Documentation
¶
Overview ¶
Package osv is an updater for OSV-formatted advisories.
Index ¶
Constants ¶
View Source
const DefaultURL = `https://osv-vulnerabilities.storage.googleapis.com/`
DefaultURL is the S3 bucket provided by the OSV project.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Factory ¶
type Factory struct {
// contains filtered or unexported fields
}
Factory is the UpdaterSetFactory exposed by this package.
[Configure] must be called before [UpdaterSet]. See the FactoryConfig type.
func (*Factory) UpdaterSet ¶
type FactoryConfig ¶
type FactoryConfig struct {
// The URL serving data in the same layout as the OSV project's public S3
// bucket.
URL string `json:"url" yaml:"url"`
// Allowlist is a list of ecosystems to allow. When this is unset, all are
// allowed.
//
// Extant ecosystems are discovered at runtime, see the OSV Schema
// (https://ossf.github.io/osv-schema/) or the "ecosystems.txt" file in the
// OSV data for the current list.
Allowlist []string `json:"allowlist" yaml:"allowlist"`
}
FactoryConfig is the configuration that this updater accepts.
By convention, it's at a key called "osv".
type UpdaterConfig ¶
type UpdaterConfig struct {
// The URL serving data dumps behind an S3 API.
//
// Authentication is unconfigurable, the ListObjectsV2 API must be publicly
// accessible.
URL string `json:"url" yaml:"url"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.