioUtils.ProgressMgr)
func (*AuditBasicParams) SetScansToPerform ¶ added in v1.4.0
func (abp *AuditBasicParams) SetScansToPerform(scansToPerform []SubScanType) *AuditBasicParams
func (*AuditBasicParams) SetServerDetails ¶
func (abp *AuditBasicParams) SetServerDetails(serverDetails *config.ServerDetails) *AuditBasicParams
func (*AuditBasicParams) SetSkipAutoInstall ¶ added in v1.11.2
func (abp *AuditBasicParams) SetSkipAutoInstall(skipAutoInstall bool) *AuditBasicParams
func (*AuditBasicParams) SetTechnologies ¶
func (abp *AuditBasicParams) SetTechnologies(technologies []string) *AuditBasicParams
func (*AuditBasicParams) SetUseJas ¶ added in v1.4.0
func (abp *AuditBasicParams) SetUseJas(useJas bool) *AuditBasicParams
func (*AuditBasicParams) SetUseWrapper ¶
func (abp *AuditBasicParams) SetUseWrapper(useWrapper bool) *AuditBasicParams
func (*AuditBasicParams) SkipAutoInstall ¶ added in v1.11.2
func (abp *AuditBasicParams) SkipAutoInstall() bool
func (*AuditBasicParams) Technologies ¶
func (abp *AuditBasicParams) Technologies() []string
func (*AuditBasicParams) UseJas ¶ added in v1.4.0
func (abp *AuditBasicParams) UseJas() bool
func (*AuditBasicParams) UseWrapper ¶
func (abp *AuditBasicParams) UseWrapper() bool
type AuditNpmParams ¶
type AuditNpmParams struct { AuditParams // contains filtered or unexported fields }
func (AuditNpmParams) NpmIgnoreNodeModules ¶
func (anp AuditNpmParams) NpmIgnoreNodeModules() bool
func (AuditNpmParams) NpmOverwritePackageLock ¶
func (anp AuditNpmParams) NpmOverwritePackageLock() bool
func (AuditNpmParams) SetNpmIgnoreNodeModules ¶
func (anp AuditNpmParams) SetNpmIgnoreNodeModules(ignoreNpmNodeModules bool) AuditNpmParams
func (AuditNpmParams) SetNpmOverwritePackageLock ¶
func (anp AuditNpmParams) SetNpmOverwritePackageLock(overwritePackageLock bool) AuditNpmParams
type AuditParams ¶
type AuditParams interface { DirectDependencies() *[]string AppendDependenciesForApplicabilityScan(directDependencies []string) *AuditBasicParams ServerDetails() (*config.ServerDetails, error) SetServerDetails(serverDetails *config.ServerDetails) *AuditBasicParams PipRequirementsFile() string SetPipRequirementsFile(requirementsFile string) *AuditBasicParams ExcludeTestDependencies() bool SetExcludeTestDependencies(excludeTestDependencies bool) *AuditBasicParams UseWrapper() bool SetUseWrapper(useWrapper bool) *AuditBasicParams InsecureTls() bool SetInsecureTls(insecureTls bool) *AuditBasicParams Technologies() []string SetTechnologies(technologies []string) *AuditBasicParams Progress() ioUtils.ProgressMgr SetProgress(progress ioUtils.ProgressMgr) Args() []string InstallCommandName() string InstallCommandArgs() []string SetNpmScope(depType string) *AuditBasicParams OutputFormat() format.OutputFormat DepsRepo() string SetDepsRepo(depsRepo string) *AuditBasicParams IgnoreConfigFile() bool SetIgnoreConfigFile(ignoreConfigFile bool) *AuditBasicParams IsMavenDepTreeInstalled() bool SetIsMavenDepTreeInstalled(isMavenDepTreeInstalled bool) *AuditBasicParams IsCurationCmd() bool SetIsCurationCmd(bool) *AuditBasicParams SetExclusions(exclusions []string) *AuditBasicParams Exclusions() []string SetIsRecursiveScan(isRecursiveScan bool) *AuditBasicParams IsRecursiveScan() bool SkipAutoInstall() bool }
type CommandType ¶ added in v1.8.0
type CommandType string
const ( SourceCode CommandType = "source_code" Binary CommandType = "binary" DockerImage CommandType = "docker_image" Build CommandType = "build" Curation CommandType = "curation" SBOM CommandType = "SBOM" )
func (CommandType) IsTargetBinary ¶ added in v1.8.0
func (s CommandType) IsTargetBinary() bool
type DynamicMarkdownGenerator ¶ added in v1.7.2
type DynamicMarkdownGenerator struct {
// contains filtered or unexported fields
}
func (DynamicMarkdownGenerator) GetViolations ¶ added in v1.7.2
func (mg DynamicMarkdownGenerator) GetViolations() (content string)
func (DynamicMarkdownGenerator) GetVulnerabilities ¶ added in v1.7.2
func (mg DynamicMarkdownGenerator) GetVulnerabilities() (content string)
type EmptyMarkdownGenerator ¶ added in v1.7.2
type EmptyMarkdownGenerator struct{}
func (EmptyMarkdownGenerator) GetViolations ¶ added in v1.7.2
func (g EmptyMarkdownGenerator) GetViolations() (content string)
func (EmptyMarkdownGenerator) GetVulnerabilities ¶ added in v1.7.2
func (g EmptyMarkdownGenerator) GetVulnerabilities() (content string)
type ExtendedScanResults ¶
type ExtendedScanResults struct { ApplicabilityScanResults []*sarif.Run SecretsScanResults []*sarif.Run IacScanResults []*sarif.Run SastScanResults []*sarif.Run EntitledForJas bool SecretValidation bool }
func (*ExtendedScanResults) GetResultsForTarget ¶ added in v1.2.0
func (e *ExtendedScanResults) GetResultsForTarget(target string) (result *ExtendedScanResults)
func (*ExtendedScanResults) IsIssuesFound ¶
func (e *ExtendedScanResults) IsIssuesFound() bool
type ResultSummaryArgs ¶ added in v1.7.2
type ResultSummaryArgs struct { BaseJfrogUrl string `json:"base_jfrog_url,omitempty"` // Args to id the result DockerImage string `json:"docker_image,omitempty"` BuildName string `json:"build_name,omitempty"` BuildNumbers []string `json:"build_numbers,omitempty"` }
func (ResultSummaryArgs) GetUrl ¶ added in v1.7.2
func (rsa ResultSummaryArgs) GetUrl(index commandsummary.Index, scanIds ...string) string
func (ResultSummaryArgs) ToArgs ¶ added in v1.7.2
func (rsa ResultSummaryArgs) ToArgs(index commandsummary.Index) (args []string)
type Results ¶
type Results struct { ResultType CommandType ScaResults []*ScaScanResult XrayVersion string ScansErr error ExtendedScanResults *ExtendedScanResults MultiScanId string }
func NewAuditResults ¶
func NewAuditResults(resultType CommandType) *Results
func (*Results) CountScanResultsFindings ¶ added in v1.1.0
func (r *Results) CountScanResultsFindings(includeVulnerabilities, includeViolations bool) (total int)
Counts the total number of unique findings in the provided results. A unique SCA finding is identified by a unique pair of vulnerability's/violation's issueId and component id or by a result returned from one of JAS scans.
func (*Results) GetScaScannedTechnologies ¶
func (r *Results) GetScaScannedTechnologies() []techutils.Technology
func (*Results) GetScaScansXrayResults ¶
func (r *Results) GetScaScansXrayResults() (results []services.ScanResponse)
func (*Results) IsIssuesFound ¶
func (*Results) IsMultipleProject ¶
func (*Results) IsScaIssuesFound ¶
type ResultsWriter ¶
type ResultsWriter struct {
// contains filtered or unexported fields
}
func NewResultsWriter ¶
func NewResultsWriter(scanResults *Results) *ResultsWriter
func (*ResultsWriter) PrintScanResults ¶
func (rw *ResultsWriter) PrintScanResults() error
PrintScanResults prints the scan results in the specified format. Note that errors are printed only with SimpleJson format.
func (*ResultsWriter) SetExtraMessages ¶
func (rw *ResultsWriter) SetExtraMessages(messages []string) *ResultsWriter
func (*ResultsWriter) SetHasViolationContext ¶ added in v1.8.0
func (rw *ResultsWriter) SetHasViolationContext(hasViolationContext bool) *ResultsWriter
func (*ResultsWriter) SetIncludeLicenses ¶
func (rw *ResultsWriter) SetIncludeLicenses(licenses bool) *ResultsWriter
func (*ResultsWriter) SetIncludeVulnerabilities ¶
func (rw *ResultsWriter) SetIncludeVulnerabilities(includeVulnerabilities bool) *ResultsWriter
func (*ResultsWriter) SetIsMultipleRootProject ¶
func (rw *ResultsWriter) SetIsMultipleRootProject(isMultipleRootProject bool) *ResultsWriter
func (*ResultsWriter) SetOutputFormat ¶
func (rw *ResultsWriter) SetOutputFormat(f format.OutputFormat) *ResultsWriter
func (*ResultsWriter) SetPrintExtendedTable ¶
func (rw *ResultsWriter) SetPrintExtendedTable(extendedTable bool) *ResultsWriter
func (*ResultsWriter) SetSimpleJsonError ¶
func (rw *ResultsWriter) SetSimpleJsonError(jsonErrors []formats.SimpleJsonError) *ResultsWriter
func (*ResultsWriter) SetSubScansPreformed ¶ added in v1.4.0
func (rw *ResultsWriter) SetSubScansPreformed(subScansPreformed []SubScanType) *ResultsWriter
type ScaScanResult ¶
type ScaScanResult struct { // Could be working directory (audit), file path (binary scan) or build name+number (build scan) Target string `json:"Target"` Name string `json:"Name,omitempty"` Technology techutils.Technology `json:"Technology,omitempty"` XrayResults []services.ScanResponse `json:"XrayResults,omitempty"` Descriptors []string `json:"Descriptors,omitempty"` IsMultipleRootProject *bool `json:"IsMultipleRootProject,omitempty"` }
func (ScaScanResult) HasInformation ¶
func (s ScaScanResult) HasInformation() bool
type ScanCommandResultSummary ¶ added in v1.7.2
type ScanCommandResultSummary struct { ResultType CommandType `json:"resultType"` Args *ResultSummaryArgs `json:"args,omitempty"` Summary formats.ResultsSummary `json:"summary"` }
func NewAuditScanSummary ¶ added in v1.7.2
func NewAuditScanSummary(cmdResults *Results, serverDetails *config.ServerDetails, vulnerabilitiesRequested, violationsRequested bool) (summary ScanCommandResultSummary)
func NewBinaryScanSummary ¶ added in v1.7.2
func NewBinaryScanSummary(cmdResults *Results, serverDetails *config.ServerDetails, vulnerabilitiesRequested, violationsRequested bool) (summary ScanCommandResultSummary)
func NewBuildScanSummary ¶ added in v1.7.2
func NewBuildScanSummary(cmdResults *Results, serverDetails *config.ServerDetails, vulnerabilitiesRequested bool, buildName, buildNumber string) (summary ScanCommandResultSummary)
func NewCurationSummary ¶ added in v1.7.2
func NewCurationSummary(cmdResult formats.ResultsSummary) (summary ScanCommandResultSummary)
func NewDockerScanSummary ¶ added in v1.7.2
func NewDockerScanSummary(cmdResults *Results, serverDetails *config.ServerDetails, vulnerabilitiesRequested, violationsRequested bool, dockerImage string) (summary ScanCommandResultSummary)
type SecurityJobSummary ¶ added in v1.7.2
type SecurityJobSummary struct{}
func (*SecurityJobSummary) BinaryScan ¶ added in v1.7.2
func (js *SecurityJobSummary) BinaryScan(filePaths []string) (generator DynamicMarkdownGenerator, err error)
func (*SecurityJobSummary) BuildScan ¶ added in v1.7.2
func (js *SecurityJobSummary) BuildScan(filePaths []string) (generator DynamicMarkdownGenerator, err error)
func (*SecurityJobSummary) DockerScan ¶ added in v1.7.2
func (js *SecurityJobSummary) DockerScan(filePaths []string) (generator DynamicMarkdownGenerator, err error)
func (*SecurityJobSummary) GenerateMarkdownFromFiles ¶ added in v1.7.2
func (js *SecurityJobSummary) GenerateMarkdownFromFiles(dataFilePaths []string) (markdown string, err error)
Generate the Security section (Curation)
func (*SecurityJobSummary) GetNonScannedResult ¶ added in v1.7.2
func (js *SecurityJobSummary) GetNonScannedResult() (generator EmptyMarkdownGenerator)
type SecurityParallelRunner ¶ added in v1.4.0
type SecurityParallelRunner struct { Runner parallel.Runner ErrorsQueue chan error ResultsMu sync.Mutex ScaScansWg sync.WaitGroup // Verify that the sca scan routines are done before running contextual scan JasScannersWg sync.WaitGroup // Verify that all scanners routines are done before cleaning temp dir JasWg sync.WaitGroup // Verify that downloading analyzer manager and running all scanners are done ErrWg sync.WaitGroup // Verify that all errors are handled before finishing the audit func }
func CreateSecurityParallelRunner ¶ added in v1.4.0
func CreateSecurityParallelRunner(numOfParallelScans int) *SecurityParallelRunner
func NewSecurityParallelRunner ¶ added in v1.4.0
func NewSecurityParallelRunner(numOfParallelScans int) SecurityParallelRunner
func (*SecurityParallelRunner) AddErrorToChan ¶ added in v1.4.0
func (spr *SecurityParallelRunner) AddErrorToChan(err error)
type SeverityDisplayStatus ¶ added in v1.8.0
type SeverityDisplayStatus string
func (SeverityDisplayStatus) Format ¶ added in v1.8.0
func (s SeverityDisplayStatus) Format(count int) string
type SubScanType ¶ added in v1.4.0
type SubScanType string
func GetAllSupportedScans ¶ added in v1.4.0
func GetAllSupportedScans() []SubScanType
func (SubScanType) String ¶ added in v1.4.0
func (s SubScanType) String() string
type ViolationIssueType ¶ added in v1.7.2
type ViolationIssueType string
func (ViolationIssueType) String ¶ added in v1.7.2
func (v ViolationIssueType) String() string