crda

package

v0.4.1 Latest Latest Go to latest Published: May 4, 2021 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/quay/claircore

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func NormalizeSeverity(severity string) claircore.Severity
type Factory
- func (f *Factory) Configure(ctx context.Context, cfg driver.MatcherConfigUnmarshaler, c *http.Client) error
- func (f *Factory) Matcher(ctx context.Context) ([]driver.Matcher, error)
type FactoryConfig
type Matcher
- func NewMatcher(ecosystem string, opt ...Option) (*Matcher, error)
type Option
type Package
type VulnReport
type VulnRequest
type Vulnerability

Constants ¶

View Source

const (
	Low      = "low"
	Medium   = "medium"
	High     = "high"
	Critical = "critical"
)

Variables ¶

This section is empty.

Functions ¶

func NormalizeSeverity ¶

func NormalizeSeverity(severity string) claircore.Severity

NormalizeSeverity takes a string[1] and normalizes it to a claircore.Severity. [1] https://github.com/fabric8-analytics/fabric8-analytics-server/blob/master/api_specs/v2/stack_analyses.yaml#L178

Types ¶

type Factory ¶ added in v0.3.2

type Factory struct {
	// contains filtered or unexported fields
}

Factory contains the configuration to connect with CRDA remote matcher.

func (*Factory) Configure ¶ added in v0.3.2

func (f *Factory) Configure(ctx context.Context, cfg driver.MatcherConfigUnmarshaler, c *http.Client) error

MatcherFactory implements driver.MatcherConfigurable.

func (*Factory) Matcher ¶ added in v0.3.2

func (f *Factory) Matcher(ctx context.Context) ([]driver.Matcher, error)

MatcherFactory implements driver.MatcherFactory.

type FactoryConfig ¶ added in v0.3.2

type FactoryConfig struct {
	URL        string   `json:"url" yaml:"url"`
	Ecosystems []string `json:"ecosystems" yaml:"ecosystems"`
}

To decode the config.

type Matcher ¶

type Matcher struct {
	// contains filtered or unexported fields
}

Matcher attempts to correlate discovered python packages with reported vulnerabilities.

func NewMatcher ¶

func NewMatcher(ecosystem string, opt ...Option) (*Matcher, error)

NewMatcher returns a configured Matcher or reports an error.

func (*Matcher) Filter ¶

func (m *Matcher) Filter(record *claircore.IndexRecord) bool

Filter implements driver.Matcher.

func (*Matcher) Name ¶

func (*Matcher) Name() string

Name implements driver.Matcher.

func (*Matcher) Query ¶

func (*Matcher) Query() []driver.MatchConstraint

Query implements driver.Matcher.

func (*Matcher) QueryRemoteMatcher ¶

func (m *Matcher) QueryRemoteMatcher(ctx context.Context, records []*claircore.IndexRecord) (map[string][]*claircore.Vulnerability, error)

QueryRemoteMatcher implements driver.RemoteMatcher.

func (*Matcher) Vulnerable ¶

func (*Matcher) Vulnerable(ctx context.Context, record *claircore.IndexRecord, vuln *claircore.Vulnerability) (bool, error)

Vulnerable implements driver.Matcher.

type Option ¶

type Option func(*Matcher) error

Option controls the configuration of a Matcher.

func WithBatchSize ¶ added in v0.4.1

func WithBatchSize(batchSize int) Option

WithBatchSize sets the number of records to be batched per request.

If not passed to NewMatcher, a defaultBatchSize will be used.

func WithClient ¶

func WithClient(c *http.Client) Option

WithClient sets the http.Client that the matcher should use for requests.

If not passed to NewMatcher, http.DefaultClient will be used.

func WithRequestConcurrency ¶

func WithRequestConcurrency(requestConcurrency int) Option

WithRequestConcurrency sets the concurrency limit for the network calls.

If not passed to NewMatcher, a defaultRequestConcurrency will be used.

func WithURL ¶

func WithURL(url *url.URL) Option

WithHost sets the server host name that the matcher should use for requests.

If not passed to NewMatcher, defaultHost will be used.

type Package ¶ added in v0.4.1

type Package struct {
	Name    string `json:"package"`
	Version string `json:"version"`
}

Request model.

type VulnReport ¶

type VulnReport struct {
	Name               string          `json:"package"`
	Version            string          `json:"version"`
	RecommendedVersion string          `json:"recommended_versions"`
	Message            string          `json:"message"`
	Vulnerabilities    []Vulnerability `json:"vulnerability"`
}

type VulnRequest ¶ added in v0.4.1

type VulnRequest struct {
	Ecosystem string    `json:"ecosystem"`
	Packages  []Package `json:"package_versions"`
}

type Vulnerability ¶

type Vulnerability struct {
	ID       string   `json:"id"`
	CVSS     string   `json:"cvss"`
	CVES     []string `json:"cve_ids"`
	Severity string   `json:"severity"`
	Title    string   `json:"title"`
	URL      string   `json:"url"`
	FixedIn  []string `json:"fixed_in"`
}

Build struct to model CRDA V2 ComponentAnalysis response which delivers Snyk sourced Vulnerability information.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL