provider

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 13, 2026 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Overview

Package provider defines the core Provider interface that all vulnerability data providers (NVD, GitHub, etc.) must implement.

Index

Constants

This section is empty.

Variables

View Source 
var DefaultRegistry = NewRegistry()

DefaultRegistry is the global provider registry.

Functions

func RunSync 

func RunSync(ctx context.Context, cfg SyncConfig, fetchFn FetchFunc) error

RunSync handles the common provider sync lifecycle: record startTime -> create SQLiteWriter -> call fetchFn -> writer.Close() -> write metadata.

Types

type Config 

type Config struct {
	// RootDir is the base directory for all provider data.
	// Each provider creates a subdirectory: {RootDir}/{ProviderName}/
	RootDir string

	// Workers is the number of concurrent workers for fetching.
	// Optimal values: NVD=10 (90-day partitions), GitHub=1 (avoid abuse detection)
	Workers int

	// RequestTimeout is the timeout for individual HTTP requests.
	RequestTimeout time.Duration

	// RetryAttempts is the number of retry attempts for failed requests.
	RetryAttempts int

	// Debug enables verbose logging of rate limits, timing, and headers.
	Debug bool
}

Config holds common configuration for all providers.

type FetchFunc 

type FetchFunc func(ctx context.Context, writer *store.SQLiteWriter) error

FetchFunc is the provider-specific fetch function that writes records. The provider receives a SQLiteWriter and is responsible for writing all records.

type GitHubConfig 

type GitHubConfig struct {
	Config

	// Token is the GitHub personal access token.
	// Required for GraphQL API access.
	Token string

	// AdvisoriesPerPage is the number of advisories per GraphQL request.
	// Max is 100.
	AdvisoriesPerPage int
}

GitHubConfig extends Config with GitHub-specific settings.

type NVDConfig 

type NVDConfig struct {
	Config

	// APIKey is the NVD API key for higher rate limits.
	// Without key: 5 req/30s, With key: 50 req/30s
	APIKey string

	// ResultsPerPage is the maximum results per API request.
	// NVD max is 2000.
	ResultsPerPage int
}

NVDConfig extends Config with NVD-specific settings.

type Provider 

type Provider interface {
	// Name returns the provider identifier (e.g., "nvd", "github").
	// Used for logging, metrics, and directory naming.
	Name() string

	// FetchAll downloads all data from the upstream source (cold boot).
	// This should use partitioning and worker pools for maximum throughput.
	FetchAll(ctx context.Context) error

	// FetchIncremental downloads only updates since lastUpdated.
	// Uses API-specific incremental mechanisms (lastModStartDate for NVD,
	// updatedSince for GitHub).
	FetchIncremental(ctx context.Context, lastUpdated time.Time) error

	// ResultsPath returns the path to the SQLite database.
	// Format: {root}/{provider}/results/{provider}-input.db
	ResultsPath() string

	// MetadataPath returns the path to metadata.json.
	// Format: {root}/{provider}/metadata.json
	MetadataPath() string
}

Provider defines the contract for vulnerability data providers. Each provider fetches data from an upstream source and writes it to SQLite in a format compatible with grype-db.

type ProviderFactory 

type ProviderFactory func(cfg Config) (Provider, error)

ProviderFactory is a function that creates a new Provider instance.

type Registry 

type Registry struct {
	// contains filtered or unexported fields
}

Registry maintains a mapping of provider names to their factories.

func NewRegistry 

func NewRegistry() *Registry

NewRegistry creates a new provider registry.

func (*Registry) Get 

func (r *Registry) Get(name string) (ProviderFactory, error)

Get retrieves a provider factory by name.

func (*Registry) List 

func (r *Registry) List() []string

List returns all registered provider names.

func (*Registry) Register 

func (r *Registry) Register(name string, factory ProviderFactory)

Register adds a provider factory to the registry.

type SyncConfig 

type SyncConfig struct {
	ProviderName  string
	SchemaName    string
	SchemaVersion string
	Version       int
	URLs          []string
	BatchSize     int
	RootDir       string
	ResultsPath   string
	MetadataPath  string
}

SyncConfig holds the configuration for a provider sync operation.

Source Files

View all Source files

Directories

Path Synopsis
Package epss implements the Exploit Prediction Scoring System provider.
 Package epss implements the Exploit Prediction Scoring System provider.
Package github implements the GitHub Security Advisories provider.
 Package github implements the GitHub Security Advisories provider.
Package kev implements the CISA Known Exploited Vulnerabilities provider.
 Package kev implements the CISA Known Exploited Vulnerabilities provider.
Package nvd implements the NVD vulnerability data provider.
 Package nvd implements the NVD vulnerability data provider.
Package ubuntu implements the Ubuntu CVE security provider.
 Package ubuntu implements the Ubuntu CVE security provider.
Package wolfi implements the Wolfi/Chainguard security provider.
 Package wolfi implements the Wolfi/Chainguard security provider.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.