vulncheck

package
v0.0.76 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 27, 2024 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Overview

Package vulncheck provides the vulnerability check evaluator

Package vulncheck provides the vulnerability check evaluator

Package vulncheck provides the vulnerability check evaluator

Package vulncheck provides the vulnerability check evaluator

Package vulncheck provides the vulnerability check evaluator

Package vulncheck provides the vulnerability check evaluator

Package vulncheck provides the vulnerability check evaluator

Index

Constants

View Source 
const (
	// VulncheckEvalType is the type of the vulncheck evaluator
	VulncheckEvalType = "vulncheck"
)

Variables

View Source 
var ErrPkgNotFound = fmt.Errorf("package not found")

ErrPkgNotFound is returned when the package is not found in the package repository

Functions

This section is empty.

Types

type Evaluator 

type Evaluator struct {
	// contains filtered or unexported fields
}

Evaluator is the vulncheck evaluator

func NewVulncheckEvaluator 

func NewVulncheckEvaluator(
	ghcli provifv1.GitHub,
	opts ...eoptions.Option,
) (*Evaluator, error)

NewVulncheckEvaluator creates a new vulncheck evaluator

func (*Evaluator) Eval 

func (e *Evaluator) Eval(
	ctx context.Context,
	pol map[string]any,
	_ protoreflect.ProtoMessage,
	res *interfaces.Result,
) error

Eval implements the Evaluator interface.

func (*Evaluator) SetFlagsClient 

func (e *Evaluator) SetFlagsClient(client openfeature.IClient) error

SetFlagsClient sets the `openfeature` client in the underlying `Evaluator` struct.

type OSVResponse 

type OSVResponse struct {
	Vulns []struct {
		ID               string    `json:"id"`
		Summary          string    `json:"summary"`
		Details          string    `json:"details"`
		Aliases          []string  `json:"aliases"`
		Modified         time.Time `json:"modified"`
		Published        time.Time `json:"published"`
		DatabaseSpecific struct {
			GithubReviewedAt string   `json:"github_reviewed_at"`
			GithubReviewed   bool     `json:"github_reviewed"`
			Severity         string   `json:"severity"`
			CweIDs           []string `json:"cwe_ids"`
			NvdPublishedAt   string   `json:"nvd_published_at"`
		} `json:"database_specific"`
		References []struct {
			Type string `json:"type"`
			URL  string `json:"url"`
		} `json:"references"`
		Affected []struct {
			Package struct {
				Name      string `json:"name"`
				Ecosystem string `json:"ecosystem"`
				Purl      string `json:"purl"`
			} `json:"package"`
			Ranges []struct {
				Type   string `json:"type"`
				Events []struct {
					Introduced string `json:"introduced,omitempty"`
					Fixed      string `json:"fixed,omitempty"`
				} `json:"events"`
			} `json:"ranges"`
			DatabaseSpecific struct {
				Source string `json:"source"`
			} `json:"database_specific"`
		} `json:"affected"`
		SchemaVersion string `json:"schema_version"`
		Severity      []struct {
			Type  string `json:"type"`
			Score string `json:"score"`
		} `json:"severity"`
	} `json:"vulns"`
}

OSVResponse is a response from the OSV database

type PyPiReply 

type PyPiReply struct {
	Info struct {
		Name    string `json:"name"`
		Version string `json:"version"`
	} `json:"info"`
	// contains filtered or unexported fields
}

PyPiReply is the reply from the PyPi API

func (*PyPiReply) GetFormatterMeta 

func (p *PyPiReply) GetFormatterMeta() formatterMeta

GetFormatterMeta returns the formatterMeta for the PyPiReply

func (*PyPiReply) GetPatchedVersion 

func (p *PyPiReply) GetPatchedVersion() string

GetPatchedVersion returns the suggested patch version for a vulnerable package

func (*PyPiReply) HasPatchedVersion 

func (p *PyPiReply) HasPatchedVersion() bool

HasPatchedVersion returns true if the vulnerable package can be updated to a patched version

func (*PyPiReply) IndentedString 

func (p *PyPiReply) IndentedString(_ int, oldDepLine string, oldDep *pbinternal.Dependency) string

IndentedString returns the patch suggestion for a requirement.txt file This method satisfies the patchLocatorFormatter interface where different package managers have different patch formats and different ways of presenting them. Since PyPi doesn't indent, but can specify zero or multiple versions, we don't care about the indent parameter. This is ripe for refactoring, though, see the comment in the patchLocatorFormatter interface.

func (*PyPiReply) LineHasDependency 

func (p *PyPiReply) LineHasDependency(line string) bool

LineHasDependency returns true if the requirement.txt line is for the same package as the receiver

type RepoQuerier 

type RepoQuerier interface {
	SendRecvRequest(ctx context.Context, dep *pbinternal.Dependency, patched string, latest bool) (patchLocatorFormatter, error)
	NoPatchAvailableFormatter(dep *pbinternal.Dependency) patchLocatorFormatter
	PkgRegistryErrorFormatter(dep *pbinternal.Dependency, registryErr error) patchLocatorFormatter
}

RepoQuerier is the interface for querying a repository

type Vulnerability 

type Vulnerability struct {
	ID         string `json:"id"`
	Summary    string `json:"summary"`
	Details    string `json:"details"`
	Introduced string `json:"introduced,omitempty"`
	Fixed      string `json:"fixed,omitempty"`
	Type       string `json:"type"`
}

Vulnerability is a vulnerability JSON representation

type VulnerabilityResponse 

type VulnerabilityResponse struct {
	Vulns []Vulnerability `json:"vulns"`
}

VulnerabilityResponse is a response from the vulnerability database

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.