Documentation ¶
Overview ¶
Package vulncheck provides the vulnerability check evaluator
Package vulncheck provides the vulnerability check evaluator ¶
Package vulncheck provides the vulnerability check evaluator ¶
Package vulncheck provides the vulnerability check evaluator ¶
Package vulncheck provides the vulnerability check evaluator ¶
Package vulncheck provides the vulnerability check evaluator ¶
Package vulncheck provides the vulnerability check evaluator
Index ¶
Constants ¶
const (
// VulncheckEvalType is the type of the vulncheck evaluator
VulncheckEvalType = "vulncheck"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Evaluator ¶
type Evaluator struct {
// contains filtered or unexported fields
}
Evaluator is the vulncheck evaluator
func NewVulncheckEvaluator ¶
func NewVulncheckEvaluator(_ *pb.RuleType_Definition_Eval_Vulncheck, pbuild *providers.ProviderBuilder) (*Evaluator, error)
NewVulncheckEvaluator creates a new vulncheck evaluator
type OSVResponse ¶
type OSVResponse struct { Vulns []struct { ID string `json:"id"` Summary string `json:"summary"` Details string `json:"details"` Aliases []string `json:"aliases"` Modified time.Time `json:"modified"` Published time.Time `json:"published"` DatabaseSpecific struct { GithubReviewedAt string `json:"github_reviewed_at"` GithubReviewed bool `json:"github_reviewed"` Severity string `json:"severity"` CweIDs []string `json:"cwe_ids"` NvdPublishedAt string `json:"nvd_published_at"` } `json:"database_specific"` References []struct { Type string `json:"type"` URL string `json:"url"` } `json:"references"` Affected []struct { Package struct { Name string `json:"name"` Ecosystem string `json:"ecosystem"` Purl string `json:"purl"` } `json:"package"` Ranges []struct { Type string `json:"type"` Events []struct { Introduced string `json:"introduced,omitempty"` Fixed string `json:"fixed,omitempty"` } `json:"events"` } `json:"ranges"` DatabaseSpecific struct { Source string `json:"source"` } `json:"database_specific"` } `json:"affected"` SchemaVersion string `json:"schema_version"` Severity []struct { Type string `json:"type"` Score string `json:"score"` } `json:"severity"` } `json:"vulns"` }
OSVResponse is a response from the OSV database
type PyPiReply ¶
type PyPiReply struct { Info struct { Name string `json:"name"` Version string `json:"version"` } `json:"info"` }
PyPiReply is the reply from the PyPi API
func (*PyPiReply) GetPatchedVersion ¶ added in v0.0.25
GetPatchedVersion returns the suggested patch version for a vulnerable package
func (*PyPiReply) HasPatchedVersion ¶ added in v0.0.16
HasPatchedVersion returns true if the vulnerable package can be updated to a patched version
func (*PyPiReply) IndentedString ¶
IndentedString returns the patch suggestion for a requirement.txt file This method satisfies the patchLocatorFormatter interface where different package managers have different patch formats and different ways of presenting them. Since PyPi doesn't indent, but can specify zero or multiple versions, we don't care about the indent parameter. This is ripe for refactoring, though, see the comment in the patchLocatorFormatter interface.
func (*PyPiReply) LineHasDependency ¶
LineHasDependency returns true if the requirement.txt line is for the same package as the receiver
type RepoQuerier ¶
type RepoQuerier interface { SendRecvRequest(ctx context.Context, dep *pb.Dependency, patched string, latest bool) (patchLocatorFormatter, error) NoPatchAvailableFormatter(dep *pb.Dependency) patchLocatorFormatter }
RepoQuerier is the interface for querying a repository
type Vulnerability ¶
type Vulnerability struct { ID string `json:"id"` Summary string `json:"summary"` Details string `json:"details"` Introduced string `json:"introduced,omitempty"` Fixed string `json:"fixed,omitempty"` Type string `json:"type"` }
Vulnerability is a vulnerability JSON representation
type VulnerabilityResponse ¶
type VulnerabilityResponse struct {
Vulns []Vulnerability `json:"vulns"`
}
VulnerabilityResponse is a response from the vulnerability database