blackduck

package
v0.0.0-...-40d4f7c Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 4, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	HEADER_PROJECT_DETAILS_V4 = "application/vnd.blackducksoftware.project-detail-4+json"
	HEADER_USER_V4            = "application/vnd.blackducksoftware.user-4+json"
	HEADER_BOM_V6             = "application/vnd.blackducksoftware.bill-of-materials-6+json"
)
View Source 
const ReportsDirectory = "blackduck"

ReportsDirectory defines the subfolder for the Blackduck reports which are generated

Variables

This section is empty.

Functions

func CreateSarifResultFile 

func CreateSarifResultFile(vulns *Vulnerabilities, projectName, projectVersion, projectLink string) *format.SARIF

CreateSarifResultFile creates a SARIF result from the Vulnerabilities that were brought up by the scan

func WriteSarifFile 

func WriteSarifFile(sarif *format.SARIF, utils piperutils.FileUtils) ([]piperutils.Path, error)

WriteSarifFile write a JSON sarif format file for upload into e.g. GCP

func WriteVulnerabilityReports 

func WriteVulnerabilityReports(scanReport reporting.ScanReport, utils piperutils.FileUtils) ([]piperutils.Path, error)

WriteVulnerabilityReports writes vulnerability information from ScanReport into dedicated outputs e.g. HTML

Types

type Client 

type Client struct {
	BearerToken                 string `json:"bearerToken,omitempty"`
	BearerExpiresInMilliseconds int64  `json:"expiresInMilliseconds,omitempty"`
	// contains filtered or unexported fields
}

Client defines a BlackDuck client

func NewClient 

func NewClient(token, serverURL string, httpClient piperhttp.Sender) Client

NewClient creates a new BlackDuck client

func (*Client) GetComponents 

func (b *Client) GetComponents(projectName, versionName string) (*Components, error)

func (*Client) GetComponentsWithLicensePolicyRule 

func (b *Client) GetComponentsWithLicensePolicyRule(projectName, versionName string) (*Components, error)

func (*Client) GetPolicyStatus 

func (b *Client) GetPolicyStatus(projectName, versionName string) (*PolicyStatus, error)

func (*Client) GetProject 

func (b *Client) GetProject(projectName string) (*Project, error)

GetProject returns a project with a given name

func (*Client) GetProjectVersion 

func (b *Client) GetProjectVersion(projectName, projectVersion string) (*ProjectVersion, error)

GetProjectVersion returns a project version with a given name 

func (b *Client) GetProjectVersionLink(projectName, versionName string) (string, error)

func (*Client) GetVulnerabilities 

func (b *Client) GetVulnerabilities(projectName, versionName string) (*Vulnerabilities, error)

type Component 

type Component struct {
	Name                string            `json:"componentName,omitempty"`
	Version             string            `json:"componentVersionName,omitempty"`
	ComponentOriginName string            `json:"componentVersionOriginName,omitempty"`
	PrimaryLanguage     string            `json:"primaryLanguage,omitempty"`
	PolicyStatus        string            `json:"policyStatus,omitempty"`
	MatchTypes          []string          `json:"matchTypes,omitempty"`
	Origins             []ComponentOrigin `json:"origins,omitempty"`
	Metadata            `json:"_meta,omitempty"`
}

func (*Component) MatchedType 

func (c *Component) MatchedType() string

MatchedType returns matched type of component: direct/transitive

func (*Component) ToPackageUrl 

func (c *Component) ToPackageUrl() *packageurl.PackageURL

ToPackageUrl creates the package URL for the component

type ComponentOrigin 

type ComponentOrigin struct {
	ExternalNamespace string `json:"externalNamespace,omitempty"`
	ExternalID        string `json:"externalId,omitempty"`
}

type Components 

type Components struct {
	TotalCount int         `json:"totalCount,omitempty"`
	Items      []Component `json:"items,omitempty"`
}
type Link struct {
	Rel  string `json:"rel,omitempty"`
	Href string `json:"href,omitempty"`
}

Link defines BlackDuck links to e.g. versions of projects

type Metadata 

type Metadata struct {
	Href  string `json:"href,omitempty"`
	Links []Link `json:"links,omitempty"`
}

Metadata defines BlackDuck metadata for e.g. projects

type PolicyStatus 

type PolicyStatus struct {
	OverallStatus        string `json:"overallStatus,omitempty"`
	PolicyVersionDetails `json:"componentVersionPolicyViolationDetails,omitempty"`
}

type PolicyVersionDetails 

type PolicyVersionDetails struct {
	Name           string           `json:"name,omitempty"`
	SeverityLevels []SeverityLevels `json:"severityLevels,omitEmpty"`
}

type Project 

type Project struct {
	Name     string `json:"name,omitempty"`
	Metadata `json:"_meta,omitempty"`
}

Project defines a BlackDuck project

type ProjectVersion 

type ProjectVersion struct {
	Name     string `json:"versionName,omitempty"`
	Metadata `json:"_meta,omitempty"`
}

ProjectVersion defines a version of a BlackDuck project

type ProjectVersions 

type ProjectVersions struct {
	TotalCount int              `json:"totalCount,omitempty"`
	Items      []ProjectVersion `json:"items,omitempty"`
}

ProjectVersions defines the response to a BlackDuck project version API request

type Projects 

type Projects struct {
	TotalCount int       `json:"totalCount,omitempty"`
	Items      []Project `json:"items,omitempty"`
}

Projects defines the response to a BlackDuck project API request

type SeverityLevels 

type SeverityLevels struct {
	Name  string `json:"name,omitempty"`
	Value int    `json:"value,omitempty"`
}

type Vulnerabilities 

type Vulnerabilities struct {
	TotalCount int             `json:"totalCount,omitempty"`
	Items      []Vulnerability `json:"items,omitempty"`
}

type Vulnerability 

type Vulnerability struct {
	Name                         string `json:"componentName,omitempty"`
	Version                      string `json:"componentVersionName,omitempty"`
	ComponentVersionOriginID     string `json:"componentVersionOriginId,omitempty"`
	ComponentVersionOriginName   string `json:"componentVersionOriginName,omitempty"`
	Ignored                      bool   `json:"ignored,omitempty"`
	VulnerabilityWithRemediation `json:"vulnerabilityWithRemediation,omitempty"`
	Component                    *Component
	// contains filtered or unexported fields
}

func (Vulnerability) Title 

func (v Vulnerability) Title() string

Title returns the issue title representation of the contents

func (Vulnerability) ToMarkdown 

func (v Vulnerability) ToMarkdown() ([]byte, error)

ToMarkdown returns the markdown representation of the contents

func (Vulnerability) ToTxt 

func (v Vulnerability) ToTxt() string

ToTxt returns the textual representation of the contents

type VulnerabilityWithRemediation 

type VulnerabilityWithRemediation struct {
	VulnerabilityName      string  `json:"vulnerabilityName,omitempty"`
	BaseScore              float32 `json:"baseScore,omitempty"`
	Severity               string  `json:"severity,omitempty"`
	RemediationStatus      string  `json:"remediationStatus,omitempty"`
	RemediationComment     string  `json:"remediationComment,omitempty"`
	Description            string  `json:"description,omitempty"`
	OverallScore           float32 `json:"overallScore,omitempty"`
	CweID                  string  `json:"cweId,omitempty"`
	ExploitabilitySubscore float32 `json:"exploitabilitySubscore,omitempty"`
	ImpactSubscore         float32 `json:"impactSubscore,omitempty"`
	RelatedVulnerability   string  `json:"relatedVulnerability,omitempty"`
	RemidiatedBy           string  `json:"remediationCreatedBy,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.