Documentation ¶
Overview ¶
Package govulncheck provides an experimental govulncheck API.
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // Source reports vulnerabilities that affect the analyzed packages. Source = govulncheck.Source // DefaultCache constructs cache for a vulnerability database client. DefaultCache = govulncheck.DefaultCache )
Functions ¶
func LatestFixed ¶
LatestFixed returns the latest fixed version in the list of affected ranges, or the empty string if there are no fixed versions.
func NewInMemoryCache ¶ added in v0.11.0
NewInMemoryCache returns a new memory-based cache that decorates the provided cache (file-based, perhaps).
Types ¶
type AnalysisMode ¶ added in v0.11.0
type AnalysisMode string
const ( ModeInvalid AnalysisMode = "" // zero value ModeGovulncheck AnalysisMode = "govulncheck" ModeImports AnalysisMode = "imports" )
type CallStack ¶ added in v0.11.0
type CallStack = govulncheck.CallStack
CallStacks contains a representative call stack for each vulnerable symbol that is called.
type Config ¶ added in v0.11.0
type Config = govulncheck.Config
Config is the configuration for Main.
type Module ¶ added in v0.11.0
type Module = govulncheck.Module
Module represents a specific vulnerability relevant to a single module or package.
type Package ¶ added in v0.11.0
type Package = govulncheck.Package
Package is a Go package with known vulnerable symbols.
type Result ¶ added in v0.11.0
type Result struct { // Vulns contains all vulnerabilities that are called or imported by // the analyzed module. Vulns []*Vuln `json:",omitempty"` // Mode contains the source of the vulnerability info. // Clients of the gopls.fetch_vulncheck_result command may need // to interprete the vulnerabilities differently based on the // analysis mode. For example, Vuln without callstack traces // indicate a vulnerability that is not used if the result was // from 'govulncheck' analysis mode. On the other hand, Vuln // without callstack traces just implies the package with the // vulnerability is known to the workspace and we do not know // whether the vulnerable symbols are actually used or not. Mode AnalysisMode `json:",omitempty"` // AsOf describes when this Result was computed using govulncheck. // It is valid only with the govulncheck analysis mode. AsOf time.Time `json:",omitempty"` }
Result is the result of vulnerability scanning.
type StackFrame ¶ added in v0.11.0
type StackFrame = govulncheck.StackFrame
StackFrame represents a call stack entry.
Click to show internal directories.
Click to hide internal directories.