osv

package
v1.4.21 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 29, 2023 License: Apache-2.0 Imports: 22 Imported by: 1

Documentation

Overview

Package osv is an updater for OSV-formatted advisories.

Index

Constants

View Source
const DefaultURL = `https://osv-vulnerabilities.storage.googleapis.com/`

DefaultURL is the S3 bucket provided by the OSV project.

Variables

View Source
var Factory driver.UpdaterSetFactory = &factory{}

Factory is the UpdaterSetFactory exposed by this package.

All configuration is done on the returned updaters. See the Config type.

Functions

This section is empty.

Types

type Config

type Config struct {
	// The URL serving data dumps behind an S3 API.
	//
	// Authentication is unconfigurable, the ListObjectsV2 API must be publicly
	// accessible.
	URL string `json:"url" yaml:"url"`
	// Allowlist is a list of ecosystems to allow. When this is unset, all are
	// allowed.
	//
	// Extant ecosystems are discovered at runtime, see the OSV Schema
	// (https://ossf.github.io/osv-schema/) for the current list.
	Allowlist []string `json:"allowlist" yaml:"allowlist"`
}

Config is the configuration that this updater accepts.

By convention, it's at a key called "osv".

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL