GO-2024-2863: wolfictl leaks GitHub tokens to remote non-GitHub git servers in github.com/wolfi-dev/wolfictl

advisory

package

v0.1.7 Latest Latest Go to latest Published: Sep 1, 2023 License: Apache-2.0 Imports: 25 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/wolfi-dev/wolfictl

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func BuildDatabase(opts BuildDatabaseOptions) ([]byte, error)
func Create(req Request, opts CreateOptions) error
func Discover(opts DiscoverOptions) error
func ExportCSV(opts ExportOptions) (io.Reader, error)
func ExportYAML(opts ExportOptions) (io.Reader, error)
func IsResolved(advisory []advisoryconfigs.Entry, currentAPKVersion string) bool
func Latest(entries []advisoryconfigs.Entry) *advisoryconfigs.Entry
func Update(req Request, opts UpdateOptions) error
func Validate(opts ValidateOptions) *multierror.Error
type BuildDatabaseOptions
type CreateOptions
type DiscoverOptions
type ExportOptions
type Request
- func (req Request) Validate() error
type UpdateOptions
type ValidateOptions

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrNoPackageSecurityData = errors.New("no package security data found")

Functions ¶

func BuildDatabase ¶

func BuildDatabase(opts BuildDatabaseOptions) ([]byte, error)

BuildDatabase builds a security database from the given options.

func Create ¶

func Create(req Request, opts CreateOptions) error

Create creates a new advisory in the `advisories` section of the configuration at the provided path.

func Discover ¶

func Discover(opts DiscoverOptions) error

Discover searches for new vulnerabilities that match packages in a config index, and adds new advisories to configs for vulnerabilities that haven't been noted yet.

func ExportCSV ¶ added in v0.1.6

func ExportCSV(opts ExportOptions) (io.Reader, error)

ExportCSV returns a reader of advisory data encoded as CSV.

func ExportYAML ¶ added in v0.1.6

func ExportYAML(opts ExportOptions) (io.Reader, error)

Export returns a reader of advisory data encoded as CSV.

func IsResolved ¶ added in v0.1.0

func IsResolved(advisory []advisoryconfigs.Entry, currentAPKVersion string) bool

IsResolved returns true if the latest entry for an advisory indicates that the vulnerability is resolved for the given package. If the currentAPKVersion parameter is provided, this function checks to see if the advisory can be considered resolved for the given package version.

func Latest ¶

func Latest(entries []advisoryconfigs.Entry) *advisoryconfigs.Entry

Latest returns the latest entry among the given set of entries for an advisory. If there are no entries, Latest returns nil.

func Update ¶

func Update(req Request, opts UpdateOptions) error

Update adds a new entry to an existing advisory (named by the vuln parameter) in the configuration at the provided path.

func Validate ¶

func Validate(opts ValidateOptions) *multierror.Error

Types ¶

type BuildDatabaseOptions ¶

type BuildDatabaseOptions struct {
	AdvisoryCfgIndices []*configs.Index[advisory.Document]

	URLPrefix string
	Archs     []string
	Repo      string
}

BuildDatabaseOptions contains the options for building a database.

type CreateOptions ¶

type CreateOptions struct {
	// AdvisoryCfgs is the Index of advisory configurations on which to operate.
	AdvisoryCfgs *configs.Index[advisory.Document]
}

CreateOptions configures the Create operation.

type DiscoverOptions ¶

type DiscoverOptions struct {
	// SelectedPackages is a list of packages to include in search. If empty, all packages will be included in search.
	SelectedPackages []string

	// BuildCfgs is the Index of build configurations on which to operate.
	BuildCfgs *configs.Index[config.Configuration]

	// AdvisoryCfgs is the Index of advisories on which to operate.
	AdvisoryCfgs *configs.Index[advisoryconfigs.Document]

	// PackageRepositoryURL is the URL to the distro's package repository (e.g. "https://packages.wolfi.dev/os").
	PackageRepositoryURL string

	// The Arches to select during discovery (e.g. "x86_64").
	Arches []string

	// VulnerabilityDetector is how Discover finds for vulnerabilities for packages.
	VulnerabilityDetector vuln.Detector
}

type ExportOptions ¶

type ExportOptions struct {
	AdvisoryCfgIndices []*configs.Index[advisory.Document]
}

type Request ¶

type Request struct {
	Package       string
	Vulnerability string
	Status        vex.Status
	Action        string
	Impact        string
	Justification vex.Justification
	FixedVersion  string
	Timestamp     time.Time
}

Request specifies the parameters for creating a new advisory or updating an existing advisory.

func (Request) Validate ¶

func (req Request) Validate() error

Validate returns an error if the Request is invalid.

type UpdateOptions ¶

type UpdateOptions struct {
	// AdvisoryCfgs is the Index of advisory configurations on which to operate.
	AdvisoryCfgs *configs.Index[advisory.Document]
}

UpdateOptions configures the Update operation.

type ValidateOptions ¶

type ValidateOptions struct {
	// BuildCfgs is the Index of build configurations on which to operate (not used yet).
	BuildCfgs *configs.Index[config.Configuration]

	// AdvisoryCfgs is the Index of advisories on which to operate.
	AdvisoryCfgs *configs.Index[advisoryconfigs.Document]

	// PackageRepositoryURL is the URL to the distro's package repository (e.g. "https://packages.wolfi.dev/os") (not used yet).
	PackageRepositoryURL string

	// The Arches to consider during validation (e.g. "x86_64") (not used yet).
	Arches []string
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
secdb

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL