Documentation ¶
Index ¶
- Constants
- Variables
- func AggregateMultipleRunsIntoSingle(runs []*sarif.Run, destination *sarif.Run)
- func ApplicabilityRuleIdToCve(sarifRuleId string) string
- func BuildXrayDependencyTree(treeHelper map[string]DepTreeNode, nodeId string) (*xrayUtils.GraphNode, map[string]*DepTreeNode)
- func CheckIfFailBuild(results []services.ScanResponse) bool
- func ConvertSarifReportToString(report *sarif.Report) (sarifStr string, err error)
- func ConvertSummaryToString(results SecurityCommandsSummary) (summary string, err error)
- func ConvertToSarifLevel(severity string) string
- func ConvertXrayScanToSimpleJson(results *Results, isMultipleRoots, includeLicenses, simplifiedOutput bool, ...) (formats.SimpleJsonResults, error)
- func CreateCodeFlow(threadFlows ...*sarif.ThreadFlow) *sarif.CodeFlow
- func CreateDummyPassingResult(ruleId string) *sarif.Result
- func CreateLocation(fileName string, startLine, startCol, endLine, endCol int, snippet string) *sarif.Location
- func CreateRestsMockServer(testHandler restsTestHandler) *httptest.Server
- func CreateResultWithLocations(msg, ruleId, level string, locations ...*sarif.Location) *sarif.Result
- func CreateResultWithOneLocation(fileName string, startLine, startCol, endLine, endCol int, ...) *sarif.Result
- func CreateRunWithDummyResultAndRuleProperties(property, value string, result *sarif.Result) *sarif.Run
- func CreateRunWithDummyResults(results ...*sarif.Result) *sarif.Run
- func CreateThreadFlow(locations ...*sarif.Location) *sarif.ThreadFlow
- func CreateXrayServiceManager(serverDetails *config.ServerDetails) (*xray.XrayServicesManager, error)
- func CreateXrayServiceManagerAndGetVersion(serviceDetails *config.ServerDetails) (*xray.XrayServicesManager, string, error)
- func CreateXscRestsMockServer(t *testing.T, testHandler restsTestHandler) (*httptest.Server, *config.ServerDetails, ...)
- func CreateXscServiceManager(serviceDetails *config.ServerDetails) (*xsc.XscServicesManager, error)
- func CveToApplicabilityRuleId(cveId string) string
- func DownloadAnalyzerManagerIfNeeded(threadId int) error
- func ExtractRelativePath(resultPath string, projectRoot string) string
- func GenereateSarifReportFromResults(results *Results, isMultipleRoots, includeLicenses bool, ...) (report *sarif.Report, err error)
- func GetAnalyzerManagerDirAbsolutePath() (string, error)
- func GetAnalyzerManagerDownloadPath() (string, error)
- func GetAnalyzerManagerExecutable() (analyzerManagerPath string, err error)
- func GetAnalyzerManagerExecutableName() string
- func GetAnalyzerManagerVersion() string
- func GetApplicableResultCountFromRule(runs ...*sarif.Run) (count int)
- func GetCurationCacheFolder() (string, error)
- func GetCurationCacheFolderByTech(tech techutils.Technology) (projectDir string, err error)
- func GetCurationPipCacheFolder() (string, error)
- func GetDependenciesGraph(projectDir string) (map[string][]string, error)
- func GetDependenciesList(projectDir string, errorFunc utils.HandleErrorFunc) (map[string]bool, error)
- func GetFullLocationFileName(relative string, invocations []*sarif.Invocation) string
- func GetInvocationWorkingDirectory(invocation *sarif.Invocation) string
- func GetIssueIdentifier(cvesRow []formats.CveRow, issueId string) string
- func GetLocationEndColumn(location *sarif.Location) int
- func GetLocationEndLine(location *sarif.Location) int
- func GetLocationFileName(location *sarif.Location) string
- func GetLocationId(location *sarif.Location) string
- func GetLocationRelatedCodeFlowsFromResult(location *sarif.Location, result *sarif.Result) (codeFlows []*sarif.CodeFlow)
- func GetLocationSnippet(location *sarif.Location) string
- func GetLocationStartColumn(location *sarif.Location) int
- func GetLocationStartLine(location *sarif.Location) int
- func GetRelativeLocationFileName(location *sarif.Location, invocations []*sarif.Invocation) string
- func GetResultMsgText(result *sarif.Result) string
- func GetResultSeverity(result *sarif.Result) string
- func GetResultsLocationCount(runs ...*sarif.Run) (count int)
- func GetRuleFullDescription(rule *sarif.ReportingDescriptor) string
- func GetRunRules(run *sarif.Run) []*sarif.ReportingDescriptor
- func GetRunsByWorkingDirectory(workingDirectory string, runs ...*sarif.Run) (filteredRuns []*sarif.Run)
- func GetScaSummaryCountString(summary formats.ScanScaResult, padding int) (content string)
- func GetScanSummaryString(summary formats.ScanSummaryResult, singleData bool) (content string)
- func GetSeveritiesFormat(severity string) (string, error)
- func GetSeveritySummaryCountString(summary formats.SummaryCount, padding int) (content string)
- func GetSummaryContentString(summary formats.SummaryCount, delimiter string, wrapWithBracket bool) (content string)
- func GetUniqueKey(vulnerableDependency, vulnerableVersion, xrayID string, fixVersionExist bool) string
- func GetViolatedLicenses(allowedLicenses []string, licenses []formats.LicenseRow) (violatedLicenses []formats.LicenseRow)
- func IsApplicableResult(result *sarif.Result) bool
- func IsEmptyScanResponse(results []services.ScanResponse) bool
- func IsReportLogErrorEventPossible(xscManager *xsc.XscServicesManager) bool
- func NewFailBuildError() error
- func NewReport() (*sarif.Report, error)
- func ParseAnalyzerManagerError(scanner JasScanType, err error) error
- func PrepareIacs(iacs []*sarif.Run) []formats.SourceCodeRow
- func PrepareLicenses(licenses []services.License) ([]formats.LicenseRow, error)
- func PrepareSast(sasts []*sarif.Run) []formats.SourceCodeRow
- func PrepareSecrets(secrets []*sarif.Run) []formats.SourceCodeRow
- func PrepareViolations(violations []services.Violation, results *Results, ...) ([]formats.VulnerabilityOrViolationRow, []formats.LicenseRow, ...)
- func PrepareVulnerabilities(vulnerabilities []services.Vulnerability, results *Results, ...) ([]formats.VulnerabilityOrViolationRow, error)
- func PrintIacTable(iacs []*sarif.Run, entitledForIacScan bool) error
- func PrintJson(output interface{}) error
- func PrintLicensesTable(licenses []services.License, printExtended bool, scanType services.ScanType) error
- func PrintSarif(results *Results, isMultipleRoots, includeLicenses bool) error
- func PrintSastTable(sast []*sarif.Run, entitledForSastScan bool) error
- func PrintSecretsTable(secrets []*sarif.Run, entitledForSecretsScan bool) error
- func PrintViolationsTable(violations []services.Violation, results *Results, ...) error
- func PrintVulnerabilitiesTable(vulnerabilities []services.Vulnerability, results *Results, ...) error
- func ReadScanRunsFromFile(fileName string) (sarifRuns []*sarif.Run, err error)
- func RecordSecurityCommandOutput(content ScanCommandSummaryResult) (err error)
- func ReportError(serverDetails *config.ServerDetails, errorToReport error, source string) error
- func SecurityCommandsJobSummary() (js *commandsummary.CommandSummary, err error)
- func SendXscLogMessageIfEnabled(errorLog *services.ExternalErrorLog, xscManager *xsc.XscServicesManager) error
- func SetAnalyzerManagerEnvVariables(serverDetails *config.ServerDetails) error
- func SetLocationFileName(location *sarif.Location, fileName string)
- func SetLocationSnippet(location *sarif.Location, snippet string)
- func SplitComponentId(componentId string) (string, string, string)
- func SplitScanResults(results []*ScaScanResult) ([]services.Violation, []services.Vulnerability, []services.License)
- type AnalyticsMetricsService
- func (ams *AnalyticsMetricsService) AddGeneralEvent(event *xscservices.XscAnalyticsGeneralEvent)
- func (ams *AnalyticsMetricsService) AddScanFindingsToXscAnalyticsGeneralEventFinalize(findingsAmount int)
- func (ams *AnalyticsMetricsService) CreateGeneralEvent(product xscservices.ProductName, eventType xscservices.EventType) *xscservices.XscAnalyticsGeneralEvent
- func (ams *AnalyticsMetricsService) CreateXscAnalyticsGeneralEventFinalizeFromAuditResults(auditResults *Results) *xscservices.XscAnalyticsGeneralEventFinalize
- func (ams *AnalyticsMetricsService) FinalizeEvent() *xscservices.XscAnalyticsGeneralEventFinalize
- func (ams *AnalyticsMetricsService) GetGeneralEvent(msi string) (*xscservices.XscAnalyticsGeneralEvent, error)
- func (ams *AnalyticsMetricsService) GetMsi() string
- func (ams *AnalyticsMetricsService) GetStartTime() time.Time
- func (ams *AnalyticsMetricsService) SetFinalizeEvent(finalizeEvent *xscservices.XscAnalyticsGeneralEventFinalize)
- func (ams *AnalyticsMetricsService) SetMsi(msi string)
- func (ams *AnalyticsMetricsService) SetShouldReportEvents(shouldReportEvents bool)
- func (ams *AnalyticsMetricsService) SetStartTime()
- func (ams *AnalyticsMetricsService) ShouldReportEvents() bool
- func (ams *AnalyticsMetricsService) UpdateAndSendXscAnalyticsGeneralEventFinalize(err error)
- func (ams *AnalyticsMetricsService) UpdateGeneralEvent(event *xscservices.XscAnalyticsGeneralEventFinalize)
- func (ams *AnalyticsMetricsService) UpdateXscAnalyticsGeneralEventFinalizeStatus(status xscservices.EventStatus)
- func (ams *AnalyticsMetricsService) UpdateXscAnalyticsGeneralEventFinalizeWithTotalScanDuration()
- func (ams *AnalyticsMetricsService) XscManager() *xsc.XscServicesManager
- type AnalyzerManager
- type ApplicabilityStatus
- type AuditBasicParams
- func (abp *AuditBasicParams) AppendDependenciesForApplicabilityScan(directDependencies []string) *AuditBasicParams
- func (abp *AuditBasicParams) Args() []string
- func (abp *AuditBasicParams) DepsRepo() string
- func (abp *AuditBasicParams) DirectDependencies() *[]string
- func (abp *AuditBasicParams) ExcludeTestDependencies() bool
- func (abp *AuditBasicParams) Exclusions() []string
- func (abp *AuditBasicParams) IgnoreConfigFile() bool
- func (abp *AuditBasicParams) InsecureTls() bool
- func (abp *AuditBasicParams) InstallCommandArgs() []string
- func (abp *AuditBasicParams) InstallCommandName() string
- func (abp *AuditBasicParams) IsCurationCmd() bool
- func (abp *AuditBasicParams) IsMavenDepTreeInstalled() bool
- func (abp *AuditBasicParams) IsRecursiveScan() bool
- func (abp *AuditBasicParams) OutputFormat() format.OutputFormat
- func (abp *AuditBasicParams) PipRequirementsFile() string
- func (abp *AuditBasicParams) Progress() ioUtils.ProgressMgr
- func (abp *AuditBasicParams) ScansToPerform() []SubScanType
- func (abp *AuditBasicParams) ServerDetails() (*config.ServerDetails, error)
- func (abp *AuditBasicParams) SetDepsRepo(depsRepo string) *AuditBasicParams
- func (abp *AuditBasicParams) SetExcludeTestDependencies(excludeTestDependencies bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetExclusions(exclusions []string) *AuditBasicParams
- func (abp *AuditBasicParams) SetIgnoreConfigFile(ignoreConfigFile bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetInsecureTls(insecureTls bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetInstallCommandArgs(installCommandArgs []string) *AuditBasicParams
- func (abp *AuditBasicParams) SetInstallCommandName(installCommandName string) *AuditBasicParams
- func (abp *AuditBasicParams) SetIsCurationCmd(isCurationCmd bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetIsMavenDepTreeInstalled(isMavenDepTreeInstalled bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetIsRecursiveScan(isRecursiveScan bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetNpmScope(depType string) *AuditBasicParams
- func (abp *AuditBasicParams) SetOutputFormat(format format.OutputFormat) *AuditBasicParams
- func (abp *AuditBasicParams) SetPipRequirementsFile(requirementsFile string) *AuditBasicParams
- func (abp *AuditBasicParams) SetProgress(progress ioUtils.ProgressMgr)
- func (abp *AuditBasicParams) SetScansToPerform(scansToPerform []SubScanType) *AuditBasicParams
- func (abp *AuditBasicParams) SetServerDetails(serverDetails *config.ServerDetails) *AuditBasicParams
- func (abp *AuditBasicParams) SetTechnologies(technologies []string) *AuditBasicParams
- func (abp *AuditBasicParams) SetUseJas(useJas bool) *AuditBasicParams
- func (abp *AuditBasicParams) SetUseWrapper(useWrapper bool) *AuditBasicParams
- func (abp *AuditBasicParams) Technologies() []string
- func (abp *AuditBasicParams) UseJas() bool
- func (abp *AuditBasicParams) UseWrapper() bool
- type AuditNpmParams
- type AuditParams
- type DepTreeNode
- type ExtendedScanResults
- type IssueDetails
- type JasScanType
- type Results
- func (r *Results) CountScanResultsFindings() (total int)
- func (r *Results) GetScaScannedTechnologies() []techutils.Technology
- func (r *Results) GetScaScansXrayResults() (results []services.ScanResponse)
- func (r *Results) GetSummary() (summary formats.SummaryResults)
- func (r *Results) IsIssuesFound() bool
- func (r *Results) IsMultipleProject() bool
- func (r *Results) IsScaIssuesFound() bool
- type ResultsWriter
- func (rw *ResultsWriter) PrintScanResults() error
- func (rw *ResultsWriter) SetExtraMessages(messages []string) *ResultsWriter
- func (rw *ResultsWriter) SetIncludeLicenses(licenses bool) *ResultsWriter
- func (rw *ResultsWriter) SetIncludeVulnerabilities(includeVulnerabilities bool) *ResultsWriter
- func (rw *ResultsWriter) SetIsMultipleRootProject(isMultipleRootProject bool) *ResultsWriter
- func (rw *ResultsWriter) SetOutputFormat(f format.OutputFormat) *ResultsWriter
- func (rw *ResultsWriter) SetPrintExtendedTable(extendedTable bool) *ResultsWriter
- func (rw *ResultsWriter) SetScanType(scanType services.ScanType) *ResultsWriter
- func (rw *ResultsWriter) SetSimpleJsonError(jsonErrors []formats.SimpleJsonError) *ResultsWriter
- func (rw *ResultsWriter) SetSubScansPreformed(subScansPreformed []SubScanType) *ResultsWriter
- type SarifLevel
- type ScaScanResult
- type ScanCommandSummaryResult
- type SecurityCommandsSummary
- type SecurityParallelRunner
- type SecuritySummarySection
- type SubScanType
- type TableSeverity
Constants ¶
const ( EntitlementsMinVersion = "3.66.5" ApplicabilityFeatureId = "contextual_analysis" AnalyzerManagerZipName = "analyzerManager.zip" ErrFailedScannerRun = "failed to run %s scan. Exit code received: %s" JfMsiEnvVariable = "JF_MSI" JfPackageManagerEnvVariable = "AM_PACKAGE_MANAGER" JfLanguageEnvVariable = "AM_LANGUAGE" )
const ( JfrogCurationDirName = "curation" CurationsDir = "JFROG_CLI_CURATION_DIR" // #nosec G101 -- Not credentials. CurationSupportFlag = "JFROG_CLI_CURATION" )
const (
BaseDocumentationURL = "https://docs.jfrog-applications.jfrog.io/jfrog-security-features/"
)
const MissingCveScore = "0"
const (
NpmPackageTypeIdentifier = "npm://"
)
const (
SeverityDefaultValue = "Medium"
)
Variables ¶
var Severities = map[string]map[ApplicabilityStatus]*TableSeverity{ "Critical": { Applicable: {SeverityDetails: formats.SeverityDetails{Severity: "Critical", SeverityNumValue: 20}, /* contains filtered or unexported fields */}, ApplicabilityUndetermined: {SeverityDetails: formats.SeverityDetails{Severity: "Critical", SeverityNumValue: 19}, /* contains filtered or unexported fields */}, NotCovered: {SeverityDetails: formats.SeverityDetails{Severity: "Critical", SeverityNumValue: 18}, /* contains filtered or unexported fields */}, NotApplicable: {SeverityDetails: formats.SeverityDetails{Severity: "Critical", SeverityNumValue: 5}, /* contains filtered or unexported fields */}, }, "High": { Applicable: {SeverityDetails: formats.SeverityDetails{Severity: "High", SeverityNumValue: 17}, /* contains filtered or unexported fields */}, ApplicabilityUndetermined: {SeverityDetails: formats.SeverityDetails{Severity: "High", SeverityNumValue: 16}, /* contains filtered or unexported fields */}, NotCovered: {SeverityDetails: formats.SeverityDetails{Severity: "High", SeverityNumValue: 15}, /* contains filtered or unexported fields */}, NotApplicable: {SeverityDetails: formats.SeverityDetails{Severity: "High", SeverityNumValue: 4}, /* contains filtered or unexported fields */}, }, "Medium": { Applicable: {SeverityDetails: formats.SeverityDetails{Severity: "Medium", SeverityNumValue: 14}, /* contains filtered or unexported fields */}, ApplicabilityUndetermined: {SeverityDetails: formats.SeverityDetails{Severity: "Medium", SeverityNumValue: 13}, /* contains filtered or unexported fields */}, NotCovered: {SeverityDetails: formats.SeverityDetails{Severity: "Medium", SeverityNumValue: 12}, /* contains filtered or unexported fields */}, NotApplicable: {SeverityDetails: formats.SeverityDetails{Severity: "Medium", SeverityNumValue: 3}, /* contains filtered or unexported fields */}, }, "Low": { Applicable: {SeverityDetails: formats.SeverityDetails{Severity: "Low", SeverityNumValue: 11}, /* contains filtered or unexported fields */}, ApplicabilityUndetermined: {SeverityDetails: formats.SeverityDetails{Severity: "Low", SeverityNumValue: 10}, /* contains filtered or unexported fields */}, NotCovered: {SeverityDetails: formats.SeverityDetails{Severity: "Low", SeverityNumValue: 9}, /* contains filtered or unexported fields */}, NotApplicable: {SeverityDetails: formats.SeverityDetails{Severity: "Low", SeverityNumValue: 2}, /* contains filtered or unexported fields */}, }, "Unknown": { Applicable: {SeverityDetails: formats.SeverityDetails{Severity: "Unknown", SeverityNumValue: 8}, /* contains filtered or unexported fields */}, ApplicabilityUndetermined: {SeverityDetails: formats.SeverityDetails{Severity: "Unknown", SeverityNumValue: 7}, /* contains filtered or unexported fields */}, NotCovered: {SeverityDetails: formats.SeverityDetails{Severity: "Unknown", SeverityNumValue: 6}, /* contains filtered or unexported fields */}, NotApplicable: {SeverityDetails: formats.SeverityDetails{Severity: "Unknown", SeverityNumValue: 1}, /* contains filtered or unexported fields */}, }, }
Functions ¶
func BuildXrayDependencyTree ¶ added in v1.2.0
func BuildXrayDependencyTree(treeHelper map[string]DepTreeNode, nodeId string) (*xrayUtils.GraphNode, map[string]*DepTreeNode)
func CheckIfFailBuild ¶
func CheckIfFailBuild(results []services.ScanResponse) bool
func ConvertSummaryToString ¶ added in v1.2.0
func ConvertSummaryToString(results SecurityCommandsSummary) (summary string, err error)
func ConvertToSarifLevel ¶
func CreateCodeFlow ¶
func CreateCodeFlow(threadFlows ...*sarif.ThreadFlow) *sarif.CodeFlow
func CreateLocation ¶
func CreateRestsMockServer ¶ added in v1.1.0
Create mock server to test REST APIs. testHandler - The HTTP handler of the test
func CreateRunWithDummyResultAndRuleProperties ¶ added in v1.1.0
func CreateThreadFlow ¶
func CreateThreadFlow(locations ...*sarif.Location) *sarif.ThreadFlow
func CreateXrayServiceManager ¶
func CreateXrayServiceManager(serverDetails *config.ServerDetails) (*xray.XrayServicesManager, error)
func CreateXrayServiceManagerAndGetVersion ¶
func CreateXrayServiceManagerAndGetVersion(serviceDetails *config.ServerDetails) (*xray.XrayServicesManager, string, error)
func CreateXscRestsMockServer ¶ added in v1.1.0
func CreateXscRestsMockServer(t *testing.T, testHandler restsTestHandler) (*httptest.Server, *config.ServerDetails, artifactory.ArtifactoryServicesManager)
func CreateXscServiceManager ¶ added in v1.1.0
func CreateXscServiceManager(serviceDetails *config.ServerDetails) (*xsc.XscServicesManager, error)
func DownloadAnalyzerManagerIfNeeded ¶
Download the latest AnalyzerManager executable if not cached locally. By default, the zip is downloaded directly from jfrog releases.
func ExtractRelativePath ¶
func GetAnalyzerManagerExecutableName ¶
func GetAnalyzerManagerExecutableName() string
func GetAnalyzerManagerVersion ¶
func GetAnalyzerManagerVersion() string
func GetApplicableResultCountFromRule ¶ added in v1.4.0
func GetCurationCacheFolder ¶ added in v1.0.4
func GetCurationCacheFolderByTech ¶ added in v1.3.0
func GetCurationCacheFolderByTech(tech techutils.Technology) (projectDir string, err error)
func GetCurationPipCacheFolder ¶ added in v1.1.0
func GetDependenciesGraph ¶ added in v1.3.0
func GetDependenciesList ¶ added in v1.3.0
func GetFullLocationFileName ¶
func GetFullLocationFileName(relative string, invocations []*sarif.Invocation) string
func GetInvocationWorkingDirectory ¶
func GetInvocationWorkingDirectory(invocation *sarif.Invocation) string
func GetLocationEndColumn ¶
func GetLocationEndLine ¶
func GetLocationFileName ¶
func GetLocationId ¶ added in v1.2.0
func GetLocationSnippet ¶
func GetLocationStartColumn ¶
func GetLocationStartLine ¶
func GetRelativeLocationFileName ¶
func GetRelativeLocationFileName(location *sarif.Location, invocations []*sarif.Invocation) string
func GetResultMsgText ¶
func GetResultSeverity ¶
func GetResultsLocationCount ¶
func GetRuleFullDescription ¶
func GetRuleFullDescription(rule *sarif.ReportingDescriptor) string
func GetRunRules ¶
func GetRunRules(run *sarif.Run) []*sarif.ReportingDescriptor
func GetRunsByWorkingDirectory ¶ added in v1.2.0
func GetScaSummaryCountString ¶ added in v1.2.0
func GetScaSummaryCountString(summary formats.ScanScaResult, padding int) (content string)
func GetScanSummaryString ¶ added in v1.2.0
func GetScanSummaryString(summary formats.ScanSummaryResult, singleData bool) (content string)
func GetSeveritiesFormat ¶
func GetSeveritySummaryCountString ¶ added in v1.2.0
func GetSeveritySummaryCountString(summary formats.SummaryCount, padding int) (content string)
func GetSummaryContentString ¶ added in v1.2.0
func GetSummaryContentString(summary formats.SummaryCount, delimiter string, wrapWithBracket bool) (content string)
func GetUniqueKey ¶
func GetUniqueKey(vulnerableDependency, vulnerableVersion, xrayID string, fixVersionExist bool) string
GetUniqueKey returns a unique string key of format "vulnerableDependency:vulnerableVersion:xrayID:fixVersionExist"
func GetViolatedLicenses ¶
func GetViolatedLicenses(allowedLicenses []string, licenses []formats.LicenseRow) (violatedLicenses []formats.LicenseRow)
func IsApplicableResult ¶
func IsEmptyScanResponse ¶
func IsEmptyScanResponse(results []services.ScanResponse) bool
func IsReportLogErrorEventPossible ¶ added in v1.1.0
func IsReportLogErrorEventPossible(xscManager *xsc.XscServicesManager) bool
Determines if reporting the error is feasible.
func NewFailBuildError ¶
func NewFailBuildError() error
func ParseAnalyzerManagerError ¶
func ParseAnalyzerManagerError(scanner JasScanType, err error) error
func PrepareIacs ¶
func PrepareIacs(iacs []*sarif.Run) []formats.SourceCodeRow
Prepare iacs for all non-table formats (without style or emoji)
func PrepareLicenses ¶
func PrepareLicenses(licenses []services.License) ([]formats.LicenseRow, error)
func PrepareSast ¶
func PrepareSast(sasts []*sarif.Run) []formats.SourceCodeRow
func PrepareSecrets ¶
func PrepareSecrets(secrets []*sarif.Run) []formats.SourceCodeRow
Prepare secrets for all non-table formats (without style or emoji)
func PrepareViolations ¶
func PrepareViolations(violations []services.Violation, results *Results, multipleRoots, simplifiedOutput bool) ([]formats.VulnerabilityOrViolationRow, []formats.LicenseRow, []formats.OperationalRiskViolationRow, error)
Prepare violations for all non-table formats (without style or emoji)
func PrepareVulnerabilities ¶
func PrepareVulnerabilities(vulnerabilities []services.Vulnerability, results *Results, multipleRoots, simplifiedOutput bool) ([]formats.VulnerabilityOrViolationRow, error)
Prepare vulnerabilities for all non-table formats (without style or emoji)
func PrintLicensesTable ¶
func PrintLicensesTable(licenses []services.License, printExtended bool, scanType services.ScanType) error
PrintLicensesTable prints the licenses in a table. Set multipleRoots to true in case the given licenses array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.
func PrintSarif ¶
func PrintSecretsTable ¶
func PrintViolationsTable ¶
func PrintViolationsTable(violations []services.Violation, results *Results, multipleRoots, printExtended bool, scanType services.ScanType) error
PrintViolationsTable prints the violations in 4 tables: security violations, license compliance violations, operational risk violations and ignore rule URLs. Set multipleRoots to true in case the given violations array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. In case one (or more) of the violations contains the field FailBuild set to true, CliError with exit code 3 will be returned. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.
func PrintVulnerabilitiesTable ¶
func PrintVulnerabilitiesTable(vulnerabilities []services.Vulnerability, results *Results, multipleRoots, printExtended bool, scanType services.ScanType) error
PrintVulnerabilitiesTable prints the vulnerabilities in a table. Set multipleRoots to true in case the given vulnerabilities array contains (or may contain) results of several projects or files (like in binary scan). In case multipleRoots is true, the field Component will show the root of each impact path, otherwise it will show the root's child. Set printExtended to true to print fields with 'extended' tag. If the scan argument is set to true, print the scan tables.
func ReadScanRunsFromFile ¶
func RecordSecurityCommandOutput ¶ added in v1.2.0
func RecordSecurityCommandOutput(content ScanCommandSummaryResult) (err error)
Record the security command output
func ReportError ¶ added in v1.1.0
func ReportError(serverDetails *config.ServerDetails, errorToReport error, source string) error
Sends an error report when the Xsc service is enabled. Errors returned by this function typically do not disrupt the flow, as reporting errors is optional.
func SecurityCommandsJobSummary ¶ added in v1.2.0
func SecurityCommandsJobSummary() (js *commandsummary.CommandSummary, err error)
Manage the job summary for security commands
func SendXscLogMessageIfEnabled ¶ added in v1.1.0
func SendXscLogMessageIfEnabled(errorLog *services.ExternalErrorLog, xscManager *xsc.XscServicesManager) error
func SetAnalyzerManagerEnvVariables ¶
func SetAnalyzerManagerEnvVariables(serverDetails *config.ServerDetails) error
func SetLocationFileName ¶
func SetLocationSnippet ¶
func SplitComponentId ¶
SplitComponentId splits a Xray component ID to the component name, version and package type. In case componentId doesn't contain a version, the returned version will be an empty string. In case componentId's format is invalid, it will be returned as the component name and empty strings will be returned instead of the version and the package type. Examples:
- componentId: "gav://antparent:ant:1.6.5" Returned values: Component name: "antparent:ant" Component version: "1.6.5" Package type: "Maven"
- componentId: "generic://sha256:244fd47e07d1004f0aed9c156aa09083c82bf8944eceb67c946ff7430510a77b/foo.jar" Returned values: Component name: "foo.jar" Component version: "" Package type: "Generic"
- componentId: "invalid-comp-id" Returned values: Component name: "invalid-comp-id" Component version: "" Package type: ""
func SplitScanResults ¶
func SplitScanResults(results []*ScaScanResult) ([]services.Violation, []services.Vulnerability, []services.License)
Splits scan responses into aggregated lists of violations, vulnerabilities and licenses.
Types ¶
type AnalyticsMetricsService ¶ added in v1.1.0
type AnalyticsMetricsService struct {
// contains filtered or unexported fields
}
func NewAnalyticsMetricsService ¶ added in v1.1.0
func NewAnalyticsMetricsService(serviceDetails *config.ServerDetails) *AnalyticsMetricsService
func (*AnalyticsMetricsService) AddGeneralEvent ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) AddGeneralEvent(event *xscservices.XscAnalyticsGeneralEvent)
func (*AnalyticsMetricsService) AddScanFindingsToXscAnalyticsGeneralEventFinalize ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) AddScanFindingsToXscAnalyticsGeneralEventFinalize(findingsAmount int)
func (*AnalyticsMetricsService) CreateGeneralEvent ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) CreateGeneralEvent(product xscservices.ProductName, eventType xscservices.EventType) *xscservices.XscAnalyticsGeneralEvent
func (*AnalyticsMetricsService) CreateXscAnalyticsGeneralEventFinalizeFromAuditResults ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) CreateXscAnalyticsGeneralEventFinalizeFromAuditResults(auditResults *Results) *xscservices.XscAnalyticsGeneralEventFinalize
func (*AnalyticsMetricsService) FinalizeEvent ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) FinalizeEvent() *xscservices.XscAnalyticsGeneralEventFinalize
func (*AnalyticsMetricsService) GetGeneralEvent ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) GetGeneralEvent(msi string) (*xscservices.XscAnalyticsGeneralEvent, error)
func (*AnalyticsMetricsService) GetMsi ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) GetMsi() string
func (*AnalyticsMetricsService) GetStartTime ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) GetStartTime() time.Time
func (*AnalyticsMetricsService) SetFinalizeEvent ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) SetFinalizeEvent(finalizeEvent *xscservices.XscAnalyticsGeneralEventFinalize)
func (*AnalyticsMetricsService) SetMsi ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) SetMsi(msi string)
func (*AnalyticsMetricsService) SetShouldReportEvents ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) SetShouldReportEvents(shouldReportEvents bool)
func (*AnalyticsMetricsService) SetStartTime ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) SetStartTime()
func (*AnalyticsMetricsService) ShouldReportEvents ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) ShouldReportEvents() bool
func (*AnalyticsMetricsService) UpdateAndSendXscAnalyticsGeneralEventFinalize ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) UpdateAndSendXscAnalyticsGeneralEventFinalize(err error)
func (*AnalyticsMetricsService) UpdateGeneralEvent ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) UpdateGeneralEvent(event *xscservices.XscAnalyticsGeneralEventFinalize)
func (*AnalyticsMetricsService) UpdateXscAnalyticsGeneralEventFinalizeStatus ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) UpdateXscAnalyticsGeneralEventFinalizeStatus(status xscservices.EventStatus)
func (*AnalyticsMetricsService) UpdateXscAnalyticsGeneralEventFinalizeWithTotalScanDuration ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) UpdateXscAnalyticsGeneralEventFinalizeWithTotalScanDuration()
func (*AnalyticsMetricsService) XscManager ¶ added in v1.1.0
func (ams *AnalyticsMetricsService) XscManager() *xsc.XscServicesManager
type AnalyzerManager ¶
func (*AnalyzerManager) Exec ¶
func (am *AnalyzerManager) Exec(configFile, scanCommand, workingDir string, serverDetails *config.ServerDetails) (err error)
func (*AnalyzerManager) ExecWithOutputFile ¶
func (am *AnalyzerManager) ExecWithOutputFile(configFile, scanCommand, workingDir, outputFile string, serverDetails *config.ServerDetails) (err error)
type ApplicabilityStatus ¶
type ApplicabilityStatus string
const ( Applicable ApplicabilityStatus = "Applicable" NotApplicable ApplicabilityStatus = "Not Applicable" ApplicabilityUndetermined ApplicabilityStatus = "Undetermined" NotCovered ApplicabilityStatus = "Not Covered" NotScanned ApplicabilityStatus = "" )
func (ApplicabilityStatus) String ¶
func (as ApplicabilityStatus) String() string
type AuditBasicParams ¶
type AuditBasicParams struct {
// contains filtered or unexported fields
}
func (*AuditBasicParams) AppendDependenciesForApplicabilityScan ¶
func (abp *AuditBasicParams) AppendDependenciesForApplicabilityScan(directDependencies []string) *AuditBasicParams
func (*AuditBasicParams) Args ¶
func (abp *AuditBasicParams) Args() []string
func (*AuditBasicParams) DepsRepo ¶
func (abp *AuditBasicParams) DepsRepo() string
func (*AuditBasicParams) DirectDependencies ¶
func (abp *AuditBasicParams) DirectDependencies() *[]string
func (*AuditBasicParams) ExcludeTestDependencies ¶
func (abp *AuditBasicParams) ExcludeTestDependencies() bool
func (*AuditBasicParams) Exclusions ¶ added in v1.0.4
func (abp *AuditBasicParams) Exclusions() []string
func (*AuditBasicParams) IgnoreConfigFile ¶
func (abp *AuditBasicParams) IgnoreConfigFile() bool
func (*AuditBasicParams) InsecureTls ¶
func (abp *AuditBasicParams) InsecureTls() bool
func (*AuditBasicParams) InstallCommandArgs ¶
func (abp *AuditBasicParams) InstallCommandArgs() []string
func (*AuditBasicParams) InstallCommandName ¶
func (abp *AuditBasicParams) InstallCommandName() string
func (*AuditBasicParams) IsCurationCmd ¶ added in v1.0.2
func (abp *AuditBasicParams) IsCurationCmd() bool
func (*AuditBasicParams) IsMavenDepTreeInstalled ¶
func (abp *AuditBasicParams) IsMavenDepTreeInstalled() bool
func (*AuditBasicParams) IsRecursiveScan ¶ added in v1.0.4
func (abp *AuditBasicParams) IsRecursiveScan() bool
func (*AuditBasicParams) OutputFormat ¶
func (abp *AuditBasicParams) OutputFormat() format.OutputFormat
func (*AuditBasicParams) PipRequirementsFile ¶
func (abp *AuditBasicParams) PipRequirementsFile() string
func (*AuditBasicParams) Progress ¶
func (abp *AuditBasicParams) Progress() ioUtils.ProgressMgr
func (*AuditBasicParams) ScansToPerform ¶ added in v1.4.0
func (abp *AuditBasicParams) ScansToPerform() []SubScanType
func (*AuditBasicParams) ServerDetails ¶
func (abp *AuditBasicParams) ServerDetails() (*config.ServerDetails, error)
func (*AuditBasicParams) SetDepsRepo ¶
func (abp *AuditBasicParams) SetDepsRepo(depsRepo string) *AuditBasicParams
func (*AuditBasicParams) SetExcludeTestDependencies ¶
func (abp *AuditBasicParams) SetExcludeTestDependencies(excludeTestDependencies bool) *AuditBasicParams
func (*AuditBasicParams) SetExclusions ¶ added in v1.0.4
func (abp *AuditBasicParams) SetExclusions(exclusions []string) *AuditBasicParams
func (*AuditBasicParams) SetIgnoreConfigFile ¶
func (abp *AuditBasicParams) SetIgnoreConfigFile(ignoreConfigFile bool) *AuditBasicParams
func (*AuditBasicParams) SetInsecureTls ¶
func (abp *AuditBasicParams) SetInsecureTls(insecureTls bool) *AuditBasicParams
func (*AuditBasicParams) SetInstallCommandArgs ¶
func (abp *AuditBasicParams) SetInstallCommandArgs(installCommandArgs []string) *AuditBasicParams
func (*AuditBasicParams) SetInstallCommandName ¶
func (abp *AuditBasicParams) SetInstallCommandName(installCommandName string) *AuditBasicParams
func (*AuditBasicParams) SetIsCurationCmd ¶ added in v1.0.2
func (abp *AuditBasicParams) SetIsCurationCmd(isCurationCmd bool) *AuditBasicParams
func (*AuditBasicParams) SetIsMavenDepTreeInstalled ¶
func (abp *AuditBasicParams) SetIsMavenDepTreeInstalled(isMavenDepTreeInstalled bool) *AuditBasicParams
func (*AuditBasicParams) SetIsRecursiveScan ¶ added in v1.0.4
func (abp *AuditBasicParams) SetIsRecursiveScan(isRecursiveScan bool) *AuditBasicParams
func (*AuditBasicParams) SetNpmScope ¶
func (abp *AuditBasicParams) SetNpmScope(depType string) *AuditBasicParams
func (*AuditBasicParams) SetOutputFormat ¶
func (abp *AuditBasicParams) SetOutputFormat(format format.OutputFormat) *AuditBasicParams
func (*AuditBasicParams) SetPipRequirementsFile ¶
func (abp *AuditBasicParams) SetPipRequirementsFile(requirementsFile string) *AuditBasicParams
func (*AuditBasicParams) SetProgress ¶
func (abp *AuditBasicParams) SetProgress(progress ioUtils.ProgressMgr)
func (*AuditBasicParams) SetScansToPerform ¶ added in v1.4.0
func (abp *AuditBasicParams) SetScansToPerform(scansToPerform []SubScanType) *AuditBasicParams
func (*AuditBasicParams) SetServerDetails ¶
func (abp *AuditBasicParams) SetServerDetails(serverDetails *config.ServerDetails) *AuditBasicParams
func (*AuditBasicParams) SetTechnologies ¶
func (abp *AuditBasicParams) SetTechnologies(technologies []string) *AuditBasicParams
func (*AuditBasicParams) SetUseJas ¶ added in v1.4.0
func (abp *AuditBasicParams) SetUseJas(useJas bool) *AuditBasicParams
func (*AuditBasicParams) SetUseWrapper ¶
func (abp *AuditBasicParams) SetUseWrapper(useWrapper bool) *AuditBasicParams
func (*AuditBasicParams) Technologies ¶
func (abp *AuditBasicParams) Technologies() []string
func (*AuditBasicParams) UseJas ¶ added in v1.4.0
func (abp *AuditBasicParams) UseJas() bool
func (*AuditBasicParams) UseWrapper ¶
func (abp *AuditBasicParams) UseWrapper() bool
type AuditNpmParams ¶
type AuditNpmParams struct { AuditParams // contains filtered or unexported fields }
func (AuditNpmParams) NpmIgnoreNodeModules ¶
func (anp AuditNpmParams) NpmIgnoreNodeModules() bool
func (AuditNpmParams) NpmOverwritePackageLock ¶
func (anp AuditNpmParams) NpmOverwritePackageLock() bool
func (AuditNpmParams) SetNpmIgnoreNodeModules ¶
func (anp AuditNpmParams) SetNpmIgnoreNodeModules(ignoreNpmNodeModules bool) AuditNpmParams
func (AuditNpmParams) SetNpmOverwritePackageLock ¶
func (anp AuditNpmParams) SetNpmOverwritePackageLock(overwritePackageLock bool) AuditNpmParams
type AuditParams ¶
type AuditParams interface { DirectDependencies() *[]string AppendDependenciesForApplicabilityScan(directDependencies []string) *AuditBasicParams ServerDetails() (*config.ServerDetails, error) SetServerDetails(serverDetails *config.ServerDetails) *AuditBasicParams PipRequirementsFile() string SetPipRequirementsFile(requirementsFile string) *AuditBasicParams ExcludeTestDependencies() bool SetExcludeTestDependencies(excludeTestDependencies bool) *AuditBasicParams UseWrapper() bool SetUseWrapper(useWrapper bool) *AuditBasicParams InsecureTls() bool SetInsecureTls(insecureTls bool) *AuditBasicParams Technologies() []string SetTechnologies(technologies []string) *AuditBasicParams Progress() ioUtils.ProgressMgr SetProgress(progress ioUtils.ProgressMgr) Args() []string InstallCommandName() string InstallCommandArgs() []string SetNpmScope(depType string) *AuditBasicParams OutputFormat() format.OutputFormat DepsRepo() string SetDepsRepo(depsRepo string) *AuditBasicParams IgnoreConfigFile() bool SetIgnoreConfigFile(ignoreConfigFile bool) *AuditBasicParams IsMavenDepTreeInstalled() bool SetIsMavenDepTreeInstalled(isMavenDepTreeInstalled bool) *AuditBasicParams IsCurationCmd() bool SetIsCurationCmd(bool) *AuditBasicParams SetExclusions(exclusions []string) *AuditBasicParams Exclusions() []string SetIsRecursiveScan(isRecursiveScan bool) *AuditBasicParams IsRecursiveScan() bool }
type DepTreeNode ¶ added in v1.2.0
type ExtendedScanResults ¶
type ExtendedScanResults struct { ApplicabilityScanResults []*sarif.Run SecretsScanResults []*sarif.Run IacScanResults []*sarif.Run SastScanResults []*sarif.Run EntitledForJas bool }
func (*ExtendedScanResults) GetResultsForTarget ¶ added in v1.2.0
func (e *ExtendedScanResults) GetResultsForTarget(target string) (result *ExtendedScanResults)
func (*ExtendedScanResults) IsIssuesFound ¶
func (e *ExtendedScanResults) IsIssuesFound() bool
type IssueDetails ¶ added in v1.3.0
type JasScanType ¶
type JasScanType string
const ( Applicability JasScanType = "Applicability" Secrets JasScanType = "Secrets" IaC JasScanType = "IaC" Sast JasScanType = "Sast" )
func (JasScanType) FormattedError ¶
func (jst JasScanType) FormattedError(err error) error
func (JasScanType) String ¶
func (jst JasScanType) String() string
type Results ¶
type Results struct { ScaResults []*ScaScanResult XrayVersion string ScansErr error ExtendedScanResults *ExtendedScanResults MultiScanId string }
func NewAuditResults ¶
func NewAuditResults() *Results
func (*Results) CountScanResultsFindings ¶ added in v1.1.0
Counts the total number of unique findings in the provided results. A unique SCA finding is identified by a unique pair of vulnerability's/violation's issueId and component id or by a result returned from one of JAS scans.
func (*Results) GetScaScannedTechnologies ¶
func (r *Results) GetScaScannedTechnologies() []techutils.Technology
func (*Results) GetScaScansXrayResults ¶
func (r *Results) GetScaScansXrayResults() (results []services.ScanResponse)
func (*Results) GetSummary ¶ added in v1.2.0
func (r *Results) GetSummary() (summary formats.SummaryResults)
func (*Results) IsIssuesFound ¶
func (*Results) IsMultipleProject ¶
func (*Results) IsScaIssuesFound ¶
type ResultsWriter ¶
type ResultsWriter struct {
// contains filtered or unexported fields
}
func NewResultsWriter ¶
func NewResultsWriter(scanResults *Results) *ResultsWriter
func (*ResultsWriter) PrintScanResults ¶
func (rw *ResultsWriter) PrintScanResults() error
PrintScanResults prints the scan results in the specified format. Note that errors are printed only with SimpleJson format.
func (*ResultsWriter) SetExtraMessages ¶
func (rw *ResultsWriter) SetExtraMessages(messages []string) *ResultsWriter
func (*ResultsWriter) SetIncludeLicenses ¶
func (rw *ResultsWriter) SetIncludeLicenses(licenses bool) *ResultsWriter
func (*ResultsWriter) SetIncludeVulnerabilities ¶
func (rw *ResultsWriter) SetIncludeVulnerabilities(includeVulnerabilities bool) *ResultsWriter
func (*ResultsWriter) SetIsMultipleRootProject ¶
func (rw *ResultsWriter) SetIsMultipleRootProject(isMultipleRootProject bool) *ResultsWriter
func (*ResultsWriter) SetOutputFormat ¶
func (rw *ResultsWriter) SetOutputFormat(f format.OutputFormat) *ResultsWriter
func (*ResultsWriter) SetPrintExtendedTable ¶
func (rw *ResultsWriter) SetPrintExtendedTable(extendedTable bool) *ResultsWriter
func (*ResultsWriter) SetScanType ¶
func (rw *ResultsWriter) SetScanType(scanType services.ScanType) *ResultsWriter
func (*ResultsWriter) SetSimpleJsonError ¶
func (rw *ResultsWriter) SetSimpleJsonError(jsonErrors []formats.SimpleJsonError) *ResultsWriter
func (*ResultsWriter) SetSubScansPreformed ¶ added in v1.4.0
func (rw *ResultsWriter) SetSubScansPreformed(subScansPreformed []SubScanType) *ResultsWriter
type SarifLevel ¶
type SarifLevel string
type ScaScanResult ¶
type ScaScanResult struct { // Could be working directory (audit), file path (binary scan) or build name+number (build scan) Target string `json:"Target"` Technology techutils.Technology `json:"Technology,omitempty"` XrayResults []services.ScanResponse `json:"XrayResults,omitempty"` Descriptors []string `json:"Descriptors,omitempty"` IsMultipleRootProject *bool `json:"IsMultipleRootProject,omitempty"` }
func (ScaScanResult) HasInformation ¶
func (s ScaScanResult) HasInformation() bool
type ScanCommandSummaryResult ¶ added in v1.2.0
type ScanCommandSummaryResult struct { Section SecuritySummarySection `json:"section"` WorkingDirectory string `json:"workingDirectory"` Results formats.SummaryResults `json:"results"` }
type SecurityCommandsSummary ¶ added in v1.2.0
type SecurityCommandsSummary struct { BuildScanCommands []formats.SummaryResults `json:"buildScanCommands"` ScanCommands []formats.SummaryResults `json:"scanCommands"` AuditCommands []formats.SummaryResults `json:"auditCommands"` }
func (*SecurityCommandsSummary) GenerateMarkdownFromFiles ¶ added in v1.2.0
func (scs *SecurityCommandsSummary) GenerateMarkdownFromFiles(dataFilePaths []string) (markdown string, err error)
func (*SecurityCommandsSummary) GetOrderedSectionsWithContent ¶ added in v1.2.0
func (scs *SecurityCommandsSummary) GetOrderedSectionsWithContent() (sections []SecuritySummarySection)
type SecurityParallelRunner ¶ added in v1.4.0
type SecurityParallelRunner struct { Runner parallel.Runner ErrorsQueue chan error ResultsMu sync.Mutex ScaScansWg sync.WaitGroup // Verify that the sca scan routines are done before running contextual scan JasScannersWg sync.WaitGroup // Verify that all scanners routines are done before cleaning temp dir JasWg sync.WaitGroup // Verify that downloading analyzer manager and running all scanners are done ErrWg sync.WaitGroup // Verify that all errors are handled before finishing the audit func }
func CreateSecurityParallelRunner ¶ added in v1.4.0
func CreateSecurityParallelRunner(numOfParallelScans int) *SecurityParallelRunner
func NewSecurityParallelRunner ¶ added in v1.4.0
func NewSecurityParallelRunner(numOfParallelScans int) SecurityParallelRunner
func (*SecurityParallelRunner) AddErrorToChan ¶ added in v1.4.0
func (spr *SecurityParallelRunner) AddErrorToChan(err error)
type SecuritySummarySection ¶ added in v1.2.0
type SecuritySummarySection string
const ( Build SecuritySummarySection = "Builds" Binary SecuritySummarySection = "Artifacts" Modules SecuritySummarySection = "Modules" )
type SubScanType ¶ added in v1.4.0
type SubScanType string
const ( ContextualAnalysisScan SubScanType = "contextual_analysis" ScaScan SubScanType = "sca" IacScan SubScanType = "iac" SastScan SubScanType = "sast" SecretsScan SubScanType = "secrets" )
func GetAllSupportedScans ¶ added in v1.4.0
func GetAllSupportedScans() []SubScanType
func (SubScanType) String ¶ added in v1.4.0
func (s SubScanType) String() string
type TableSeverity ¶
type TableSeverity struct { formats.SeverityDetails // contains filtered or unexported fields }
func GetSeverity ¶
func GetSeverity(severityTitle string, applicable ApplicabilityStatus) *TableSeverity
func (*TableSeverity) Emoji ¶
func (s *TableSeverity) Emoji() string
func (*TableSeverity) NumValue ¶
func (s *TableSeverity) NumValue() int