octovy

command module
v0.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 17, 2021 License: MIT Imports: 2 Imported by: 0

README

Octovy Go Report Card Build Status

SampleView https://octovy.io

Octovy is a GitHub App to scan vulnerability of package system (such as RubyGems, NPM, etc.) for GitHub repository. It detects a package lock file such as Gemfile.lock and checks if the package includes vulnerability based on package version. After that, Octovy stores scan report to database that can be accessed via Web UI and sends a result to GitHub Check as CI. A conclusion of GitHub Check is only success (No vulnerable packages) or neutral (Vulnerable package found) for now.

GitHub Check

Basic idea of Octovy is based on Trivy.

Acknowledge

Octovy is massively inspired by Trivy and has a similar mechanism with trivy to detect vulnerability. Additionally Octovy leverages trivy-db as vulnerability/advisory database. I appreciate trivy authors for publishing great OSS.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
pkg
controller
controller/server
domain/model
domain/schema
domain/types
infra
infra/db
infra/ent
infra/ent/authstatecache
infra/ent/enttest
infra/ent/hook
infra/ent/migrate
infra/ent/packagerecord
infra/ent/predicate
infra/ent/repository
infra/ent/runtime
infra/ent/scan
infra/ent/session
infra/ent/user
infra/ent/vulnerability
infra/ent/vulnstatus
infra/ent/vulnstatusindex
infra/github
infra/githubapp
infra/trivy
usecase
utils

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.