formats

package
v1.12.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 27, 2024 License: Apache-2.0 Imports: 6 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ConvertLicenseTableRowToScanTableRow

func ConvertLicenseTableRowToScanTableRow(tableRows []licenseTableRow) (scanTableRows []licenseScanTableRow)

func ConvertLicenseViolationTableRowToScanTableRow

func ConvertLicenseViolationTableRowToScanTableRow(tableRows []licenseViolationTableRow) (scanTableRows []licenseViolationScanTableRow)

func ConvertOperationalRiskTableRowToScanTableRow

func ConvertOperationalRiskTableRowToScanTableRow(tableRows []operationalRiskViolationTableRow) (scanTableRows []operationalRiskViolationScanTableRow)

func ConvertSecurityTableRowToScanTableRow

func ConvertSecurityTableRowToScanTableRow(tableRows []vulnerabilityTableRow) (scanTableRows []vulnerabilityScanTableRow)

func ConvertToIacOrSastTableRow

func ConvertToIacOrSastTableRow(rows []SourceCodeRow) (tableRows []iacOrSastTableRow)

func ConvertToLicenseTableRow

func ConvertToLicenseTableRow(rows []LicenseRow) (tableRows []licenseTableRow)

func ConvertToLicenseViolationTableRow

func ConvertToLicenseViolationTableRow(rows []LicenseRow) (tableRows []licenseViolationTableRow)

func ConvertToOperationalRiskViolationTableRow

func ConvertToOperationalRiskViolationTableRow(rows []OperationalRiskViolationRow) (tableRows []operationalRiskViolationTableRow)

func ConvertToSecretsTableRow

func ConvertToSecretsTableRow(rows []SourceCodeRow) (tableRows []secretsTableRow)

func ConvertToVulnerabilityTableRow

func ConvertToVulnerabilityTableRow(rows []VulnerabilityOrViolationRow) (tableRows []vulnerabilityTableRow)

Types

type Applicability

type Applicability struct {
	Status             string     `json:"status"`
	ScannerDescription string     `json:"scannerDescription,omitempty"`
	UndeterminedReason string     `json:"undeterminedReason,omitempty"`
	Evidence           []Evidence `json:"evidence,omitempty"`
}

type BlockedPackages

type BlockedPackages struct {
	Policy    string         `json:"policy,omitempty"`
	Condition string         `json:"condition,omitempty"`
	Packages  map[string]int `json:"packages"`
}

type Bom

type Bom struct {
	Vulnerabilities struct {
		Vulnerability []struct {
			BomRef string `xml:"bom-ref,attr"`
			Id     string `xml:"id"`
		} `xml:"vulnerability"`
	} `xml:"vulnerabilities"`
}

type ComponentRow

type ComponentRow struct {
	Name     string    `json:"name"`
	Version  string    `json:"version"`
	Location *Location `json:"location,omitempty"`
}

type CuratedPackages

type CuratedPackages struct {
	Blocked      []BlockedPackages `json:"blocked,omitempty"`
	PackageCount int               `json:"num_packages,omitempty"`
}

func (*CuratedPackages) GetApprovedCount

func (cp *CuratedPackages) GetApprovedCount() int

func (*CuratedPackages) GetBlockedCount

func (cp *CuratedPackages) GetBlockedCount() int

type CveRow

type CveRow struct {
	Id            string         `json:"id"`
	CvssV2        string         `json:"cvssV2"`
	CvssV3        string         `json:"cvssV3"`
	Applicability *Applicability `json:"applicability,omitempty"`
}

type EnrichJson

type EnrichJson struct {
	Vulnerability []struct {
		BomRef string `json:"bom-ref,"`
		Id     string `json:"id"`
	} `json:"vulnerabilities"`
}

type Evidence

type Evidence struct {
	Location
	Reason string `json:"reason,omitempty"`
}

type ImpactedDependencyDetails

type ImpactedDependencyDetails struct {
	SeverityDetails
	ImpactedDependencyName    string         `json:"impactedPackageName"`
	ImpactedDependencyVersion string         `json:"impactedPackageVersion"`
	ImpactedDependencyType    string         `json:"impactedPackageType"`
	Components                []ComponentRow `json:"components"`
}

type JfrogResearchInformation

type JfrogResearchInformation struct {
	SeverityDetails
	Summary         string                        `json:"summary,omitempty"`
	Details         string                        `json:"details,omitempty"`
	SeverityReasons []JfrogResearchSeverityReason `json:"severityReasons,omitempty"`
	Remediation     string                        `json:"remediation,omitempty"`
}

type JfrogResearchSeverityReason

type JfrogResearchSeverityReason struct {
	Name        string `json:"name,omitempty"`
	Description string `json:"description,omitempty"`
	IsPositive  bool   `json:"isPositive,omitempty"`
}

type LicenseRow

type LicenseRow struct {
	ImpactedDependencyDetails
	LicenseKey  string           `json:"licenseKey"`
	ImpactPaths [][]ComponentRow `json:"impactPaths"`
}

type Location

type Location struct {
	File        string `json:"file"`
	StartLine   int    `json:"startLine,omitempty"`
	StartColumn int    `json:"startColumn,omitempty"`
	EndLine     int    `json:"endLine,omitempty"`
	EndColumn   int    `json:"endColumn,omitempty"`
	Snippet     string `json:"snippet,omitempty"`
}

type OperationalRiskViolationRow

type OperationalRiskViolationRow struct {
	ImpactedDependencyDetails
	RiskReason    string `json:"riskReason"`
	IsEol         string `json:"isEndOfLife"`
	EolMessage    string `json:"endOfLifeMessage"`
	Cadence       string `json:"cadence"`
	Commits       string `json:"commits"`
	Committers    string `json:"committers"`
	NewerVersions string `json:"newerVersions"`
	LatestVersion string `json:"latestVersion"`
}

type ResultSummary

type ResultSummary map[string]map[string]int

Severity -> status -> Count

func MergeResultSummaries

func MergeResultSummaries(summaries ...ResultSummary) (merged ResultSummary)

func (ResultSummary) GetTotal

func (rs ResultSummary) GetTotal(filterSeverities ...string) (total int)

type ResultsSummary

type ResultsSummary struct {
	Scans []ScanSummary `json:"scans"`
}

func (*ResultsSummary) GetTotalViolations

func (rs *ResultsSummary) GetTotalViolations(filterTypes ...SummaryResultType) (total int)

func (*ResultsSummary) GetTotalVulnerabilities

func (rs *ResultsSummary) GetTotalVulnerabilities(filterTypes ...SummaryResultType) (total int)

func (*ResultsSummary) HasViolations

func (rs *ResultsSummary) HasViolations() bool

type ResultsTables

type ResultsTables struct {
	SecurityVulnerabilitiesTable   []vulnerabilityTableRow
	SecurityViolationsTable        []vulnerabilityTableRow
	LicensesTable                  []licenseTableRow
	LicenseViolationsTable         []licenseViolationTableRow
	OperationalRiskViolationsTable []operationalRiskViolationTableRow
	IacTable                       []iacOrSastTableRow
	SastTable                      []iacOrSastTableRow
	SecretsTable                   []secretsTableRow
	Errors                         []error
}

type ScaScanResultSummary

type ScaScanResultSummary struct {
	ScanIds         []string      `json:"scan_ids,omitempty"`
	MoreInfoUrls    []string      `json:"more_info_urls,omitempty"`
	Security        ResultSummary `json:"security,omitempty"`
	License         ResultSummary `json:"license,omitempty"`
	OperationalRisk ResultSummary `json:"operational_risk,omitempty"`
}

type ScanResultSummary

type ScanResultSummary struct {
	ScaResults     *ScaScanResultSummary `json:"sca,omitempty"`
	IacResults     *ResultSummary        `json:"iac,omitempty"`
	SecretsResults *ResultSummary        `json:"secrets,omitempty"`
	SastResults    *ResultSummary        `json:"sast,omitempty"`
}

func GetVulnerabilitiesSummaries

func GetVulnerabilitiesSummaries(summaries ...ResultsSummary) *ScanResultSummary

func (*ScanResultSummary) GetMoreInfoUrls

func (srs *ScanResultSummary) GetMoreInfoUrls() (urls []string)

func (*ScanResultSummary) GetScanIds

func (srs *ScanResultSummary) GetScanIds() (scanIds []string)

func (*ScanResultSummary) GetSummaryBySeverity

func (ss *ScanResultSummary) GetSummaryBySeverity() (summary ResultSummary)

Returns a ResultSummary with the counts described in the summary Severity -> status -> Count

func (*ScanResultSummary) GetTotal

func (srs *ScanResultSummary) GetTotal(filterTypes ...SummaryResultType) (total int)

func (*ScanResultSummary) HasIssues

func (srs *ScanResultSummary) HasIssues() bool

type ScanSummary

type ScanSummary struct {
	Target          string                 `json:"target"`
	Name            string                 `json:"name,omitempty"`
	Vulnerabilities *ScanResultSummary     `json:"vulnerabilities,omitempty"`
	Violations      *ScanViolationsSummary `json:"violations,omitempty"`
	CuratedPackages *CuratedPackages       `json:"curated,omitempty"`
}

func (*ScanSummary) GetScanIds

func (sc *ScanSummary) GetScanIds() (scanIds []string)

func (*ScanSummary) HasBlockedPackages

func (sc *ScanSummary) HasBlockedPackages() bool

func (*ScanSummary) HasCuratedPackages

func (sc *ScanSummary) HasCuratedPackages() bool

func (*ScanSummary) HasViolations

func (sc *ScanSummary) HasViolations() bool

func (*ScanSummary) HasVulnerabilities

func (sc *ScanSummary) HasVulnerabilities() bool

type ScanViolationsSummary

type ScanViolationsSummary struct {
	Watches   []string `json:"watches,omitempty"`
	FailBuild bool     `json:"fail_build,omitempty"`
	ScanResultSummary
}

func GetViolationSummaries

func GetViolationSummaries(summaries ...ResultsSummary) *ScanViolationsSummary

type SeverityDetails

type SeverityDetails struct {
	Severity         string `json:"severity"`
	SeverityNumValue int    `json:"-"` // For sorting
}

type SimpleJsonError

type SimpleJsonError struct {
	FilePath     string `json:"filePath"`
	ErrorMessage string `json:"errorMessage"`
}

type SimpleJsonResults

type SimpleJsonResults struct {
	Vulnerabilities           []VulnerabilityOrViolationRow `json:"vulnerabilities"`
	SecurityViolations        []VulnerabilityOrViolationRow `json:"securityViolations"`
	LicensesViolations        []LicenseRow                  `json:"licensesViolations"`
	Licenses                  []LicenseRow                  `json:"licenses"`
	OperationalRiskViolations []OperationalRiskViolationRow `json:"operationalRiskViolations"`
	Secrets                   []SourceCodeRow               `json:"secrets"`
	Iacs                      []SourceCodeRow               `json:"iacViolations"`
	Sast                      []SourceCodeRow               `json:"sastViolations"`
	Errors                    []SimpleJsonError             `json:"errors"`
	MultiScanId               string                        `json:"multiScanId,omitempty"`
}

This struct holds the sorted results of the simple-json output.

type SourceCodeRow

type SourceCodeRow struct {
	SeverityDetails
	Location
	Finding            string         `json:"finding,omitempty"`
	Fingerprint        string         `json:"fingerprint,omitempty"`
	Applicability      *Applicability `json:"applicability,omitempty"`
	ScannerDescription string         `json:"scannerDescription,omitempty"`
	CodeFlow           [][]Location   `json:"codeFlow,omitempty"`
}

type SummaryResultType

type SummaryResultType string
const (
	IacResult            SummaryResultType = "IAC"
	SecretsResult        SummaryResultType = "Secrets"
	SastResult           SummaryResultType = "SAST"
	ScaResult            SummaryResultType = "SCA"
	ScaSecurityResult    SummaryResultType = "Security"
	ScaLicenseResult     SummaryResultType = "License"
	ScaOperationalResult SummaryResultType = "Operational"

	NoStatus = ""
)

func (SummaryResultType) String

func (srt SummaryResultType) String() string

type Vulnerabilities

type Vulnerabilities struct {
	Vulnerabilities XMLVulnerability `xml:"vulnerabilities"`
}

type Vulnerability

type Vulnerability struct {
	BomRef string `json:"bom-ref" xml:"bom-ref,attr"`
	ID     string `json:"id" xml:"id"`
}

type VulnerabilityOrViolationRow

type VulnerabilityOrViolationRow struct {
	ImpactedDependencyDetails
	Summary                  string                    `json:"summary"`
	Applicable               string                    `json:"applicable"`
	FixedVersions            []string                  `json:"fixedVersions"`
	Cves                     []CveRow                  `json:"cves"`
	IssueId                  string                    `json:"issueId"`
	References               []string                  `json:"references"`
	ImpactPaths              [][]ComponentRow          `json:"impactPaths"`
	JfrogResearchInformation *JfrogResearchInformation `json:"jfrogResearchInformation"`
	Technology               techutils.Technology      `json:"-"`
}

Used for vulnerabilities and security violations

type XMLVulnerability

type XMLVulnerability struct {
	Vulnerability []Vulnerability `xml:"vulnerability"`
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL