models

package
v0.77.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 9, 2024 License: Apache-2.0 Imports: 15 Imported by: 26

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func SeverityScore added in v0.65.0 

func SeverityScore(severtiy string) int

returns severtiy score for presenter sorting purposes

Types

type Advisory added in v0.13.0 

type Advisory struct {
	ID   string `json:"id"`
	Link string `json:"link"`
}

type Cvss 

type Cvss struct {
	Source         string      `json:"source,omitempty"`
	Type           string      `json:"type,omitempty"`
	Version        string      `json:"version"`
	Vector         string      `json:"vector"`
	Metrics        CvssMetrics `json:"metrics"`
	VendorMetadata interface{} `json:"vendorMetadata"`
}

func NewCVSS added in v0.13.0 

func NewCVSS(metadata *vulnerability.Metadata) []Cvss

type CvssMetrics added in v0.13.0 

type CvssMetrics struct {
	BaseScore           float64  `json:"baseScore"`
	ExploitabilityScore *float64 `json:"exploitabilityScore,omitempty"`
	ImpactScore         *float64 `json:"impactScore,omitempty"`
}

type Document 

type Document struct {
	Matches        []Match        `json:"matches"`
	IgnoredMatches []IgnoredMatch `json:"ignoredMatches,omitempty"`
	Source         *source        `json:"source"`
	Distro         distribution   `json:"distro"`
	Descriptor     descriptor     `json:"descriptor"`
}

Document represents the JSON document to be presented

func NewDocument 

func NewDocument(id clio.Identification, packages []pkg.Package, context pkg.Context, matches match.Matches, ignoredMatches []match.IgnoredMatch, metadataProvider vulnerability.MetadataProvider, appConfig interface{}, dbStatus interface{}) (Document, error)

NewDocument creates and populates a new Document struct, representing the populated JSON document.

type Fix added in v0.13.0 

type Fix struct {
	Versions []string `json:"versions"`
	State    string   `json:"state"`
}

type IgnoreRule added in v0.21.1 

type IgnoreRule struct {
	Vulnerability    string             `json:"vulnerability,omitempty"`
	Reason           string             `json:"reason,omitempty"`
	FixState         string             `json:"fix-state,omitempty"`
	Package          *IgnoreRulePackage `json:"package,omitempty"`
	VexStatus        string             `json:"vex-status,omitempty"`
	VexJustification string             `json:"vex-justification,omitempty"`
	MatchType        string             `json:"match-type,omitempty"`
}

type IgnoreRulePackage added in v0.21.1 

type IgnoreRulePackage struct {
	Name         string `json:"name,omitempty"`
	Version      string `json:"version,omitempty"`
	Type         string `json:"type,omitempty"`
	Location     string `json:"location,omitempty"`
	UpstreamName string `json:"upstream-name,omitempty"`
}

type IgnoredMatch added in v0.21.1 

type IgnoredMatch struct {
	Match
	AppliedIgnoreRules []IgnoreRule `json:"appliedIgnoreRules"`
}

type Match 

type Match struct {
	Vulnerability          Vulnerability           `json:"vulnerability"`
	RelatedVulnerabilities []VulnerabilityMetadata `json:"relatedVulnerabilities"`
	MatchDetails           []MatchDetails          `json:"matchDetails"`
	Artifact               Package                 `json:"artifact"`
}

Match is a single item for the JSON array reported

type MatchDetails 

type MatchDetails struct {
	Type       string      `json:"type"`
	Matcher    string      `json:"matcher"`
	SearchedBy interface{} `json:"searchedBy"` // The specific attributes that were used to search (other than package name and version) --this indicates "how" the match was made.
	Found      interface{} `json:"found"`      // The specific attributes on the vulnerability object that were matched with --this indicates "what" was matched on / within.
}

MatchDetails contains all data that indicates how the result match was found

type MatchSort added in v0.65.0 

type MatchSort []Match

func (MatchSort) Len added in v0.65.0 

func (m MatchSort) Len() int

Len is the number of elements in the collection.

func (MatchSort) Less added in v0.65.0 

func (m MatchSort) Less(i, j int) bool

Less reports whether the element with index i should sort before the element with index j. sort should consistent across presenters: name, version, type, severity, vulnerability

func (MatchSort) Swap added in v0.65.0 

func (m MatchSort) Swap(i, j int)

Swap swaps the elements with indexes i and j.

type MetadataMock 

type MetadataMock struct {
	// contains filtered or unexported fields
}

MetadataMock provides the behavior required for a vulnerability.MetadataProvider for the purpose of testing.

func NewMetadataMock 

func NewMetadataMock() *MetadataMock

NewMetadataMock returns a new instance of MetadataMock.

func (*MetadataMock) GetMetadata 

func (m *MetadataMock) GetMetadata(id, namespace string) (*vulnerability.Metadata, error)

GetMetadata returns vulnerability metadata for a given id and recordSource.

type MockVendorMetadata added in v0.13.0 

type MockVendorMetadata struct {
	BaseSeverity string
	Status       string
}

type Package 

type Package struct {
	ID           string             `json:"id"`
	Name         string             `json:"name"`
	Version      string             `json:"version"`
	Type         syftPkg.Type       `json:"type"`
	Locations    []file.Coordinates `json:"locations"`
	Language     syftPkg.Language   `json:"language"`
	Licenses     []string           `json:"licenses"`
	CPEs         []string           `json:"cpes"`
	PURL         string             `json:"purl"`
	Upstreams    []UpstreamPackage  `json:"upstreams"`
	MetadataType string             `json:"metadataType,omitempty"`
	Metadata     interface{}        `json:"metadata,omitempty"`
}

Package is meant to be only the fields that are needed when displaying a single pkg.Package object for the JSON presenter.

type PresenterConfig added in v0.55.0 

type PresenterConfig struct {
	ID               clio.Identification
	Matches          match.Matches
	IgnoredMatches   []match.IgnoredMatch
	Packages         []pkg.Package
	Context          pkg.Context
	MetadataProvider vulnerability.MetadataProvider
	SBOM             *sbom.SBOM
	AppConfig        interface{}
	DBStatus         interface{}
}

type UpstreamPackage added in v0.33.0 

type UpstreamPackage struct {
	Name    string `json:"name"`
	Version string `json:"version,omitempty"`
}

type Vulnerability 

type Vulnerability struct {
	VulnerabilityMetadata
	Fix        Fix        `json:"fix"`
	Advisories []Advisory `json:"advisories"`
}

func NewVulnerability 

func NewVulnerability(vuln vulnerability.Vulnerability, metadata *vulnerability.Metadata) Vulnerability

type VulnerabilityMetadata added in v0.13.0 

type VulnerabilityMetadata struct {
	ID          string   `json:"id"`
	DataSource  string   `json:"dataSource"`
	Namespace   string   `json:"namespace,omitempty"`
	Severity    string   `json:"severity,omitempty"`
	URLs        []string `json:"urls"`
	Description string   `json:"description,omitempty"`
	Cvss        []Cvss   `json:"cvss"`
}

func NewVulnerabilityMetadata added in v0.13.0 

func NewVulnerabilityMetadata(id, namespace string, metadata *vulnerability.Metadata) VulnerabilityMetadata

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.