Documentation ¶
Index ¶
- Variables
- func ValidateVuln(v *models.Vulnerability) error
- type Indicators
- type OriginRef
- type Report
- func (r *Report) AddOrigin(sourceID, shasum string) *OriginRef
- func (r *Report) AliasID()
- func (r *Report) FilterSelf()
- func (r *Report) HasCommonOrigin(other *Report) bool
- func (r *Report) HasOrigin(sourceID, shasum string) bool
- func (r *Report) ID() string
- func (r *Report) IsWithdrawn() bool
- func (r *Report) MarshalJSON() ([]byte, error)
- func (r *Report) Merge(other *Report) error
- func (r *Report) Normalize() error
- func (r *Report) ParseDetails() (user string, sources map[*OriginRef]string, err error)
- func (r *Report) Path() string
- func (r *Report) RawDetails() string
- func (r *Report) SetDetails(user string, sourceDetailsSet ...map[*OriginRef]string)
- func (r *Report) StripID()
- func (r *Report) UnmarshalJSON(b []byte) error
- func (r *Report) WriteJSON(w io.Writer) error
Constants ¶
This section is empty.
Variables ¶
var ( ErrInvalidOSV = errors.New("invalid OSV") ErrUnexpectedOSV = errors.New("unexpected OSV") ErrNormalizing = errors.New("normalization error") ErrInvalidDetails = errors.New("invalid details") )
var ErrMergeFailure = errors.New("merge failure")
Functions ¶
func ValidateVuln ¶
func ValidateVuln(v *models.Vulnerability) error
ValidateVuln ensures that v conforms to the the OSV Schema, and to the specific constraints expected by the repository.
Types ¶
type Indicators ¶
type Indicators struct { Domains []string `json:"domains"` IPs []string `json:"ips"` URLs []string `json:"urls"` }
func (*Indicators) UnmarshalJSON ¶
func (i *Indicators) UnmarshalJSON(b []byte) error
UnmarshalJSON implements the json.Unmashaler interface.
The implementation ensures that the indicators-of-compromise field (iocs) is populated correctly and common problems can be detected.
type Report ¶
func (*Report) AliasID ¶
func (r *Report) AliasID()
AliasID will add the ID for the report into the aliases section.
If no ID has been assigned, this function is a no-op.
func (*Report) FilterSelf ¶
func (r *Report) FilterSelf()
FilterSelf will remove any refences to this report based on its ID from aliases or references.
If no ID has been assigned, this function is a no-op.
func (*Report) HasCommonOrigin ¶
func (*Report) ID ¶
ID returns the ID for the report.
If no ID has been assigned the value will be the empty string.
func (*Report) IsWithdrawn ¶
IsWithdrawn returns whether or not the report has been withdrawn.
func (*Report) MarshalJSON ¶
func (*Report) ParseDetails ¶
ParseDetails attempts to separate the report details into its various parts.
If it fails to parse the details an error will be returned, and user and sources will both be empty.
On success user contains any user contributed details, and sources contains the detail provided by each unique source, where the key is the source ID.
func (*Report) Path ¶
Path returns a directory name for where the report will be placed.
This dir must be considered unsafe and checked before usage.
func (*Report) RawDetails ¶
RawDetails returns the raw, unparsed, details of the OSV report.
func (*Report) SetDetails ¶
SetDetails constructs and stores the OSV details based on any user contributed details and any origin details for a source.
If a source has multiple origins present, the origin for the same source with the longest detail will be chosen based on the assumption that the longer detail has more information in it.
func (*Report) UnmarshalJSON ¶
UnmarshalJSON implements the json.Unmashaler interface.
The implementation ensures that the resulting parsed data is valid for the purposes of tracking malicious packages.
The implementation also extracts the database specific data tracking the origins the report.