Documentation
¶
Index ¶
- Constants
- Variables
- func GetSeverityReportOrder() []configs.FindingSeverityType
- func GetVulnerabilityWord(count int) string
- func GroupTeamFindings(projects *querying.ProjectCollection, summaries []ProjectFindingSummary) map[configs.TeamConfig]TeamProjectCollection
- func NewSeverityMap() map[configs.FindingSeverityType]int
- func SummarizeFindings(projects *querying.ProjectCollection) (FindingSummary, []ProjectFindingSummary)
- type ConsoleReporter
- type FindingSummary
- type ProjectFindingSummary
- type Reporter
- type SlackClientInterface
- type SlackReport
- type SlackReporter
- func (s *SlackReporter) BuildSummaryReport(header string, numRepos int, report FindingSummary, reportTime time.Time, ...) slack.Message
- func (s *SlackReporter) BuildTeamReport(teamInfo configs.TeamConfig, repos TeamProjectCollection, reportTime time.Time) *SlackReport
- func (s *SlackReporter) BuildTeamRepositoryReport(repoReport *ProjectFindingSummary) *slack.SectionBlock
- func (s *SlackReporter) SendSlackMessage(channel string, message slack.MsgOption, wg *sync.WaitGroup)
- func (s *SlackReporter) SendSummaryReport(header string, numRepos int, report FindingSummary, reportTime time.Time, ...) error
- func (s *SlackReporter) SendTeamReports(teamReports map[configs.TeamConfig]TeamProjectCollection, reportTime time.Time, ...) error
- type TeamBreakdown
- type TeamProjectCollection
- func (r TeamProjectCollection) GetTeamSeverityBreakdown() map[configs.FindingSeverityType]int
- func (r TeamProjectCollection) GetTeamSummaryReport() *ProjectFindingSummary
- func (r TeamProjectCollection) Len() int
- func (r TeamProjectCollection) Less(i, j int) bool
- func (r TeamProjectCollection) Swap(i, j int)
- type TeamSummaries
Constants ¶
View Source
const DATE_LAYOUT = "January 2, 2006"
View Source
const DEFAULT_SLACK_ICON = " "
View Source
const NO_OWNER_KEY = "__none__"
View Source
const SUMMARY_KEY = "summary"
Variables ¶
View Source
var SeverityNames = map[configs.FindingSeverityType]string{ configs.FindingSeverityCritical: "Critical", configs.FindingSeverityHigh: "High", configs.FindingSeverityModerate: "Moderate", configs.FindingSeverityLow: "Low", configs.FindingSeverityInfo: "Info", configs.FindingSeverityUndefined: "Undefined", }
Functions ¶
func GetSeverityReportOrder ¶ added in v0.5.0
func GetSeverityReportOrder() []configs.FindingSeverityType
GetSeverityReportOrder returns the order in which we want to report severities. This is necessary because we cannot declare a constant array in Go.
func GetVulnerabilityWord ¶ added in v0.5.0
func GroupTeamFindings ¶ added in v0.5.0
func GroupTeamFindings(projects *querying.ProjectCollection, summaries []ProjectFindingSummary) map[configs.TeamConfig]TeamProjectCollection
GroupTeamFindings gathers a map of each team and the summaries of the projects that team "owns", and should receive reports for.
func NewSeverityMap ¶
func NewSeverityMap() map[configs.FindingSeverityType]int
NewSeverityMap returns a map of finding severities all associated with a value of 0, meant to be populated with a count of findings in the relevant scope. Notably, this map does not include either "Info" or "Undefined" severities, as these are only reported if present.
func SummarizeFindings ¶ added in v0.5.0
func SummarizeFindings(projects *querying.ProjectCollection) (FindingSummary, []ProjectFindingSummary)
Types ¶
type ConsoleReporter ¶
func (*ConsoleReporter) SendSummaryReport ¶
func (c *ConsoleReporter) SendSummaryReport( header string, numRepos int, report FindingSummary, reportTime time.Time, teamSummaries TeamSummaries, wg *sync.WaitGroup, ) error
SendSummaryReport generates a brief report summarizing all the discovered vulnerabilities, and prints them out neatly and concisely to the console.
func (*ConsoleReporter) SendTeamReports ¶
func (c *ConsoleReporter) SendTeamReports( teamReports map[configs.TeamConfig]TeamProjectCollection, reportTime time.Time, wg *sync.WaitGroup, ) error
SendTeamReports is a noop for the Console reporter for the time being. Without taking a lot of time to focus on proper formatting, the output of this could be quite overwhelming.
type FindingSummary ¶ added in v0.5.0
type FindingSummary struct {
TotalCount int
AffectedRepos int
VulnsByEcosystem map[configs.FindingEcosystemType]int
VulnsBySeverity map[configs.FindingSeverityType]int
}
func NewFindingSummary ¶ added in v0.5.0
func NewFindingSummary() FindingSummary
func (FindingSummary) GetHighestCriticality ¶ added in v0.5.0
func (r FindingSummary) GetHighestCriticality() configs.FindingSeverityType
GetHighestCriticality looks for the severity level of the most critical vulnerability in a project.
type ProjectFindingSummary ¶ added in v0.5.0
type ProjectFindingSummary struct {
FindingSummary
Project *querying.Project
}
func NewProjectFindingSummary ¶ added in v0.5.0
func NewProjectFindingSummary(project *querying.Project) ProjectFindingSummary
type Reporter ¶
type Reporter interface {
SendSummaryReport(
header string,
numRepos int,
report FindingSummary,
reportTime time.Time,
teamSummaries TeamSummaries,
wg *sync.WaitGroup,
) error
SendTeamReports(
teamReports map[configs.TeamConfig]TeamProjectCollection,
reportTime time.Time,
wg *sync.WaitGroup,
) error
}
type SlackClientInterface ¶
type SlackReport ¶
type SlackReporter ¶
type SlackReporter struct {
Config *configs.Config
Client SlackClientInterface
}
func NewSlackReporter ¶
func NewSlackReporter(cfg *configs.Config) (SlackReporter, error)
NewSlackReporter returns a new SlackReporter instance for reporting out findings to a Slack server
func (*SlackReporter) BuildSummaryReport ¶ added in v0.5.0
func (s *SlackReporter) BuildSummaryReport( header string, numRepos int, report FindingSummary, reportTime time.Time, teamSummaries TeamSummaries, ) slack.Message
func (*SlackReporter) BuildTeamReport ¶ added in v0.5.0
func (s *SlackReporter) BuildTeamReport( teamInfo configs.TeamConfig, repos TeamProjectCollection, reportTime time.Time, ) *SlackReport
func (*SlackReporter) BuildTeamRepositoryReport ¶ added in v0.5.0
func (s *SlackReporter) BuildTeamRepositoryReport( repoReport *ProjectFindingSummary, ) *slack.SectionBlock
func (*SlackReporter) SendSlackMessage ¶ added in v0.5.0
func (*SlackReporter) SendSummaryReport ¶
func (s *SlackReporter) SendSummaryReport( header string, numRepos int, report FindingSummary, reportTime time.Time, teamSummaries TeamSummaries, wg *sync.WaitGroup, ) error
func (*SlackReporter) SendTeamReports ¶
func (s *SlackReporter) SendTeamReports( teamReports map[configs.TeamConfig]TeamProjectCollection, reportTime time.Time, wg *sync.WaitGroup, ) error
type TeamBreakdown ¶ added in v0.5.0
type TeamBreakdown struct {
Name string
TotalVulnerabilities int
SeverityBreakdown map[configs.FindingSeverityType]int
}
type TeamProjectCollection ¶ added in v0.5.0
type TeamProjectCollection []*ProjectFindingSummary
TeamProjectCollection is a concrete type so that it can implement the sort interface, for custom sorting.
func (TeamProjectCollection) GetTeamSeverityBreakdown ¶ added in v0.5.0
func (r TeamProjectCollection) GetTeamSeverityBreakdown() map[configs.FindingSeverityType]int
func (TeamProjectCollection) GetTeamSummaryReport ¶ added in v0.5.0
func (r TeamProjectCollection) GetTeamSummaryReport() *ProjectFindingSummary
func (TeamProjectCollection) Len ¶ added in v0.5.0
func (r TeamProjectCollection) Len() int
func (TeamProjectCollection) Less ¶ added in v0.5.0
func (r TeamProjectCollection) Less(i, j int) bool
Sort projects by criticality of findings, then by name
func (TeamProjectCollection) Swap ¶ added in v0.5.0
func (r TeamProjectCollection) Swap(i, j int)
type TeamSummaries ¶ added in v0.5.0
type TeamSummaries map[configs.TeamConfig]TeamProjectCollection
Source Files
Click to show internal directories.
Click to hide internal directories.