formats

package
v1.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 21, 2024 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ScaScan     SummarySubScanType = "SCA"
	IacScan     SummarySubScanType = "IAC"
	SecretsScan SummarySubScanType = "Secrets"
	SastScan    SummarySubScanType = "SAST"

	ViolationTypeSecurity        ViolationIssueType = "security"
	ViolationTypeLicense         ViolationIssueType = "license"
	ViolationTypeOperationalRisk ViolationIssueType = "operational_risk"
)

Variables

This section is empty.

Functions

func ConvertToIacOrSastTableRow

func ConvertToIacOrSastTableRow(rows []SourceCodeRow) (tableRows []iacOrSastTableRow)

func ConvertToLicenseScanTableRow

func ConvertToLicenseScanTableRow(rows []LicenseRow) (tableRows []licenseScanTableRow)

func ConvertToLicenseTableRow

func ConvertToLicenseTableRow(rows []LicenseRow) (tableRows []licenseTableRow)

func ConvertToLicenseViolationScanTableRow

func ConvertToLicenseViolationScanTableRow(rows []LicenseRow) (tableRows []licenseViolationScanTableRow)

func ConvertToLicenseViolationTableRow

func ConvertToLicenseViolationTableRow(rows []LicenseRow) (tableRows []licenseViolationTableRow)

func ConvertToOperationalRiskViolationScanTableRow

func ConvertToOperationalRiskViolationScanTableRow(rows []OperationalRiskViolationRow) (tableRows []operationalRiskViolationScanTableRow)

func ConvertToOperationalRiskViolationTableRow

func ConvertToOperationalRiskViolationTableRow(rows []OperationalRiskViolationRow) (tableRows []operationalRiskViolationTableRow)

func ConvertToSecretsTableRow

func ConvertToSecretsTableRow(rows []SourceCodeRow) (tableRows []secretsTableRow)

func ConvertToVulnerabilityScanTableRow

func ConvertToVulnerabilityScanTableRow(rows []VulnerabilityOrViolationRow) (tableRows []vulnerabilityScanTableRow)

func ConvertToVulnerabilityTableRow

func ConvertToVulnerabilityTableRow(rows []VulnerabilityOrViolationRow) (tableRows []vulnerabilityTableRow)

Types

type Applicability

type Applicability struct {
	Status             string     `json:"status"`
	ScannerDescription string     `json:"scannerDescription,omitempty"`
	Evidence           []Evidence `json:"evidence,omitempty"`
}

type Bom added in v1.6.0

type Bom struct {
	Vulnerabilities struct {
		Vulnerability []struct {
			BomRef string `xml:"bom-ref,attr"`
			Id     string `xml:"id"`
		} `xml:"vulnerability"`
	} `xml:"vulnerabilities"`
}

type ComponentRow

type ComponentRow struct {
	Name    string `json:"name"`
	Version string `json:"version"`
}

type CuratedPackages added in v1.6.3

type CuratedPackages struct {
	Blocked  TwoLevelSummaryCount `json:"blocked,omitempty"`
	Approved int                  `json:"approved,omitempty"`
}

func (*CuratedPackages) GetTotalPackages added in v1.6.3

func (s *CuratedPackages) GetTotalPackages() int

type CveRow

type CveRow struct {
	Id            string         `json:"id"`
	CvssV2        string         `json:"cvssV2"`
	CvssV3        string         `json:"cvssV3"`
	Applicability *Applicability `json:"applicability,omitempty"`
}

type EnrichJson added in v1.6.0

type EnrichJson struct {
	Vulnerability []struct {
		BomRef string `json:"bom-ref,"`
		Id     string `json:"id"`
	} `json:"vulnerabilities"`
}

type Evidence

type Evidence struct {
	Location
	Reason string `json:"reason,omitempty"`
}

type ImpactedDependencyDetails

type ImpactedDependencyDetails struct {
	SeverityDetails
	ImpactedDependencyName    string         `json:"impactedPackageName"`
	ImpactedDependencyVersion string         `json:"impactedPackageVersion"`
	ImpactedDependencyType    string         `json:"impactedPackageType"`
	Components                []ComponentRow `json:"components"`
}

type JfrogResearchInformation

type JfrogResearchInformation struct {
	SeverityDetails
	Summary         string                        `json:"summary,omitempty"`
	Details         string                        `json:"details,omitempty"`
	SeverityReasons []JfrogResearchSeverityReason `json:"severityReasons,omitempty"`
	Remediation     string                        `json:"remediation,omitempty"`
}

type JfrogResearchSeverityReason

type JfrogResearchSeverityReason struct {
	Name        string `json:"name,omitempty"`
	Description string `json:"description,omitempty"`
	IsPositive  bool   `json:"isPositive,omitempty"`
}

type LicenseRow

type LicenseRow struct {
	ImpactedDependencyDetails
	LicenseKey  string           `json:"licenseKey"`
	ImpactPaths [][]ComponentRow `json:"impactPaths"`
}

type Location

type Location struct {
	File        string `json:"file"`
	StartLine   int    `json:"startLine,omitempty"`
	StartColumn int    `json:"startColumn,omitempty"`
	EndLine     int    `json:"endLine,omitempty"`
	EndColumn   int    `json:"endColumn,omitempty"`
	Snippet     string `json:"snippet,omitempty"`
}

type OperationalRiskViolationRow

type OperationalRiskViolationRow struct {
	ImpactedDependencyDetails
	RiskReason    string `json:"riskReason"`
	IsEol         string `json:"isEndOfLife"`
	EolMessage    string `json:"endOfLifeMessage"`
	Cadence       string `json:"cadence"`
	Commits       string `json:"commits"`
	Committers    string `json:"committers"`
	NewerVersions string `json:"newerVersions"`
	LatestVersion string `json:"latestVersion"`
}

type ScanScaResult added in v1.3.0

type ScanScaResult struct {
	SummaryCount   TwoLevelSummaryCount `json:"sca,omitempty"`
	UniqueFindings int                  `json:"unique_findings,omitempty"`
}

type ScanSummaryResult added in v1.2.0

type ScanSummaryResult struct {
	Target          string                      `json:"target,omitempty"`
	Vulnerabilities *ScanVulnerabilitiesSummary `json:"vulnerabilities,omitempty"`
	Violations      TwoLevelSummaryCount        `json:"violations,omitempty"`
	CuratedPackages *CuratedPackages            `json:"curated,omitempty"`
}

func (*ScanSummaryResult) GetTotalIssueCount added in v1.2.0

func (s *ScanSummaryResult) GetTotalIssueCount() (total int)

func (*ScanSummaryResult) GetTotalViolationCount added in v1.3.0

func (s *ScanSummaryResult) GetTotalViolationCount() (total int)

func (*ScanSummaryResult) HasBlockedCuration added in v1.6.3

func (s *ScanSummaryResult) HasBlockedCuration() bool

func (*ScanSummaryResult) HasIssues added in v1.2.0

func (s *ScanSummaryResult) HasIssues() bool

func (*ScanSummaryResult) HasSecurityVulnerabilities added in v1.3.0

func (s *ScanSummaryResult) HasSecurityVulnerabilities() bool

func (*ScanSummaryResult) HasViolations added in v1.3.0

func (s *ScanSummaryResult) HasViolations() bool

type ScanVulnerabilitiesSummary added in v1.3.0

type ScanVulnerabilitiesSummary struct {
	ScaScanResults     *ScanScaResult `json:"sca,omitempty"`
	IacScanResults     *SummaryCount  `json:"iac,omitempty"`
	SecretsScanResults *SummaryCount  `json:"secrets,omitempty"`
	SastScanResults    *SummaryCount  `json:"sast,omitempty"`
}

func (*ScanVulnerabilitiesSummary) GetSubScanTotalIssueCount added in v1.3.0

func (svs *ScanVulnerabilitiesSummary) GetSubScanTotalIssueCount(subScanType SummarySubScanType) (count int)

func (*ScanVulnerabilitiesSummary) GetSubScansWithIssues added in v1.3.0

func (s *ScanVulnerabilitiesSummary) GetSubScansWithIssues() []SummarySubScanType

func (*ScanVulnerabilitiesSummary) GetTotalIssueCount added in v1.3.0

func (s *ScanVulnerabilitiesSummary) GetTotalIssueCount() (total int)

func (*ScanVulnerabilitiesSummary) GetTotalUniqueIssueCount added in v1.3.0

func (s *ScanVulnerabilitiesSummary) GetTotalUniqueIssueCount() (total int)

type SeverityDetails

type SeverityDetails struct {
	Severity         string `json:"severity"`
	SeverityNumValue int    `json:"-"` // For sorting
}

type SimpleJsonError

type SimpleJsonError struct {
	FilePath     string `json:"filePath"`
	ErrorMessage string `json:"errorMessage"`
}

type SimpleJsonResults

type SimpleJsonResults struct {
	Vulnerabilities           []VulnerabilityOrViolationRow `json:"vulnerabilities"`
	SecurityViolations        []VulnerabilityOrViolationRow `json:"securityViolations"`
	LicensesViolations        []LicenseRow                  `json:"licensesViolations"`
	Licenses                  []LicenseRow                  `json:"licenses"`
	OperationalRiskViolations []OperationalRiskViolationRow `json:"operationalRiskViolations"`
	Secrets                   []SourceCodeRow               `json:"secrets"`
	Iacs                      []SourceCodeRow               `json:"iacViolations"`
	Sast                      []SourceCodeRow               `json:"sastViolations"`
	Errors                    []SimpleJsonError             `json:"errors"`
	MultiScanId               string                        `json:"multiScanId,omitempty"`
}

This struct holds the sorted results of the simple-json output.

type SourceCodeRow

type SourceCodeRow struct {
	SeverityDetails
	Location
	Finding            string       `json:"finding,omitempty"`
	ScannerDescription string       `json:"scannerDescription,omitempty"`
	CodeFlow           [][]Location `json:"codeFlow,omitempty"`
}

type SummaryCount added in v1.2.0

type SummaryCount map[string]int

Severity -> Count

func (SummaryCount) GetTotal added in v1.2.0

func (sc SummaryCount) GetTotal() int

type SummaryResults added in v1.2.0

type SummaryResults struct {
	Scans []ScanSummaryResult `json:"scans"`
}

func (SummaryResults) GetTotalIssueCount added in v1.2.0

func (sr SummaryResults) GetTotalIssueCount() (total int)

type SummarySubScanType added in v1.2.0

type SummarySubScanType string

type TwoLevelSummaryCount added in v1.3.0

type TwoLevelSummaryCount map[string]SummaryCount

Severity -> Applicable status -> Count

func (TwoLevelSummaryCount) GetCombinedLowerLevel added in v1.3.0

func (sc TwoLevelSummaryCount) GetCombinedLowerLevel() (oneLvlCounts SummaryCount)

func (TwoLevelSummaryCount) GetCountOfKeys added in v1.6.3

func (sc TwoLevelSummaryCount) GetCountOfKeys(firstLevel bool) int

func (TwoLevelSummaryCount) GetTotal added in v1.3.0

func (sc TwoLevelSummaryCount) GetTotal() (total int)

type ViolationIssueType added in v1.3.0

type ViolationIssueType string

func (ViolationIssueType) String added in v1.3.0

func (v ViolationIssueType) String() string

type Vulnerabilities added in v1.6.0

type Vulnerabilities struct {
	Vulnerabilities XMLVulnerability `xml:"vulnerabilities"`
}

type Vulnerability added in v1.6.0

type Vulnerability struct {
	BomRef string `json:"bom-ref" xml:"bom-ref,attr"`
	ID     string `json:"id" xml:"id"`
}

type VulnerabilityOrViolationRow

type VulnerabilityOrViolationRow struct {
	ImpactedDependencyDetails
	Summary                  string                    `json:"summary"`
	Applicable               string                    `json:"applicable"`
	FixedVersions            []string                  `json:"fixedVersions"`
	Cves                     []CveRow                  `json:"cves"`
	IssueId                  string                    `json:"issueId"`
	References               []string                  `json:"references"`
	ImpactPaths              [][]ComponentRow          `json:"impactPaths"`
	JfrogResearchInformation *JfrogResearchInformation `json:"jfrogResearchInformation"`
	Technology               techutils.Technology      `json:"-"`
}

Used for vulnerabilities and security violations

type XMLVulnerability added in v1.6.0

type XMLVulnerability struct {
	Vulnerability []Vulnerability `xml:"vulnerability"`
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL