Documentation ¶
Overview ¶
Package java contains components for interrogating java packages in container layers.
Package java contains components for interrogating java maven packages in container layers.
Index ¶
Constants ¶
const DefaultRequestTimeout = 2 * time.Second
const DefaultSearchAPI = `https://search.maven.org/solrsearch/select`
DefaultSearchAPI is a maven-like REST API that may be used to do reverse lookups based on an archive's sha1 sum.
Variables ¶
var (
Repository = claircore.Repository{
Name: "maven",
URI: "https://repo1.maven.apache.org/maven2",
}
)
Functions ¶
Types ¶
type Matcher ¶
type Matcher struct{}
Matcher matches discovered Java Maven packages against advisories provided via OSV.
func (*Matcher) Query ¶
func (*Matcher) Query() []driver.MatchConstraint
Query implements driver.Matcher.
func (*Matcher) Vulnerable ¶
func (*Matcher) Vulnerable(ctx context.Context, record *claircore.IndexRecord, vuln *claircore.Vulnerability) (bool, error)
type RepoScanner ¶
type RepoScanner struct{}
func (*RepoScanner) Kind ¶
func (*RepoScanner) Kind() string
Kind implements scanner.VersionedScanner.
func (*RepoScanner) Name ¶
func (*RepoScanner) Name() string
Name implements scanner.VersionedScanner.
func (*RepoScanner) Scan ¶
func (rs *RepoScanner) Scan(ctx context.Context, layer *claircore.Layer) ([]*claircore.Repository, error)
Scan attempts to find jar, war or ear and record the package information there.
A return of (nil, nil) is expected if there's nothing found.
func (*RepoScanner) Version ¶
func (*RepoScanner) Version() string
Version implements scanner.VersionedScanner.
type Scanner ¶
type Scanner struct {
// contains filtered or unexported fields
}
Scanner implements the scanner.PackageScanner interface.
It looks for files that seem like jar, war or ear, and looks at the metadata recorded there.
The zero value is ready to use.
func (*Scanner) Configure ¶
func (s *Scanner) Configure(ctx context.Context, f indexer.ConfigDeserializer, c *http.Client) error
Configure implements indexer.RPCScanner.
type ScannerConfig ¶
type ScannerConfig struct { // API is a URL endpoint to a maven-like REST API. // The default is DefaultSearchAPI. API string `yaml:"api" json:"api"` APIRequestTimeout time.Duration `yaml:"api_request_timeout" json:"api_request_timeout"` }
ScannerConfig is the struct used to configure a Scanner.
Notes ¶
Bugs ¶
There's no way for a scanner that makes RPC calls to signal "the call failed, these are best-effort results, and please retry."
There's probably some bugs lurking in the jar.Info → claircore.Package mapping code around embedded jars. There's a testcase to be written, there.