models

package

v0.2.0 Latest Latest Go to latest Published: Feb 12, 2026 License: GPL-3.0 Imports: 2 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/boostsecurityio/bagel

Links

Open Source Insights

Documentation ¶

Index ¶

type CacheConfig
type Config
type DetectionContext
- func NewDetectionContext(input NewDetectionContextInput) *DetectionContext
type FileIndexConfig
type Finding
type HostInfo
type HostInfoConfig
type Metadata
type NewDetectionContextInput
type OutputConfig
type PatternConfig
type PrivacyConfig
type ProbeConfig
type ProbeSettings
type ScanResult
type SystemInfo

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CacheConfig ¶

type CacheConfig struct {
	TTL            string `yaml:"ttl" mapstructure:"ttl"`                           // Duration string, e.g., "30m"
	SampleSize     int    `yaml:"sample_size" mapstructure:"sample_size"`           // Number of files to sample for validation
	ValidateOnLoad bool   `yaml:"validate_on_load" mapstructure:"validate_on_load"` // Enable staleness checking
}

CacheConfig contains configuration for file index cache staleness detection

type Config ¶

type Config struct {
	Version     int               `yaml:"version" mapstructure:"version"`
	Probes      ProbeConfig       `yaml:"probes" mapstructure:"probes"`
	Privacy     PrivacyConfig     `yaml:"privacy" mapstructure:"privacy"`
	Output      OutputConfig      `yaml:"output" mapstructure:"output"`
	SeverityMap map[string]string `yaml:"severity_map" mapstructure:"severity_map"`
	FileIndex   FileIndexConfig   `yaml:"file_index" mapstructure:"file_index"`
	HostInfo    HostInfoConfig    `yaml:"hostinfo" mapstructure:"hostinfo"`
}

Config represents the Bagel configuration

type DetectionContext ¶

type DetectionContext struct {
	// Source indicates where the content came from (e.g., "env:GITHUB_TOKEN", "file:/path/to/config")
	Source string

	// ProbeName is the name of the probe that invoked the detector
	ProbeName string

	// LineNumber is the 1-based line number where the content was found (0 if not applicable)
	LineNumber int

	// EnvVarName is the environment variable name (empty if not from env)
	EnvVarName string

	// Extra allows probes to pass additional arbitrary metadata
	Extra map[string]any
}

DetectionContext provides probe-specific context to detectors This allows probes to pass metadata that gets included in findings

func NewDetectionContext ¶

func NewDetectionContext(input NewDetectionContextInput) *DetectionContext

func (*DetectionContext) FormatSource ¶

func (c *DetectionContext) FormatSource() string

FormatSource returns a formatted source string that includes line number if present

func (*DetectionContext) WithEnvVarName ¶

func (c *DetectionContext) WithEnvVarName(name string) *DetectionContext

WithEnvVarName sets the environment variable name and returns the context for chaining

func (*DetectionContext) WithExtra ¶

func (c *DetectionContext) WithExtra(key string, value any) *DetectionContext

WithExtra sets an extra metadata key-value pair and returns the context for chaining

func (*DetectionContext) WithLineNumber ¶

func (c *DetectionContext) WithLineNumber(line int) *DetectionContext

WithLineNumber sets the line number and returns the context for chaining

type FileIndexConfig ¶

type FileIndexConfig struct {
	MaxDepth       int             `yaml:"max_depth" mapstructure:"max_depth"`
	FollowSymlinks bool            `yaml:"follow_symlinks" mapstructure:"follow_symlinks"`
	BaseDirs       []string        `yaml:"base_dirs" mapstructure:"base_dirs"`
	Patterns       []PatternConfig `yaml:"patterns" mapstructure:"patterns"`
	Cache          CacheConfig     `yaml:"cache" mapstructure:"cache"`
}

FileIndexConfig contains configuration for file indexing

type Finding ¶

type Finding struct {
	ID        string                 `json:"id"`
	Probe     string                 `json:"probe"`
	Severity  string                 `json:"severity"`
	Title     string                 `json:"title"`
	Message   string                 `json:"message"`
	Path      string                 `json:"path,omitempty"`
	Locations []string               `json:"locations,omitempty"` // Additional locations when deduplicated
	Metadata  map[string]interface{} `json:"metadata,omitempty"`
}

Finding represents a single security finding

type HostInfo ¶

type HostInfo struct {
	Hostname string      `json:"hostname"`
	OS       string      `json:"os"`
	Arch     string      `json:"arch"`
	Username string      `json:"username"`
	System   *SystemInfo `json:"system,omitempty"`
}

HostInfo contains information about the scanned host

type HostInfoConfig ¶

type HostInfoConfig struct {
	Extended bool `yaml:"extended" mapstructure:"extended"`
}

HostInfoConfig contains configuration for extended host information collection

type Metadata ¶

type Metadata struct {
	Version   string    `json:"version"`
	Timestamp time.Time `json:"timestamp"`
	Duration  string    `json:"duration"`
}

Metadata contains scan metadata

type NewDetectionContextInput ¶

type NewDetectionContextInput struct {
	Source    string
	ProbeName string
}

NewDetectionContext creates a new DetectionContext with required fields

type OutputConfig ¶

type OutputConfig struct {
	IncludeFileHashes  bool `yaml:"include_file_hashes" mapstructure:"include_file_hashes"`
	IncludeFileContent bool `yaml:"include_file_content" mapstructure:"include_file_content"`
}

OutputConfig contains output-related settings

type PatternConfig ¶

type PatternConfig struct {
	Name     string   `yaml:"name" mapstructure:"name"`
	Patterns []string `yaml:"patterns" mapstructure:"patterns"`
	Type     string   `yaml:"type" mapstructure:"type"` // "glob", "exact", "regex"
}

PatternConfig defines a file pattern to index

type PrivacyConfig ¶

type PrivacyConfig struct {
	RedactPaths        []string `yaml:"redact_paths" mapstructure:"redact_paths"`
	ExcludeEnvPrefixes []string `yaml:"exclude_env_prefixes" mapstructure:"exclude_env_prefixes"`
}

PrivacyConfig contains privacy-related settings

type ProbeConfig ¶

type ProbeConfig struct {
	Git          ProbeSettings `yaml:"git" mapstructure:"git"`
	SSH          ProbeSettings `yaml:"ssh" mapstructure:"ssh"`
	NPM          ProbeSettings `yaml:"npm" mapstructure:"npm"`
	Env          ProbeSettings `yaml:"env" mapstructure:"env"`
	ShellHistory ProbeSettings `yaml:"shell_history" mapstructure:"shell_history"`
	Cloud        ProbeSettings `yaml:"cloud" mapstructure:"cloud"`
	JetBrains    ProbeSettings `yaml:"jetbrains" mapstructure:"jetbrains"`
	GH           ProbeSettings `yaml:"gh" mapstructure:"gh"`
	AICli        ProbeSettings `yaml:"ai_cli" mapstructure:"ai_cli"`
}

ProbeConfig contains configuration for all probes

type ProbeSettings ¶

type ProbeSettings struct {
	Enabled bool                   `yaml:"enabled" mapstructure:"enabled"`
	Flags   map[string]interface{} `yaml:"flags" mapstructure:"flags"`
}

ProbeSettings contains settings for a specific probe

type ScanResult ¶

type ScanResult struct {
	Metadata Metadata  `json:"metadata"`
	Host     HostInfo  `json:"host"`
	Findings []Finding `json:"findings"`
}

ScanResult represents the complete scan output

type SystemInfo ¶

type SystemInfo struct {
	OSVersion     string    `json:"os_version,omitempty"`
	KernelVersion string    `json:"kernel_version,omitempty"`
	CPUModel      string    `json:"cpu_model,omitempty"`
	CPUCores      int       `json:"cpu_cores,omitempty"`
	RAMTotalGB    float64   `json:"ram_total_gb,omitempty"`
	BootTime      time.Time `json:"boot_time,omitempty"`
	Timezone      string    `json:"timezone,omitempty"`
}

SystemInfo contains detailed system information

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL