Documentation
¶
Index ¶
- Variables
- func BuildDatabase(opts BuildDatabaseOptions) ([]byte, error)
- func Create(req Request, opts CreateOptions) error
- func Discover(opts DiscoverOptions) error
- func Export(opts ExportOptions) (io.Reader, error)
- func Latest(entries []advisoryconfigs.Entry) *advisoryconfigs.Entry
- func Update(req Request, opts UpdateOptions) error
- func Validate(opts ValidateOptions) *multierror.Error
- type BuildDatabaseOptions
- type CreateOptions
- type DiscoverOptions
- type ExportOptions
- type Request
- type UpdateOptions
- type ValidateOptions
Constants ¶
This section is empty.
Variables ¶
var ErrNoPackageSecurityData = errors.New("no package security data found")
Functions ¶
func BuildDatabase ¶
func BuildDatabase(opts BuildDatabaseOptions) ([]byte, error)
BuildDatabase builds a security database from the given options.
func Create ¶
func Create(req Request, opts CreateOptions) error
Create creates a new advisory in the `advisories` section of the configuration at the provided path.
func Discover ¶
func Discover(opts DiscoverOptions) error
Discover searches for new vulnerabilities that match packages in a config index, and adds new advisories to configs for vulnerabilities that haven't been noted yet.
func Export ¶
func Export(opts ExportOptions) (io.Reader, error)
Export returns a reader of advisory data encoded as CSV.
func Latest ¶
func Latest(entries []advisoryconfigs.Entry) *advisoryconfigs.Entry
Latest returns the latest entry among the given set of entries for an advisory. If there are no entries, Latest returns nil.
func Update ¶
func Update(req Request, opts UpdateOptions) error
Update adds a new entry to an existing advisory (named by the vuln parameter) in the configuration at the provided path.
func Validate ¶
func Validate(opts ValidateOptions) *multierror.Error
Types ¶
type BuildDatabaseOptions ¶
type BuildDatabaseOptions struct {
AdvisoryCfgIndices []*configs.Index[advisory.Document]
URLPrefix string
Archs []string
Repo string
}
BuildDatabaseOptions contains the options for building a database.
type CreateOptions ¶
type CreateOptions struct {
// AdvisoryCfgs is the Index of advisory configurations on which to operate.
AdvisoryCfgs *configs.Index[advisory.Document]
}
CreateOptions configures the Create operation.
type DiscoverOptions ¶
type DiscoverOptions struct {
// SelectedPackages is a list of packages to include in search. If empty, all packages will be included in search.
SelectedPackages []string
// BuildCfgs is the Index of build configurations on which to operate.
BuildCfgs *configs.Index[config.Configuration]
// AdvisoryCfgs is the Index of advisories on which to operate.
AdvisoryCfgs *configs.Index[advisoryconfigs.Document]
// PackageRepositoryURL is the URL to the distro's package repository (e.g. "https://packages.wolfi.dev/os").
PackageRepositoryURL string
// The Arches to select during discovery (e.g. "x86_64").
Arches []string
// VulnerabilityDetector is how Discover finds for vulnerabilities for packages.
VulnerabilityDetector vuln.Detector
}
type ExportOptions ¶
type Request ¶
type Request struct {
Package string
Vulnerability string
Status vex.Status
Action string
Impact string
Justification vex.Justification
FixedVersion string
Timestamp time.Time
}
Request specifies the parameters for creating a new advisory or updating an existing advisory.
type UpdateOptions ¶
type UpdateOptions struct {
// AdvisoryCfgs is the Index of advisory configurations on which to operate.
AdvisoryCfgs *configs.Index[advisory.Document]
}
UpdateOptions configures the Update operation.
type ValidateOptions ¶
type ValidateOptions struct {
// BuildCfgs is the Index of build configurations on which to operate (not used yet).
BuildCfgs *configs.Index[config.Configuration]
// AdvisoryCfgs is the Index of advisories on which to operate.
AdvisoryCfgs *configs.Index[advisoryconfigs.Document]
// PackageRepositoryURL is the URL to the distro's package repository (e.g. "https://packages.wolfi.dev/os") (not used yet).
PackageRepositoryURL string
// The Arches to consider during validation (e.g. "x86_64") (not used yet).
Arches []string
}
Source Files
Directories