vex

package

v0.0.2 Latest Latest Go to latest Published: Dec 4, 2024 License: Apache-2.0 Imports: 29 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/khulnasoft/tunnel

Documentation ¶

Index ¶

func Filter(ctx context.Context, report *types.Report, opts Options) error
type CSAF
- func (v *CSAF) Filter(result *types.Result, bom *core.BOM)
- func (v *CSAF) NotAffected(vuln types.DetectedVulnerability, product, subProduct *core.Component) (types.ModifiedFinding, bool)
type Client
- func New(ctx context.Context, report *types.Report, opts Options) (*Client, error)
- func (c *Client) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)
type CycloneDX
- func (v *CycloneDX) NotAffected(vuln types.DetectedVulnerability, product, _ *core.Component) (types.ModifiedFinding, bool)
type NotAffected
type OCI
type OpenVEX
- func NewOCI(report *types.Report) (*OpenVEX, error)
- func RetrieveVEXAttestation(p *purl.PackageURL) (*OpenVEX, error)
- func (v *OpenVEX) Filter(result *types.Result, bom *core.BOM)
- func (v *OpenVEX) Matches(vuln types.DetectedVulnerability, product, subComponent *core.Component) []openvex.Statement
- func (v *OpenVEX) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)
type Options
type RepositoryIndex
type RepositorySet
- func NewRepositorySet(ctx context.Context, cacheDir string) (*RepositorySet, error)
- func (rs *RepositorySet) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)
- func (rs *RepositorySet) OpenDocument(source, dir string, entry repo.PackageEntry) (VEX, error)
type Source
- func NewSource(src string) Source
type SourceType
type Statement
type VEX
- func NewDocument(filePath string, report *types.Report) (VEX, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Filter ¶

func Filter(ctx context.Context, report *types.Report, opts Options) error

Filter determines whether a detected vulnerability should be filtered out based on the provided VEX document. If the VEX document is passed and the vulnerability is either not affected or fixed according to the VEX statement, the vulnerability is filtered out.

Types ¶

type CSAF ¶

type CSAF struct {
	// contains filtered or unexported fields
}

func (*CSAF) Filter ¶

func (v *CSAF) Filter(result *types.Result, bom *core.BOM)

func (*CSAF) NotAffected ¶

func (v *CSAF) NotAffected(vuln types.DetectedVulnerability, product, subProduct *core.Component) (types.ModifiedFinding, bool)

type Client ¶

type Client struct {
	VEXes []VEX
}

func New ¶

func New(ctx context.Context, report *types.Report, opts Options) (*Client, error)

func (*Client) NotAffected ¶

func (c *Client) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)

type CycloneDX ¶

type CycloneDX struct {
	// contains filtered or unexported fields
}

func (*CycloneDX) NotAffected ¶

func (v *CycloneDX) NotAffected(vuln types.DetectedVulnerability, product, _ *core.Component) (types.ModifiedFinding, bool)

type NotAffected ¶

type NotAffected func(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)

type OCI ¶

type OCI struct{}

type OpenVEX ¶

type OpenVEX struct {
	// contains filtered or unexported fields
}

func NewOCI ¶

func NewOCI(report *types.Report) (*OpenVEX, error)

func RetrieveVEXAttestation ¶

func RetrieveVEXAttestation(p *purl.PackageURL) (*OpenVEX, error)

func (*OpenVEX) Filter ¶

func (v *OpenVEX) Filter(result *types.Result, bom *core.BOM)

func (*OpenVEX) Matches ¶

func (v *OpenVEX) Matches(vuln types.DetectedVulnerability, product, subComponent *core.Component) []openvex.Statement

func (*OpenVEX) NotAffected ¶

func (v *OpenVEX) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)

type Options ¶

type Options struct {
	CacheDir string
	Sources  []Source
}

type RepositoryIndex ¶

type RepositoryIndex struct {
	Name string
	URL  string
	repo.Index
}

RepositoryIndex wraps the repository index

type RepositorySet ¶

type RepositorySet struct {
	// contains filtered or unexported fields
}

func NewRepositorySet ¶

func NewRepositorySet(ctx context.Context, cacheDir string) (*RepositorySet, error)

func (*RepositorySet) NotAffected ¶

func (rs *RepositorySet) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)

func (*RepositorySet) OpenDocument ¶

func (rs *RepositorySet) OpenDocument(source, dir string, entry repo.PackageEntry) (VEX, error)

type Source ¶

type Source struct {
	Type     SourceType
	FilePath string // Used only for the file type
}

func NewSource ¶

func NewSource(src string) Source

type SourceType ¶

type SourceType string

const (
	TypeFile       SourceType = "file"
	TypeRepository SourceType = "repo"
	TypeOCI        SourceType = "oci"
)

type Statement ¶

type Statement struct {
	Affects       []string
	Status        types.FindingStatus
	Justification string
}

type VEX ¶

type VEX interface {
	NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)
}

VEX represents Vulnerability Exploitability eXchange. It abstracts multiple VEX formats. Note: This is in the experimental stage and does not yet support many specifications. The implementation may change significantly.

func NewDocument ¶

func NewDocument(filePath string, report *types.Report) (VEX, error)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
repo

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL