Documentation ¶
Index ¶
- func CreateGHSABody(sa *ghsa.SecurityAdvisory, allReports map[string]*report.Report, ...) (body string, err error)
- func CreateIssues(ctx context.Context, st store.Store, client *issues.Client, pc *proxy.Client, ...) (err error)
- func FormatTime(t time.Time) string
- func ReadCVEAtPath(commit *object.Commit, path string) (_ *cveschema.CVE, blobHash string, err error)
- func SetKnownModules(mods []string)
- func TriageCVE(ctx context.Context, c *cveschema.CVE, pkgsiteURL string) (_ *triageResult, err error)
- func UpdateCVEsAtCommit(ctx context.Context, repoPath, commitHashString string, st store.Store, ...) (err error)
- type CheckUpdateError
- type Config
- type GHSAListFunc
- type Server
- type UpdateGHSAStats
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateGHSABody ¶
func CreateIssues ¶
func CreateIssues(ctx context.Context, st store.Store, client *issues.Client, pc *proxy.Client, allReports map[string]*report.Report, limit int) (err error)
CreateIssues creates issues on the x/vulndb issue tracker for allReports.
func FormatTime ¶
func ReadCVEAtPath ¶
func ReadCVEAtPath(commit *object.Commit, path string) (_ *cveschema.CVE, blobHash string, err error)
ReadCVEAtPath reads file at path in commit, and JSON-decodes it into a CVE.
func SetKnownModules ¶
func SetKnownModules(mods []string)
SetKnownModules provides a list of all known modules, so that no requests need to be made to pkg.go.dev.
func TriageCVE ¶
func TriageCVE(ctx context.Context, c *cveschema.CVE, pkgsiteURL string) (_ *triageResult, err error)
TriageCVE reports whether the CVE refers to a Go module.
func UpdateCVEsAtCommit ¶
func UpdateCVEsAtCommit(ctx context.Context, repoPath, commitHashString string, st store.Store, pkgsiteURL string, force bool) (err error)
UpdateCVEsAtCommit performs an update on the store using the given commit. Unless force is true, it checks that the update makes sense before doing it.
Types ¶
type CheckUpdateError ¶
type CheckUpdateError struct {
// contains filtered or unexported fields
}
CheckUpdateError is an error returned from UpdateCommit that can be avoided calling UpdateCommit with force set to true.
func (*CheckUpdateError) Error ¶
func (c *CheckUpdateError) Error() string
type Config ¶
type Config struct { // Project is the Google Cloud Project where the resources live. Project string // Namespace is the Firstore namespace to use. Namespace string // UseErrorReporting determines whether errors go to the Error Reporting API. UseErrorReporting bool // IssueRepo is the GitHub repo to use for issues. // An empty string disables issue creation. IssueRepo string // GitHubAccessToken is the token needed to authorize to the GitHub API. GitHubAccessToken string // Store is the implementation of store.Store used by the server. Store store.Store }
Config holds configuration information for the worker server.
type GHSAListFunc ¶
GHSAListFunc is the type of a function that lists GitHub security advisories.
type UpdateGHSAStats ¶
type UpdateGHSAStats struct { // Number of GitHub security advisories seen. NumProcessed int // Number of GHSARecords added to the store. NumAdded int // Number of GHSARecords already in the store that were modified. NumModified int }
func UpdateGHSAs ¶
func UpdateGHSAs(ctx context.Context, list GHSAListFunc, st store.Store) (_ UpdateGHSAStats, err error)
UpdateGHSAs updates the store with the current state of GitHub's security advisories.