rules

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 2, 2026 License: MIT Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Rule 

type Rule struct {
	ID          string
	Description string
	Severity    string   // CRITICAL, HIGH, MEDIUM, LOW
	Ecosystem   string   // npm, PyPI, Go, Maven, etc.
	Package     string   // regex pattern for package name
	Version     string   // version constraint: "<2.0.0", ">=1.0,<1.5", "*"
	Functions   []string // vulnerable function names
	Tags        []string // organizational tags
}

Rule defines a custom vulnerability detection rule.

type RuleSet 

type RuleSet struct {
	Rules []Rule
}

RuleSet holds a collection of rules loaded from YAML files.

func LoadRules 

func LoadRules(dir string) (*RuleSet, error)

LoadRules loads all .yaml/.yml files from a rules directory.

func LoadRulesFile 

func LoadRulesFile(path string) (*RuleSet, error)

LoadRulesFile loads rules from a single YAML file using a simple line-by-line parser.

func (*RuleSet) Match 

func (rs *RuleSet) Match(ecosystem, pkg, version string) []Rule

Match checks if a package matches any rule and returns the matching rules.

func (*RuleSet) ToFindings 

func (rs *RuleSet) ToFindings(matches []Rule, name, version, ecosystem, lockFile string) []cve.Finding

ToFindings converts matched rules to cve.Finding entries.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.