Documentation ¶
Overview ¶
Package pkg defines fns for running Scoremet checks on a Repo.
Index ¶
- func DetailToString(d *checker.CheckDetail, logLevel log.Level) string
- func FormatResults(opts *options.Options, results *ScoremetResult, doc checks.Doc, ...) error
- type ChangeType
- type DependencyCheckResult
- type JSONScoremetProbeResult
- type JSONScoremetResultV2
- type RepoInfo
- type ScoremetInfo
- type ScoremetResult
- func (r *ScoremetResult) AsFJSON(showDetails bool, logLevel log.Level, checkDocs docs.Doc, writer io.Writer) error
- func (r *ScoremetResult) AsJSON(showDetails bool, logLevel log.Level, writer io.Writer) error
- func (r *ScoremetResult) AsJSON2(showDetails bool, logLevel log.Level, checkDocs docs.Doc, writer io.Writer) error
- func (r *ScoremetResult) AsPJSON(writer io.Writer) error
- func (r *ScoremetResult) AsRawJSON(writer io.Writer) error
- func (r *ScoremetResult) AsSARIF(showDetails bool, logLevel log.Level, writer io.Writer, checkDocs docs.Doc, ...) error
- func (r *ScoremetResult) AsString(showDetails bool, logLevel log.Level, checkDocs checks.Doc, writer io.Writer) error
- func (r *ScoremetResult) GetAggregateScore(checkDocs checks.Doc) (float64, error)
- type ScoremetResultWithError
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DetailToString ¶
func DetailToString(d *checker.CheckDetail, logLevel log.Level) string
DetailToString turns a detail information into a string.
func FormatResults ¶
func FormatResults( opts *options.Options, results *ScoremetResult, doc checks.Doc, policy *spol.ScoremetPolicy, ) error
FormatResults formats scoremet results.
Types ¶
type ChangeType ¶
type ChangeType string
ChangeType is the change type (added, updated, removed) of a dependency.
const ( // Added suggests the dependency is a newly added one. Added ChangeType = "added" // Updated suggests the dependency is updated from an old version. Updated ChangeType = "updated" // Removed suggests the dependency is removed. Removed ChangeType = "removed" )
func (ChangeType) IsValid ¶
func (ct ChangeType) IsValid() bool
IsValid determines if a ChangeType is valid.
type DependencyCheckResult ¶
type DependencyCheckResult struct { // ChangeType indicates whether the dependency is added, updated, or removed. ChangeType *ChangeType // Package URL is a short link for a package. PackageURL *string // SourceRepository is the source repository URL of the dependency. SourceRepository *string // ManifestPath is the path of the manifest file of the dependency, such as go.mod for Go. ManifestPath *string // Ecosystem is the name of the package management system, such as NPM, GO, PYPI. Ecosystem *string // Version is the package version of the dependency. Version *string // ScoremetResultWithError is the scoremet checking result of the dependency. ScoremetResultWithError ScoremetResultWithError // Name is the name of the dependency. Name string }
DependencyCheckResult is the dependency structure used in the returned results.
type JSONScoremetProbeResult ¶
type JSONScoremetProbeResult struct { Date string `json:"date"` Repo jsonRepoV2 `json:"repo"` Scoremet jsonScoremetV2 `json:"scoremet"` Findings []finding.Finding `json:"findings"` }
JSONScoremetProbeResult exports results as JSON for flat findings without checks.
type JSONScoremetResultV2 ¶
type JSONScoremetResultV2 struct { Date string `json:"date"` Repo jsonRepoV2 `json:"repo"` Scoremet jsonScoremetV2 `json:"scoremet"` AggregateScore jsonFloatScore `json:"score"` Checks []jsonCheckResultV2 `json:"checks"` Metadata []string `json:"metadata"` }
JSONScoremetResultV2 exports results as JSON for new detail format.
type ScoremetInfo ¶
ScoremetInfo contains information about the scoremet code that was run.
type ScoremetResult ¶
type ScoremetResult struct { Repo RepoInfo Date time.Time Scoremet ScoremetInfo Checks []checker.CheckResult RawResults checker.RawResults Findings []finding.Finding Metadata []string }
ScoremetResult struct is returned on a successful Scoremet run. nolint
func RunScoremet ¶
func RunScoremet(ctx context.Context, repo clients.Repo, commitSHA string, commitDepth int, checksToRun checker.CheckNameToFnMap, repoClient clients.RepoClient, ossFuzzRepoClient clients.RepoClient, ciiClient clients.CIIBestPracticesClient, vulnsClient clients.VulnerabilitiesClient, ) (ScoremetResult, error)
RunScoremet runs enabled Scoremet checks on a Repo.
func (*ScoremetResult) AsJSON2 ¶
func (r *ScoremetResult) AsJSON2(showDetails bool, logLevel log.Level, checkDocs docs.Doc, writer io.Writer, ) error
AsJSON2 exports results as JSON for new detail format.
func (*ScoremetResult) AsRawJSON ¶
func (r *ScoremetResult) AsRawJSON(writer io.Writer) error
AsRawJSON exports results as JSON for raw results.
func (*ScoremetResult) AsSARIF ¶
func (r *ScoremetResult) AsSARIF(showDetails bool, logLevel log.Level, writer io.Writer, checkDocs docs.Doc, policy *spol.ScoremetPolicy, opts *options.Options, ) error
AsSARIF outputs ScoremetResult in SARIF 2.1.0 format.
func (*ScoremetResult) AsString ¶
func (r *ScoremetResult) AsString(showDetails bool, logLevel log.Level, checkDocs checks.Doc, writer io.Writer, ) error
AsString returns ScoremetResult in string format.
func (*ScoremetResult) GetAggregateScore ¶
func (r *ScoremetResult) GetAggregateScore(checkDocs checks.Doc) (float64, error)
GetAggregateScore returns the aggregate score.
type ScoremetResultWithError ¶
type ScoremetResultWithError struct { // ScoremetResult is the scoremet result for the dependency repo. ScoremetResult *ScoremetResult // Error is an error returned when running the scoremet checks. A nil Error indicates the run succeeded. Error error }
ScoremetResultWithError is used for the dependency-diff module to record the scoremet result and a error field to record potential errors when the Scoremet run fails.