model

package
v0.6.18 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 20, 2020 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Indent added in v0.6.8 

func Indent(objToPrint interface{}, indent string) string

Indent adds consistent indentation to a block of text

func Matches 

func Matches(Iface interface{}, regexes map[string][]*regexp.Regexp) bool

Matches applies a list of map of param -> regexes to a statement structure

func MergeStatements 

func MergeStatements(ms ...map[string]Statement) map[string]Statement

MergeStatements merges a variable number of statements

func StringSliceContains added in v0.6.8 

func StringSliceContains(a []string, x string) bool

StringSliceContains tells whether a contains x.

Types

type Alias 

type Alias string

Alias represents other alternative identifiers of the vulnerability

type Artifact 

type Artifact struct {
	// ID is a PURL
	ID string `yaml:"id" json:"id"`
	// VersionRange string `yaml:"versions"`
	Reason   string `yaml:"reason" json:"reason"`
	Affected bool   `yaml:"affected" json:"affected"`
}

Artifact represents a binary artifact (e.g., a .jar, a POM)

type Bug 

type Bug struct {
	VulnerabilityID  string            `json:"bugId"`
	Description      string            `json:"description,omitempty"`
	Links            []string          `json:"reference,omitempty"`
	ConstructChanges []ConstructChange `json:"constructChanges"`
}

A Bug represents vulnerabilities (as represented in the output obtained from the Steady backend)

func (*Bug) ToStatement 

func (b *Bug) ToStatement() *Statement

ToStatement converts a bug as represented by the backend/bugs/VULN-ID endpoint of Steady to a statement object

type Commit 

type Commit struct {
	ID            string `yaml:"id"`
	RepositoryURL string `yaml:"repository"`
}

Commit identifies a single commit in a repository

type CommitSet 

type CommitSet struct {
	// contains filtered or unexported fields
}

CommitSet implements a set of (unique) Commits

func NewCommitSet 

func NewCommitSet() CommitSet

NewCommitSet creates a new empty CommitSet

func (*CommitSet) Add 

func (set *CommitSet) Add(cc ...Commit)

Add adds a Commit cc to the set

func (*CommitSet) AddSlice 

func (set *CommitSet) AddSlice(s []Commit)

AddSlice adds all *Commit elements in slice s to the set

func (*CommitSet) Contains 

func (set *CommitSet) Contains(cc Commit) bool

Contains checks if *Commit cc exists in the set

func (*CommitSet) Elements 

func (set *CommitSet) Elements() []Commit

Elements returns the number of elements in the set

func (*CommitSet) Empty 

func (set *CommitSet) Empty() bool

Empty returns true if the set contains no elements

func (*CommitSet) Remove 

func (set *CommitSet) Remove(cc ...Commit)

Remove deletes a *Commit cc from the set

func (*CommitSet) Size 

func (set *CommitSet) Size() int

Size returns the number of elements in the set

type ConstructChange 

type ConstructChange struct {
	Repo     string `yaml:"repo"`
	Commit   string `yaml:"commit"`
	RepoPath string `yaml:"repoPath"`
}

ConstructChange represents a commit fix in the vuln database

type Fix 

type Fix struct {
	ID      string
	Commits []Commit
}

Fix represents a group of commits that implement the fix for a given vulnerability

type MergeLog 

type MergeLog struct {
	// contains filtered or unexported fields
}

MergeLog is a collection of merge records, documenting how a merge operation was performed

func NewMergeLog 

func NewMergeLog(executionID string) MergeLog

NewMergeLog creates a new instance of a MergeLog

func (*MergeLog) Dump 

func (ml *MergeLog) Dump(path string)

Dump saves the MergeLog to a file

func (*MergeLog) Entries 

func (ml *MergeLog) Entries() []MergeLogEntry

Entries returns all entries in the MergeLog

func (*MergeLog) Log 

func (ml *MergeLog) Log(logEntry MergeLogEntry)

Log appends a MergeLogEntry to the MergeLog

type MergeLogEntry 

type MergeLogEntry struct {
	// contains filtered or unexported fields
}

A MergeLogEntry represents the results of a merge operation Must identify which element from each statments are dropped or kept

func (MergeLogEntry) String 

func (mle MergeLogEntry) String() (output string)

type Metadata 

type Metadata struct {
	Origin     string
	Branch     string
	OriginRank int
	LocalPath  string
}

Metadata represents the commit relating to the statement.yaml itself

type Note 

type Note struct {
	Links []string `yaml:"links" json:"links"`
	Text  string   `json:"text"`
	// contains filtered or unexported fields
}

A Note represents a description that accompanies a statement; it can have a set of links and a free-text comment. Neither are mandatory.

func (Note) Equals 

func (n Note) Equals(anotherNote Note) bool

Equals determines whether two Notes are the same

func (Note) Hash 

func (n Note) Hash() string

Hash computes a unique identifiers for a Note value

func (Note) String 

func (n Note) String() string

type NullPolicy 

type NullPolicy struct{}

NullPolicy implements a policy that does nothing

func (NullPolicy) Reconcile 

func (st NullPolicy) Reconcile(statements []Statement) ReconcileResult

Reconcile just returns the first of the two statements as is

func (NullPolicy) Reduce 

func (st NullPolicy) Reduce(stmts map[string][]Statement) (map[string][]Statement, MergeLog, error)

Reduce just returns the same statements as passed in input

type Policy 

type Policy struct {
	// contains filtered or unexported fields
}

Policy represents a way to reconcile non-independent statements and how to reduce sets of statements merging those that can be reconciled

func NewNullPolicy 

func NewNullPolicy() Policy

NewNullPolicy constructs a new NullPolicy instance

func NewSmartPolicy 

func NewSmartPolicy() Policy

NewSmartPolicy constructs a new SoftPolicy instance

func NewSoftPolicy 

func NewSoftPolicy() Policy

NewSoftPolicy constructs a new SoftPolicy instance

func NewStrictPolicy 

func NewStrictPolicy() Policy

NewStrictPolicy creates and initializes a new StrictPolicy instance

func (*Policy) Reconcile 

func (s *Policy) Reconcile(statements []Statement) ReconcileResult

Reconcile merges two statements into one as specified in the Merger object

func (*Policy) Reduce 

func (s *Policy) Reduce(stmts map[string][]Statement) (map[string][]Statement, MergeLog, error)

Reduce scans a list of Statements and merges those that can be reconciled

type ReconcileResult 

type ReconcileResult struct {
	// contains filtered or unexported fields
}

ReconcileResult encodes the result of a reconcile operation

type SmartPolicy 

type SmartPolicy struct{}

SmartPolicy reconciles statements trying hard to merge different sources.

func (SmartPolicy) Reconcile 

func (s SmartPolicy) Reconcile(statements []Statement) ReconcileResult

Reconcile returns a single statement out of a list of statements

func (SmartPolicy) Reduce 

func (s SmartPolicy) Reduce(stmts map[string][]Statement) (map[string][]Statement, MergeLog, error)

Reduce only keeps independent statements and discards statements that are non-independent

type SoftPolicy 

type SoftPolicy struct{}

SoftPolicy reconciles statements as follows:

  • Aliases: union
  • Notes: union (to be defined)
  • Fixes: union, but keep those from higher priority source in case of conflict
  • AffectedArtifacts: union, but keep those from higher priority source in case of conflict

func (SoftPolicy) Reconcile 

func (s SoftPolicy) Reconcile(statements []Statement) ReconcileResult

Reconcile returns a single statement out of a list of statements

func (*SoftPolicy) ReconcileAliases 

func (s *SoftPolicy) ReconcileAliases(statements []Statement, result *Statement) error

ReconcileAliases implements the policy to reconcile the Aliases section of a Statement Result: union

func (*SoftPolicy) ReconcileFixesAndNotes 

func (s *SoftPolicy) ReconcileFixesAndNotes(statements []Statement, result *Statement) error

ReconcileFixesAndNotes implements the policy to reconcile the Fixes section of a Statement as well as the Notes Result: take all the fixes from the highest ranked source. If same rank, fail.

As for Notes: take them from the Statement from which the Fixes are taken. If there are other Statements that do not bring Fixes, append their Notes. IGNORE THIS: Description-only statemetns should only be considered if they are reconciled with another non-independent statement that does have fixes

cases: - multiple top-rank sources

  • FAIL

- one top-rank source has fixes, additional lower-rank sources have notes

  • take fixes from top-rank, append notes from all the other lower-rank sources that do now bring fixes

- one top-rank source has only notes

  • take those notes, plus take fixes (and notes if any) from second-best ranked, if unique, else FAIL

func (SoftPolicy) Reduce 

func (s SoftPolicy) Reduce(stmts map[string][]Statement) (map[string][]Statement, MergeLog, error)

Reduce only keeps independent statements and discards statements that are non-independent

type Statement 

type Statement struct {
	ID                uuid.UUID  `yaml:"-" json:"-"`
	VulnerabilityID   string     `yaml:"vulnerability_id" json:"vulnerability_id"`
	Aliases           []Alias    `yaml:"-" json:"-"`
	Notes             []Note     `yaml:"notes,omitempty" json:"notes"`
	Fixes             []Fix      `yaml:"fixes,omitempty" json:"-"`
	AffectedArtifacts []Artifact `yaml:"artifacts,omitempty" json:"affected_artifacts"`
	Metadata          Metadata   `yaml:"-" json:"-"`
}

Statement represents a vulnerability statement

func NewStatementFromFile 

func NewStatementFromFile(path string) Statement

NewStatementFromFile creates a statement

func (Statement) PrettyPrint 

func (s Statement) PrettyPrint() (output string)

PrettyPrint formats a Statement nicely for output on screen/file

func (Statement) String 

func (s Statement) String() (output string)

func (*Statement) ToFile 

func (s *Statement) ToFile(path string) error

ToFile writes a statement to a file in the directory path specified as argument. If the specified directory does not exist, is is created (including all necessary ancestors)

func (Statement) ToJSON 

func (s Statement) ToJSON() string

ToJSON returns the JSON representation of a statement (as a string)

type StatementReconciler 

type StatementReconciler interface {
	Reconcile([]Statement) ReconcileResult
	Reduce(stmts map[string][]Statement) (map[string][]Statement, MergeLog, error)
}

The StatementReconciler interface defines the types that have the capability to reconcile statements that are not independent and how to reduce sets of statements by applying such reconcile operation to non-independent statements

type StrictPolicy 

type StrictPolicy struct {
}

StrictPolicy refuses to solve conflicts and does not perform any reconcile action; In other words, non-independent statements are not reconciled, but reported to the user who might then want to merge them manually

func (StrictPolicy) Reconcile 

func (p StrictPolicy) Reconcile(statements []Statement) ReconcileResult

Reconcile does nothing (returns always a void Statement); if the two statements in input are not independent a suitable error signals it This is implemented just to satisfy the StatementReconciler interface, but this method is not supposed to be called ever.

func (StrictPolicy) Reduce 

func (p StrictPolicy) Reduce(stmts map[string][]Statement) (map[string][]Statement, MergeLog, error)

Reduce only keeps independent statemens and discards statements that are non-independent

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.