Documentation
¶
Overview ¶
Package vulnerability holds the data structures and logic necessary to interact with the Application Security portions of the Gitlab API to enumerate vulnerabilities.
Index ¶
- func ContainsSeverity(severity Severity, severities []Severity) bool
- func ContainsState(state State, states []State) bool
- func FilterVulnerabilities(vulns []*gitlab.ProjectVulnerability, states []State, severities []Severity) []*gitlab.ProjectVulnerability
- type EnumerateSecurityVulnerabilitiesOptions
- type GitlabResourceReport
- type GitlabResources
- type Severity
- type State
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ContainsSeverity ¶
ContainsSeverity checks if a slice of Severities contains a specific Severity, returning true if it does.
func ContainsState ¶
ContainsState checks if a slice of States contains a specific State, returning true if it does.
func FilterVulnerabilities ¶
func FilterVulnerabilities(vulns []*gitlab.ProjectVulnerability, states []State, severities []Severity) []*gitlab.ProjectVulnerability
FilterVulnerabilities filters a slice of vulnerabilities by state and severity, returning only the vulnerabilities that match the provided states and severities.
Types ¶
type EnumerateSecurityVulnerabilitiesOptions ¶
type EnumerateSecurityVulnerabilitiesOptions struct {
ProjectID int `json:"project_id" yaml:"project_id"`
States []State `json:"states" yaml:"states"`
Severities []Severity `json:"severities" yaml:"severities"`
}
EnumerateSecurityVulnerabilitiesOptions holds the options for enumerating security vulnerabilities. The ProjectID field is used to specify the project ID to enumerate vulnerabilities for. The States field is used to filter vulnerabilities by state, only returning vulnerabilities that match the specified states. The Severities field is used to filter vulnerabilities by severity, only returning vulnerabilities that match the specified severities.
func NewEnumerateSecurityVulnerabilitiesOptions ¶
func NewEnumerateSecurityVulnerabilitiesOptions(projectID int, states []string, severities []string) (*EnumerateSecurityVulnerabilitiesOptions, error)
NewEnumerateSecurityVulnerabilitiesOptions creates a new EnumerateSecurityVulnerabilitiesOptions struct with the provided project ID, states, and severities. If states are not provided, the default state of 'detected' is used. If severities are not provided, the default is that all severities are included.
type GitlabResourceReport ¶
type GitlabResourceReport struct {
BaseURL string `json:"base_url" yaml:"base_url"`
Resources GitlabResources `json:"resources" yaml:"resources"`
Errors []string `json:"errors" yaml:"errors"`
}
GitlabResourceReport represents a report of Gitlab resources and non-fatal errors encountered during enumeration.
func EnumerateSecurityVulnerabilities ¶
func EnumerateSecurityVulnerabilities(ctx context.Context, baseURL string, enumerateOpts *EnumerateSecurityVulnerabilitiesOptions, client *gitlab.Client) (*GitlabResourceReport, error)
EnumerateSecurityVulnerabilities enumerates all of the security vulnerabilities for a project, filtering by the provided options.
type GitlabResources ¶
type GitlabResources struct {
Vulnerabilities []*gitlab.ProjectVulnerability `json:"vulnerabilities" yaml:"vulnerabilities"`
}
GitlabResources represents a collection of Gitlab vulnerabilities.
type Severity ¶
type Severity string
Severity represents the severity of a vulnerability, as defined by the Gitlab API.
func ToSeverities ¶
ToSeverities converts a slice of strings to a slice of Severities.
func ToSeverity ¶
ToSeverity converts a string to a Severity, returning SeverityUnknown if the string is not recognized.
Source Files