db

package

v0.61.1 Latest Latest Go to latest Published: Apr 27, 2023 License: Apache-2.0 Imports: 34 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nextlinux/grype

Documentation ¶

Index ¶

Constants
type Closer
type Config
type Curator
- func NewCurator(cfg Config) (Curator, error)
- func (c *Curator) Delete() error
- func (c *Curator) GetStore() (grypeDB.StoreReader, grypeDB.DBCloser, error)
- func (c *Curator) ImportFrom(dbArchivePath string) error
- func (c *Curator) IsUpdateAvailable() (bool, *Metadata, *ListingEntry, error)
- func (c Curator) ListingFromURL() (Listing, error)
- func (c *Curator) Status() Status
- func (c Curator) SupportedSchema() int
- func (c *Curator) Update() (bool, error)
- func (c *Curator) UpdateTo(listing *ListingEntry, downloadProgress, importProgress *progress.Manual, ...) error
- func (c *Curator) Validate() error
type Listing
- func NewListing(entries ...ListingEntry) Listing
- func NewListingFromFile(fs afero.Fs, path string) (Listing, error)
- func (l *Listing) BestUpdate(targetSchema int) *ListingEntry
- func (l Listing) Write(toPath string) error
type ListingEntry
- func NewListingEntryFromArchive(fs afero.Fs, metadata Metadata, dbArchivePath string, baseURL *url.URL) (ListingEntry, error)
- func (l *ListingEntry) MarshalJSON() ([]byte, error)
- func (l ListingEntry) String() string
- func (l *ListingEntry) UnmarshalJSON(data []byte) error
type ListingEntryJSON
- func (l ListingEntryJSON) ToListingEntry() (ListingEntry, error)
type MatchExclusionProvider
- func NewMatchExclusionProvider(reader grypeDB.VulnerabilityMatchExclusionStoreReader) *MatchExclusionProvider
- func (pr *MatchExclusionProvider) GetRules(vulnerabilityID string) ([]match.IgnoreRule, error)
type Metadata
- func NewMetadataFromDir(fs afero.Fs, dir string) (*Metadata, error)
- func (m *Metadata) IsSupersededBy(entry *ListingEntry) bool
- func (m Metadata) String() string
- func (m *Metadata) UnmarshalJSON(data []byte) error
- func (m Metadata) Write(toPath string) error
type MetadataJSON
- func (m MetadataJSON) ToMetadata() (Metadata, error)
type Status
type VulnerabilityMetadataProvider
- func NewVulnerabilityMetadataProvider(reader grypeDB.VulnerabilityMetadataStoreReader) *VulnerabilityMetadataProvider
- func (pr *VulnerabilityMetadataProvider) GetMetadata(id, namespace string) (*vulnerability.Metadata, error)
type VulnerabilityProvider
- func NewVulnerabilityProvider(reader grypeDB.VulnerabilityStoreReader) (*VulnerabilityProvider, error)
- func (pr *VulnerabilityProvider) Get(id, namespace string) ([]vulnerability.Vulnerability, error)
- func (pr *VulnerabilityProvider) GetByCPE(requestCPE cpe.CPE) ([]vulnerability.Vulnerability, error)
- func (pr *VulnerabilityProvider) GetByDistro(d *distro.Distro, p pkg.Package) ([]vulnerability.Vulnerability, error)
- func (pr *VulnerabilityProvider) GetByLanguage(l syftPkg.Language, p pkg.Package) ([]vulnerability.Vulnerability, error)

Constants ¶

View Source

const (
	FileName = grypeDB.VulnerabilityStoreFileName
)

View Source

const ListingFileName = "listing.json"

View Source

const MetadataFileName = "metadata.json"

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Closer ¶

type Closer struct {
	v5.DBCloser
}

Closer lets receiver close the db connection and free any allocated db resources. It's especially useful if vulnerability DB loaded repeatedly during some periodic SBOM scanning process.

type Config ¶

type Config struct {
	DBRootDir           string
	ListingURL          string
	CACert              string
	ValidateByHashOnGet bool
	ValidateAge         bool
	MaxAllowedBuiltAge  time.Duration
}

type Curator ¶

type Curator struct {
	// contains filtered or unexported fields
}

func NewCurator ¶

func NewCurator(cfg Config) (Curator, error)

func (*Curator) Delete ¶

func (c *Curator) Delete() error

Delete removes the DB and metadata file for this specific schema.

func (*Curator) GetStore ¶

func (c *Curator) GetStore() (grypeDB.StoreReader, grypeDB.DBCloser, error)

func (*Curator) ImportFrom ¶

func (c *Curator) ImportFrom(dbArchivePath string) error

ImportFrom takes a DB archive file and imports it into the final DB location.

func (*Curator) IsUpdateAvailable ¶

func (c *Curator) IsUpdateAvailable() (bool, *Metadata, *ListingEntry, error)

IsUpdateAvailable indicates if there is a new update available as a boolean, and returns the latest listing information available for this schema.

func (Curator) ListingFromURL ¶

func (c Curator) ListingFromURL() (Listing, error)

ListingFromURL loads a Listing from a URL.

func (*Curator) Status ¶

func (c *Curator) Status() Status

func (Curator) SupportedSchema ¶

func (c Curator) SupportedSchema() int

func (*Curator) Update ¶

func (c *Curator) Update() (bool, error)

Update the existing DB, returning an indication if any action was taken.

func (*Curator) UpdateTo ¶

func (c *Curator) UpdateTo(listing *ListingEntry, downloadProgress, importProgress *progress.Manual, stage *progress.Stage) error

UpdateTo updates the existing DB with the specific other version provided from a listing entry.

func (*Curator) Validate ¶

func (c *Curator) Validate() error

Validate checks the current database to ensure file integrity and if it can be used by this version of the application.

type Listing ¶

type Listing struct {
	Available map[int][]ListingEntry `json:"available"`
}

Listing represents the json file which is served up and made available for applications to download and consume one or more vulnerability db flat files.

func NewListing ¶

func NewListing(entries ...ListingEntry) Listing

NewListing creates a listing from one or more given ListingEntries.

func NewListingFromFile ¶

func NewListingFromFile(fs afero.Fs, path string) (Listing, error)

NewListingFromFile loads a Listing from a given filepath.

func (*Listing) BestUpdate ¶

func (l *Listing) BestUpdate(targetSchema int) *ListingEntry

BestUpdate returns the ListingEntry from a Listing that meets the given version constraints.

func (Listing) Write ¶

func (l Listing) Write(toPath string) error

Write the current listing to the given filepath.

type ListingEntry ¶

type ListingEntry struct {
	Built    time.Time // RFC 3339
	Version  int
	URL      *url.URL
	Checksum string
}

ListingEntry represents basic metadata about a database archive such as what is in the archive (built/version) as well as how to obtain and verify the archive (URL/checksum).

func NewListingEntryFromArchive ¶

func NewListingEntryFromArchive(fs afero.Fs, metadata Metadata, dbArchivePath string, baseURL *url.URL) (ListingEntry, error)

NewListingEntryFromArchive creates a new ListingEntry based on the metadata from a database flat file.

func (*ListingEntry) MarshalJSON ¶

func (l *ListingEntry) MarshalJSON() ([]byte, error)

func (ListingEntry) String ¶

func (l ListingEntry) String() string

func (*ListingEntry) UnmarshalJSON ¶

func (l *ListingEntry) UnmarshalJSON(data []byte) error

type ListingEntryJSON ¶

type ListingEntryJSON struct {
	Built    string `json:"built"`
	Version  int    `json:"version"`
	URL      string `json:"url"`
	Checksum string `json:"checksum"`
}

ListingEntryJSON is a helper struct for converting a ListingEntry into JSON (or parsing from JSON)

func (ListingEntryJSON) ToListingEntry ¶

func (l ListingEntryJSON) ToListingEntry() (ListingEntry, error)

ToListingEntry converts a ListingEntryJSON to a ListingEntry.

type MatchExclusionProvider ¶

type MatchExclusionProvider struct {
	// contains filtered or unexported fields
}

func NewMatchExclusionProvider ¶

func NewMatchExclusionProvider(reader grypeDB.VulnerabilityMatchExclusionStoreReader) *MatchExclusionProvider

func (*MatchExclusionProvider) GetRules ¶

func (pr *MatchExclusionProvider) GetRules(vulnerabilityID string) ([]match.IgnoreRule, error)

type Metadata ¶

type Metadata struct {
	Built    time.Time
	Version  int
	Checksum string
}

Metadata represents the basic identifying information of a database flat file (built/version) and a way to verify the contents (checksum).

func NewMetadataFromDir ¶

func NewMetadataFromDir(fs afero.Fs, dir string) (*Metadata, error)

NewMetadataFromDir generates a Metadata object from a directory containing a vulnerability.db flat file.

func (*Metadata) IsSupersededBy ¶

func (m *Metadata) IsSupersededBy(entry *ListingEntry) bool

IsSupersededBy takes a ListingEntry and determines if the entry candidate is newer than what is hinted at in the current Metadata object.

func (Metadata) String ¶

func (m Metadata) String() string

func (*Metadata) UnmarshalJSON ¶

func (m *Metadata) UnmarshalJSON(data []byte) error

func (Metadata) Write ¶

func (m Metadata) Write(toPath string) error

Write out a Metadata object to the given path.

type MetadataJSON ¶

type MetadataJSON struct {
	Built    string `json:"built"` // RFC 3339
	Version  int    `json:"version"`
	Checksum string `json:"checksum"`
}

MetadataJSON is a helper struct for parsing and assembling Metadata objects to and from JSON.

func (MetadataJSON) ToMetadata ¶

func (m MetadataJSON) ToMetadata() (Metadata, error)

ToMetadata converts a MetadataJSON object to a Metadata object.

type Status ¶

type Status struct {
	Built         time.Time `json:"built"`
	SchemaVersion int       `json:"schemaVersion"`
	Location      string    `json:"location"`
	Checksum      string    `json:"checksum"`
	Err           error     `json:"error"`
}

type VulnerabilityMetadataProvider ¶

type VulnerabilityMetadataProvider struct {
	// contains filtered or unexported fields
}

func NewVulnerabilityMetadataProvider ¶

func NewVulnerabilityMetadataProvider(reader grypeDB.VulnerabilityMetadataStoreReader) *VulnerabilityMetadataProvider

func (*VulnerabilityMetadataProvider) GetMetadata ¶

func (pr *VulnerabilityMetadataProvider) GetMetadata(id, namespace string) (*vulnerability.Metadata, error)

type VulnerabilityProvider ¶

type VulnerabilityProvider struct {
	// contains filtered or unexported fields
}

func NewVulnerabilityProvider ¶

func NewVulnerabilityProvider(reader grypeDB.VulnerabilityStoreReader) (*VulnerabilityProvider, error)

func (*VulnerabilityProvider) Get ¶

func (pr *VulnerabilityProvider) Get(id, namespace string) ([]vulnerability.Vulnerability, error)

func (*VulnerabilityProvider) GetByCPE ¶

func (pr *VulnerabilityProvider) GetByCPE(requestCPE cpe.CPE) ([]vulnerability.Vulnerability, error)

func (*VulnerabilityProvider) GetByDistro ¶

func (pr *VulnerabilityProvider) GetByDistro(d *distro.Distro, p pkg.Package) ([]vulnerability.Vulnerability, error)

func (*VulnerabilityProvider) GetByLanguage ¶

func (pr *VulnerabilityProvider) GetByLanguage(l syftPkg.Language, p pkg.Package) ([]vulnerability.Vulnerability, error)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
internal
gormadapter
sqlite
v1
store
store/model
v2
store
store/model
v3
store
store/model
v4
namespace
namespace/cpe
namespace/distro
namespace/language
pkg/resolver
pkg/resolver/java
pkg/resolver/python
pkg/resolver/stock
store
store/model
v5
namespace
namespace/cpe
namespace/distro
namespace/language
pkg/qualifier
pkg/qualifier/rpmmodularity
pkg/resolver
pkg/resolver/java
pkg/resolver/python
pkg/resolver/stock
store
store/model

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL