osv

package
v0.0.0-...-5bfbd97 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 1, 2024 License: Apache-2.0 Imports: 24 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	RangeTypeGit RangeType = "GIT"

	EcosystemGo        Ecosystem = "Go"
	EcosystemNpm       Ecosystem = "npm"
	EcosystemPyPI      Ecosystem = "PyPI"
	EcosystemRubygems  Ecosystem = "RubyGems"
	EcosystemCrates    Ecosystem = "crates.io"
	EcosystemPackagist Ecosystem = "Packagist"
	EcosystemMaven     Ecosystem = "Maven"
	EcosystemNuGet     Ecosystem = "NuGet"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Advisory 

type Advisory struct {
	Ecosystem       types.Ecosystem
	PkgName         string
	VulnerabilityID string
	Aliases         []string

	// Advisory detail
	VulnerableVersions []string
	PatchedVersions    []string

	// Vulnerability detail
	Severity     types.Severity
	Title        string
	Description  string
	References   []string
	CVSSScoreV3  float64
	CVSSVectorV3 string

	// From affected[].database_specific
	DatabaseSpecific json.RawMessage
}

type Affected 

type Affected struct {
	Package           Package           `json:"package"`
	Severities        []Severity        `json:"severity,omitempty"`
	Ranges            []Range           `json:"ranges,omitempty"`
	Versions          []string          `json:"versions,omitempty"`
	EcosystemSpecific EcosystemSpecific `json:"ecosystem_specific"`
	DatabaseSpecific  json.RawMessage   `json:"database_specific,omitempty"`
}

type Credit 

type Credit struct {
	Name string `json:"name"`
}

type DefaultVersionRange 

type DefaultVersionRange struct {
	// contains filtered or unexported fields
}

func (*DefaultVersionRange) Contains 

func (r *DefaultVersionRange) Contains(ver string) (bool, error)

func (DefaultVersionRange) SetFixed 

func (r DefaultVersionRange) SetFixed(fixed string)

func (DefaultVersionRange) SetLastAffected 

func (r DefaultVersionRange) SetLastAffected(lastAffected string)

func (DefaultVersionRange) String 

func (r DefaultVersionRange) String() string

constraint returns the range as a constraint string in the expected format for semver.NewConstraint

type Ecosystem 

type Ecosystem string

type EcosystemSpecific 

type EcosystemSpecific struct {
	Imports []Import `json:"imports,omitempty"`
}

type Entry 

type Entry struct {
	SchemaVersion    string          `json:"schema_version,omitempty"`
	ID               string          `json:"id"`
	Modified         time.Time       `json:"modified,omitempty"`
	Published        time.Time       `json:"published,omitempty"`
	Withdrawn        *time.Time      `json:"withdrawn,omitempty"`
	Aliases          []string        `json:"aliases,omitempty"`
	Summary          string          `json:"summary,omitempty"`
	Details          string          `json:"details"`
	Severities       []Severity      `json:"severity"`
	Affected         []Affected      `json:"affected"`
	References       []Reference     `json:"references,omitempty"`
	Credits          []Credit        `json:"credits,omitempty"`
	DatabaseSpecific json.RawMessage `json:"database_specific,omitempty"`
}

source: https://ossf.github.io/osv-schema

type Import 

type Import struct {
	Path    string   `json:"path,omitempty"`
	GOOS    []string `json:"goos,omitempty"`
	GOARCH  []string `json:"goarch,omitempty"`
	Symbols []string `json:"symbols,omitempty"`
}

type MavenVersionRange 

type MavenVersionRange struct {
	// contains filtered or unexported fields
}

func (*MavenVersionRange) Contains 

func (r *MavenVersionRange) Contains(ver string) (bool, error)

func (MavenVersionRange) SetFixed 

func (r MavenVersionRange) SetFixed(fixed string)

func (MavenVersionRange) SetLastAffected 

func (r MavenVersionRange) SetLastAffected(lastAffected string)

func (MavenVersionRange) String 

func (r MavenVersionRange) String() string

constraint returns the range as a constraint string in the expected format for semver.NewConstraint

type NpmVersionRange 

type NpmVersionRange struct {
	// contains filtered or unexported fields
}

func (*NpmVersionRange) Contains 

func (r *NpmVersionRange) Contains(ver string) (bool, error)

func (NpmVersionRange) SetFixed 

func (r NpmVersionRange) SetFixed(fixed string)

func (NpmVersionRange) SetLastAffected 

func (r NpmVersionRange) SetLastAffected(lastAffected string)

func (NpmVersionRange) String 

func (r NpmVersionRange) String() string

constraint returns the range as a constraint string in the expected format for semver.NewConstraint

type OSV 

type OSV struct {
	// contains filtered or unexported fields
}

func New 

func New(dir string, sourceID types.SourceID, dataSources map[types.Ecosystem]types.DataSource, transformer Transformer) OSV

func (OSV) Name 

func (o OSV) Name() types.SourceID

func (OSV) Update 

func (o OSV) Update(root string) error

type Package 

type Package struct {
	Name      string    `json:"name"`
	Ecosystem Ecosystem `json:"ecosystem"`
}

type PyPIVersionRange 

type PyPIVersionRange struct {
	// contains filtered or unexported fields
}

func (*PyPIVersionRange) Contains 

func (r *PyPIVersionRange) Contains(ver string) (bool, error)

func (PyPIVersionRange) SetFixed 

func (r PyPIVersionRange) SetFixed(fixed string)

func (PyPIVersionRange) SetLastAffected 

func (r PyPIVersionRange) SetLastAffected(lastAffected string)

func (PyPIVersionRange) String 

func (r PyPIVersionRange) String() string

constraint returns the range as a constraint string in the expected format for semver.NewConstraint

type Range 

type Range struct {
	Type   RangeType    `json:"type"`
	Events []RangeEvent `json:"events"`
}

type RangeEvent 

type RangeEvent struct {
	Introduced   string `json:"introduced,omitempty"`
	Fixed        string `json:"fixed,omitempty"`
	LastAffected string `json:"last_affected,omitempty"`
}

type RangeType 

type RangeType string

type Reference 

type Reference struct {
	Type ReferenceType `json:"type"`
	URL  string        `json:"url"`
}

type ReferenceType 

type ReferenceType string

type RubyGemsVersionRange 

type RubyGemsVersionRange struct {
	// contains filtered or unexported fields
}

func (*RubyGemsVersionRange) Contains 

func (r *RubyGemsVersionRange) Contains(ver string) (bool, error)

func (RubyGemsVersionRange) SetFixed 

func (r RubyGemsVersionRange) SetFixed(fixed string)

func (RubyGemsVersionRange) SetLastAffected 

func (r RubyGemsVersionRange) SetLastAffected(lastAffected string)

func (RubyGemsVersionRange) String 

func (r RubyGemsVersionRange) String() string

constraint returns the range as a constraint string in the expected format for semver.NewConstraint

type SemVerRange 

type SemVerRange struct {
	// contains filtered or unexported fields
}

func (*SemVerRange) Contains 

func (r *SemVerRange) Contains(ver string) (bool, error)

func (SemVerRange) SetFixed 

func (r SemVerRange) SetFixed(fixed string)

func (SemVerRange) SetLastAffected 

func (r SemVerRange) SetLastAffected(lastAffected string)

func (SemVerRange) String 

func (r SemVerRange) String() string

constraint returns the range as a constraint string in the expected format for semver.NewConstraint

type Severity 

type Severity struct {
	Type  string `json:"type"`
	Score string `json:"score"`
}

type Transformer 

type Transformer interface {
	TransformAdvisories([]Advisory, Entry) ([]Advisory, error)
}

type VersionRange 

type VersionRange interface {
	Contains(ver string) (bool, error)
	String() string
	SetFixed(fixed string)
	SetLastAffected(lastAffected string)
}

func NewVersionRange 

func NewVersionRange(ecosystem Ecosystem, from string) VersionRange

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.