Documentation ¶
Overview ¶
Package osv is an updater for OSV-formatted advisories.
Index ¶
Constants ¶
View Source
const DefaultURL = `https://osv-vulnerabilities.storage.googleapis.com/`
DefaultURL is the S3 bucket provided by the OSV project.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Factory ¶
type Factory struct {
// contains filtered or unexported fields
}
Factory is the UpdaterSetFactory exposed by this package.
[Configure] must be called before [UpdaterSet]. See the FactoryConfig type.
func (*Factory) UpdaterSet ¶
type FactoryConfig ¶
type FactoryConfig struct { // The URL serving data in the same layout as the OSV project's public S3 // bucket. URL string `json:"url" yaml:"url"` // Allowlist is a list of ecosystems to allow. When this is unset, all are // allowed. // // Extant ecosystems are discovered at runtime, see the OSV Schema // (https://ossf.github.io/osv-schema/) or the "ecosystems.txt" file in the // OSV data for the current list. Allowlist []string `json:"allowlist" yaml:"allowlist"` }
FactoryConfig is the configuration that this updater accepts.
By convention, it's at a key called "osv".
type UpdaterConfig ¶
type UpdaterConfig struct { // The URL serving data dumps behind an S3 API. // // Authentication is unconfigurable, the ListObjectsV2 API must be publicly // accessible. URL string `json:"url" yaml:"url"` }
Click to show internal directories.
Click to hide internal directories.