Documentation ¶
Index ¶
- func Filter(ctx context.Context, report *types.Report, opts Options) error
- type CSAF
- type Client
- type CycloneDX
- type NotAffected
- type OCI
- type OpenVEX
- func (v *OpenVEX) Filter(result *types.Result, bom *core.BOM)
- func (v *OpenVEX) Matches(vuln types.DetectedVulnerability, product, subComponent *core.Component) []openvex.Statement
- func (v *OpenVEX) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)
- type Options
- type RepositoryIndex
- type RepositorySet
- type Source
- type SourceType
- type Statement
- type VEX
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type CSAF ¶
type CSAF struct {
// contains filtered or unexported fields
}
func (*CSAF) NotAffected ¶
func (v *CSAF) NotAffected(vuln types.DetectedVulnerability, product, subProduct *core.Component) (types.ModifiedFinding, bool)
type Client ¶
type Client struct {
VEXes []VEX
}
func (*Client) NotAffected ¶
func (c *Client) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)
type CycloneDX ¶
type CycloneDX struct {
// contains filtered or unexported fields
}
func (*CycloneDX) NotAffected ¶
func (v *CycloneDX) NotAffected(vuln types.DetectedVulnerability, product, _ *core.Component) (types.ModifiedFinding, bool)
type NotAffected ¶
type NotAffected func(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)
type OpenVEX ¶
type OpenVEX struct {
// contains filtered or unexported fields
}
func RetrieveVEXAttestation ¶
func RetrieveVEXAttestation(p *purl.PackageURL) (*OpenVEX, error)
func (*OpenVEX) NotAffected ¶
func (v *OpenVEX) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)
type RepositoryIndex ¶
RepositoryIndex wraps the repository index
type RepositorySet ¶
type RepositorySet struct {
// contains filtered or unexported fields
}
func NewRepositorySet ¶
func NewRepositorySet(ctx context.Context, cacheDir string) (*RepositorySet, error)
func (*RepositorySet) NotAffected ¶
func (rs *RepositorySet) NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)
func (*RepositorySet) OpenDocument ¶
func (rs *RepositorySet) OpenDocument(source, dir string, entry repo.PackageEntry) (VEX, error)
type Source ¶
type Source struct { Type SourceType FilePath string // Used only for the file type }
type SourceType ¶
type SourceType string
const ( TypeFile SourceType = "file" TypeRepository SourceType = "repo" TypeOCI SourceType = "oci" )
type Statement ¶
type Statement struct { Affects []string Status types.FindingStatus Justification string }
type VEX ¶
type VEX interface {
NotAffected(vuln types.DetectedVulnerability, product, subComponent *core.Component) (types.ModifiedFinding, bool)
}
VEX represents Vulnerability Exploitability eXchange. It abstracts multiple VEX formats. Note: This is in the experimental stage and does not yet support many specifications. The implementation may change significantly.
Source Files ¶
Click to show internal directories.
Click to hide internal directories.