types

package

v0.0.0-...-0e2e07d Latest Latest Go to latest Published: Jun 4, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/sizocompany/sizo-db

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func ColorizeSeverity(severity string) string
func CompareSeverityString(sev1, sev2 string) int
type Advisory
type AdvisoryDetail
type CVSS
type CVSSVector
type GetArgs
type GetExpectation
type GetReturns
type LastUpdated
type MockVulnSrc
- func (_m *MockVulnSrc) ApplyGetExpectation(e GetExpectation)
- func (_m *MockVulnSrc) ApplyGetExpectations(expectations []GetExpectation)
- func (_m *MockVulnSrc) ApplyUpdateExpectation(e UpdateExpectation)
- func (_m *MockVulnSrc) ApplyUpdateExpectations(expectations []UpdateExpectation)
- func (_m *MockVulnSrc) Get(release string, pkgName string) ([]Advisory, error)
- func (_m *MockVulnSrc) Update(dir string) error
type Severity
- func NewSeverity(severity string) (Severity, error)
- func (s Severity) String() string
type UpdateArgs
type UpdateExpectation
type UpdateReturns
type VendorCVSS
type VendorSeverity
type Vulnerability
type VulnerabilityDetail

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	SeverityNames = []string{
		"UNKNOWN",
		"LOW",
		"MEDIUM",
		"HIGH",
		"CRITICAL",
	}
	SeverityColor = []func(a ...interface{}) string{
		color.New(color.FgCyan).SprintFunc(),
		color.New(color.FgBlue).SprintFunc(),
		color.New(color.FgYellow).SprintFunc(),
		color.New(color.FgHiRed).SprintFunc(),
		color.New(color.FgRed).SprintFunc(),
	}
)

Functions ¶

func ColorizeSeverity ¶

func ColorizeSeverity(severity string) string

func CompareSeverityString ¶

func CompareSeverityString(sev1, sev2 string) int

Types ¶

type Advisory ¶

type Advisory struct {
	VulnerabilityID string   `json:",omitempty"`
	VendorIDs       []string `json:",omitempty"` // e.g. RHSA-ID and DSA-ID

	// It is filled only when FixedVersion is empty since it is obvious the state is "Fixed" when FixedVersion is not empty.
	// e.g. Will not fix and Affected
	State string `json:",omitempty"`

	// Sizo DB has "vulnerability" bucket and severities are usually stored in the bucket per a vulnerability ID.
	// In some cases, the advisory may have multiple severities depending on the packages.
	// For example, CVE-2015-2328 in Debian has "unimportant" for mongodb and "low" for pcre3.
	// e.g. https://security-tracker.debian.org/tracker/CVE-2015-2328
	Severity Severity `json:",omitempty"`

	// Versions for os package
	FixedVersion    string `json:",omitempty"`
	AffectedVersion string `json:",omitempty"` // Only for Arch Linux

	// MajorVersion ranges for language-specific package
	// Some advisories provide VulnerableVersions only, others provide PatchedVersions and UnaffectedVersions
	VulnerableVersions []string `json:",omitempty"`
	PatchedVersions    []string `json:",omitempty"`
	UnaffectedVersions []string `json:",omitempty"`

	// Custom is basically for extensibility and is not supposed to be used in OSS
	Custom interface{} `json:",omitempty"`
}

type AdvisoryDetail ¶

type AdvisoryDetail struct {
	PlatformName string
	PackageName  string
	AdvisoryItem interface{}
}

type CVSS ¶

type CVSS struct {
	V2Vector string  `json:"V2Vector,omitempty"`
	V3Vector string  `json:"V3Vector,omitempty"`
	V2Score  float64 `json:"V2Score,omitempty"`
	V3Score  float64 `json:"V3Score,omitempty"`
}

type CVSSVector ¶

type CVSSVector struct {
	V2 string `json:"v2,omitempty"`
	V3 string `json:"v3,omitempty"`
}

type GetArgs ¶

type GetArgs struct {
	Release         string
	ReleaseAnything bool
	PkgName         string
	PkgNameAnything bool
}

type GetExpectation ¶

type GetExpectation struct {
	Args    GetArgs
	Returns GetReturns
}

type GetReturns ¶

type GetReturns struct {
	Advisories []Advisory
	Err        error
}

type LastUpdated ¶

type LastUpdated struct {
	Date time.Time
}

type MockVulnSrc ¶

type MockVulnSrc struct {
	mock.Mock
}

MockVulnSrc is an autogenerated mock type for the VulnSrc type

func (*MockVulnSrc) ApplyGetExpectation ¶

func (_m *MockVulnSrc) ApplyGetExpectation(e GetExpectation)

func (*MockVulnSrc) ApplyGetExpectations ¶

func (_m *MockVulnSrc) ApplyGetExpectations(expectations []GetExpectation)

func (*MockVulnSrc) ApplyUpdateExpectation ¶

func (_m *MockVulnSrc) ApplyUpdateExpectation(e UpdateExpectation)

func (*MockVulnSrc) ApplyUpdateExpectations ¶

func (_m *MockVulnSrc) ApplyUpdateExpectations(expectations []UpdateExpectation)

func (*MockVulnSrc) Get ¶

func (_m *MockVulnSrc) Get(release string, pkgName string) ([]Advisory, error)

Get provides a mock function with given fields: release, pkgName

func (*MockVulnSrc) Update ¶

func (_m *MockVulnSrc) Update(dir string) error

Update provides a mock function with given fields: dir

type Severity ¶

type Severity int

const (
	SeverityUnknown Severity = iota
	SeverityLow
	SeverityMedium
	SeverityHigh
	SeverityCritical
)

func NewSeverity ¶

func NewSeverity(severity string) (Severity, error)

func (Severity) String ¶

func (s Severity) String() string

type UpdateArgs ¶

type UpdateArgs struct {
	Dir         string
	DirAnything bool
}

type UpdateExpectation ¶

type UpdateExpectation struct {
	Args    UpdateArgs
	Returns UpdateReturns
}

type UpdateReturns ¶

type UpdateReturns struct {
	Err error
}

type VendorCVSS ¶

type VendorCVSS map[string]CVSS

type VendorSeverity ¶

type VendorSeverity map[string]Severity

type Vulnerability ¶

type Vulnerability struct {
	Title            string         `json:",omitempty"`
	Description      string         `json:",omitempty"`
	Severity         string         `json:",omitempty"` // Selected from VendorSeverity, depending on a scan target
	CweIDs           []string       `json:",omitempty"` // e.g. CWE-78, CWE-89
	VendorSeverity   VendorSeverity `json:",omitempty"`
	CVSS             VendorCVSS     `json:",omitempty"`
	References       []string       `json:",omitempty"`
	PublishedDate    *time.Time     `json:",omitempty"`
	LastModifiedDate *time.Time     `json:",omitempty"`

	// Custom is basically for extensibility and is not supposed to be used in OSS
	Custom interface{} `json:",omitempty"`
}

type VulnerabilityDetail ¶

type VulnerabilityDetail struct {
	ID               string     `json:",omitempty"` // e.g. CVE-2019-8331, OSVDB-104365
	CvssScore        float64    `json:",omitempty"`
	CvssVector       string     `json:",omitempty"`
	CvssScoreV3      float64    `json:",omitempty"`
	CvssVectorV3     string     `json:",omitempty"`
	Severity         Severity   `json:",omitempty"`
	SeverityV3       Severity   `json:",omitempty"`
	CweIDs           []string   `json:",omitempty"` // e.g. CWE-78, CWE-89
	References       []string   `json:",omitempty"`
	Title            string     `json:",omitempty"`
	Description      string     `json:",omitempty"`
	PublishedDate    *time.Time `json:",omitempty"`
	LastModifiedDate *time.Time `json:",omitempty"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL