detail

package
v3.0.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 29, 2024 License: Apache-2.0 Imports: 33 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Detect

func Detect(dtype string, reqbody []byte) (repbody []byte, err error)

Detect 发送任务解析请求

func GetClientId

func GetClientId() string

GetClientId 获取客户端id

func GetServerLicense

func GetServerLicense(deps []Dep) (lics [][]*License, err error)

GetServerLicense 从云服务获取许可证

func GetServerVuln

func GetServerVuln(deps []Dep) (vulns [][]*Vuln, err error)

GetServerVuln 从云服务获取漏洞

func ID

func ID() string

ID 生成一个本地唯一的id

func Login

func Login() error

func SearchDetail

func SearchDetail(detailRoot *DepDetailGraph) (err error)

SearchDetail 查找组件详情:漏洞/许可证

Types

type BaseOrigin

type BaseOrigin struct {
	// contains filtered or unexported fields
}

func GetOrigin

func GetOrigin() *BaseOrigin

func NewBaseOrigin

func NewBaseOrigin() *BaseOrigin

func (*BaseOrigin) LoadDataOrigin

func (o *BaseOrigin) LoadDataOrigin(data ...VulnInfo)

func (*BaseOrigin) LoadJsonOrigin

func (o *BaseOrigin) LoadJsonOrigin(filepath string)

func (*BaseOrigin) LoadMysqlOrigin

func (o *BaseOrigin) LoadMysqlOrigin(cfg config.SqlOrigin)

func (*BaseOrigin) LoadSqlOrigin

func (o *BaseOrigin) LoadSqlOrigin(dialector gorm.Dialector, cfg config.SqlOrigin)

func (*BaseOrigin) LoadSqliteOrigin

func (o *BaseOrigin) LoadSqliteOrigin(cfg config.SqlOrigin)

func (*BaseOrigin) SearchVuln

func (o *BaseOrigin) SearchVuln(deps []Dep) (vulns [][]*Vuln)

type Dep

type Dep struct {
	// 厂商
	Vendor string `json:"vendor,omitempty" xml:"vendor,omitempty"`
	// 名称
	Name string `json:"name,omitempty" xml:"name,omitempty"`
	// 版本号
	Version string `json:"version,omitempty" xml:"version,omitempty"`
	// 语言
	Language string `json:"language,omitempty" xml:"language,omitempty"`
}

func (Dep) Key

func (d Dep) Key() string

type DepDetailGraph

type DepDetailGraph struct {
	Dep
	ID                      string            `json:"id,omitempty" xml:"id,omitempty"`
	Develop                 bool              `json:"dev,omitempty" xml:"dev,omitempty"`
	Direct                  bool              `json:"direct,omitempty" xml:"direct,omitempty"`
	Paths                   []string          `json:"paths,omitempty" xml:"paths,omitempty"`
	Licenses                []*License        `json:"licenses,omitempty" xml:"licenses,omitempty"`
	Vulnerabilities         []*Vuln           `json:"vulnerabilities,omitempty" xml:"vulnerabilities,omitempty" `
	Children                []*DepDetailGraph `json:"children,omitempty" xml:"children,omitempty"`
	Parent                  *DepDetailGraph   `json:"-" xml:"-"`
	IndirectVulnerabilities int               `json:"indirect_vulnerabilities,omitempty" xml:"indirect_vulnerabilities,omitempty" `
	Expand                  any               `json:"-" xml:"-"`
}

func NewDepDetailGraph

func NewDepDetailGraph(dep *model.DepGraph) *DepDetailGraph

func (*DepDetailGraph) ForEach

func (d *DepDetailGraph) ForEach(do func(n *DepDetailGraph) bool)

func (*DepDetailGraph) Purl

func (dep *DepDetailGraph) Purl() string

func (*DepDetailGraph) RemoveDedup

func (d *DepDetailGraph) RemoveDedup()

func (*DepDetailGraph) RemoveDev

func (d *DepDetailGraph) RemoveDev()

func (*DepDetailGraph) Update

func (d *DepDetailGraph) Update(dep *model.DepGraph)

type DetectReponse

type DetectReponse struct {
	// 加密后的消息
	Message string `json:"aesMessage"`
	Tag     string `json:"aesTag"`
	Nonce   string `json:"aesNonce"`
}

检测结果响应格式

type DetectRequst

type DetectRequst struct {
	// 16位byte base64编码
	Tag string `json:"aesTag"`
	// 在saas注册
	Token string `json:"ossToken"`
	// 16位byte base64编码
	Nonce string `json:"aesNonce"`
	// 要发送的数据 aes加密后base64编码
	Message string `json:"aesMessage"`
	// 16位 大写字母
	ClientId string `json:"clientId"`
}

检测任务请求格式

type License

type License struct {
	ShortName string `json:"name"`
}

type SaasReponse

type SaasReponse struct {
	// 错误消息
	Message string `json:"message"`
	// 状态码 0表示成功
	Code int `json:"code"`
	// 数据体
	Data interface{} `json:"data"`
}

消息响应格式

type Version

type Version struct {
	Org    string `json:"org"`
	Nums   []int  `json:"nums,omitempty"`
	Suffix string `json:"suffix,omitempty"`
}

func (*Version) Equal

func (ver *Version) Equal(other *Version) bool

Equal 判断是否等于另一个版本号

func (*Version) Less

func (ver *Version) Less(other *Version) bool

Less 判断是否严格小于另一个版本号

func (*Version) Ok

func (v *Version) Ok() bool

Ok 检测是否为合法版本号

type Vuln

type Vuln struct {
	Name            string `json:"name,omitempty" gorm:"column:name"`
	Id              string `json:"id" gorm:"column:id"`
	Cve             string `json:"cve_id,omitempty" gorm:"column:cve_id"`
	Cnnvd           string `json:"cnnvd_id,omitempty" gorm:"column:cnnvd_id"`
	Cnvd            string `json:"cnvd_id,omitempty" gorm:"column:cnvd_id"`
	Cwe             string `json:"cwe_id,omitempty" gorm:"column:cwe_id"`
	Description     string `json:"description,omitempty" gorm:"column:description"`
	DescriptionEn   string `json:"description_en,omitempty" gorm:"-"`
	Suggestion      string `json:"suggestion,omitempty" gorm:"column:suggestion"`
	AttackType      string `json:"attack_type,omitempty" gorm:"column:attack_type"`
	ReleaseDate     string `json:"release_date,omitempty" gorm:"column:release_date"`
	SecurityLevelId int    `json:"security_level_id" gorm:"column:security_level_id"`
	ExploitLevelId  int    `json:"exploit_level_id" gorm:"column:exploit_level_id"`
}

Vuln 组件漏洞

func (*Vuln) SecurityLevel added in v3.0.4

func (v *Vuln) SecurityLevel() string

type VulnInfo

type VulnInfo struct {
	*Vuln
	Vendor   string `json:"vendor" gorm:"column:vendor"`
	Product  string `json:"product" gorm:"column:product"`
	Version  string `json:"version" gorm:"column:version"`
	Language string `json:"language" gorm:"column:language"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL