Documentation
¶
Overview ¶
Package trusty provides an evaluator that uses the trusty API
Package trusty provides an evaluator that uses the trusty API ¶
Package trusty provides an evaluator that uses the trusty API
Index ¶
Constants ¶
View Source
const (
// TrustyEvalType is the type of the trusty evaluator
TrustyEvalType = "trusty"
)
Variables ¶
View Source
var ( // SummaryScore is the score to use for the summary score SummaryScore = "score" // DefaultScore is the default score to use DefaultScore = "" )
Functions ¶
This section is empty.
Types ¶
type Evaluator ¶
type Evaluator struct {
// contains filtered or unexported fields
}
Evaluator is the trusty evaluator
func NewTrustyEvaluator ¶
func NewTrustyEvaluator( ctx context.Context, ghcli provifv1.GitHub, opts ...eoptions.Option, ) (*Evaluator, error)
NewTrustyEvaluator creates a new trusty evaluator
func (*Evaluator) Eval ¶
func (e *Evaluator) Eval( ctx context.Context, pol map[string]any, _ protoreflect.ProtoMessage, res *interfaces.Result, ) error
Eval implements the Evaluator interface.
type RuleViolationReason ¶
type RuleViolationReason int
RuleViolationReason are int constants that captures the various reasons a package was considered unsafe when compared with trusty data
const ( // TRUSTY_LOW_SCORE Overall score was lower than threshold TRUSTY_LOW_SCORE RuleViolationReason = iota + 1 // TRUSTY_MALICIOUS_PKG Package is marked as malicious TRUSTY_MALICIOUS_PKG // TRUSTY_LOW_ACTIVITY The package does not have enough activity TRUSTY_LOW_ACTIVITY // TRUSTY_LOW_PROVENANCE Low trust in proof of origin TRUSTY_LOW_PROVENANCE // TRUSTY_DEPRECATED means a package was marked upstream as deprecated or archived TRUSTY_DEPRECATED )
Source Files
Click to show internal directories.
Click to hide internal directories.