Documentation
¶
Index ¶
- Constants
- Variables
- func ColorizeSeverity(severity string) string
- func ColorizeStringBySeverity(value string, severity string) string
- func CurrentTag(image *Image) string
- func FormatCve(sb *Sbom, c *Cve)
- func FormatImage(image *Image) string
- func FormatPackageRemediation(p Package, c Cve) string
- func FormatRemediation(remediation []string)
- func PackageToPackageUrl(pkp Package) *packageurl.PackageURL
- func RenderCommit(image *Image) string
- func RenderVulnerabilities(image *Image) string
- func SupportedTag(image *Image) string
- func Tags(image *Image) []string
- func ToAdvisoryUrl(pkg Package) string
- func ToPackageUrl(url string) (packageurl.PackageURL, error)
- func ToSeverity(cve Cve) string
- func ToSeverityInt(cve Cve) int
- type Advisory
- type Cve
- type Cwe
- type Descriptor
- type Distro
- type Image
- type ImageSource
- type IndexImage
- type IndexManifestList
- type IndexResult
- type LayerMapping
- type Location
- type ManifestList
- type Package
- type Platform
- type Reference
- type Report
- type Repository
- type Sbom
- type Score
- type Source
- type Url
Constants ¶
View Source
const ( Success string = "success" Failed string = "failed" )
Variables ¶
View Source
var NamespaceMapping = map[string]string{
"oracle": "oraclelinux",
"ol": "oraclelinux",
"amazon": "amazonlinux",
"amzn": "amazonlinux",
"rhel": "redhatlinux",
}
View Source
var PackageTypeMapping = map[string]string{
"apk": "alpine",
"debian": "deb",
"ubuntu": "deb",
"node-pkg": "npm",
"java": "maven",
"gobinary": "golang",
"go": "golang",
"go-module": "golang",
"java-archive": "maven",
"jenkins-plugin": "maven",
"python": "pypi",
"python-pkg": "pypi",
"jar": "maven",
"gemspec": "gem",
"centos": "rpm",
"oracle": "rpm",
"ol": "rpm",
"amzn": "rpm",
"amazon": "rpm",
"redhat": "rpm",
"photon": "rpm",
"sles": "rpm",
"rhel": "rpm",
"pip": "pypi",
"rubygems": "gem",
"rust": "cargo",
"crates.io": "cargo",
"packagist": "composer",
}
Functions ¶
func ColorizeSeverity ¶ added in v0.0.8
func ColorizeStringBySeverity ¶ added in v0.0.8
func CurrentTag ¶ added in v0.0.8
func FormatImage ¶ added in v0.0.8
func FormatPackageRemediation ¶ added in v0.0.8
func FormatRemediation ¶ added in v0.0.8
func FormatRemediation(remediation []string)
func PackageToPackageUrl ¶ added in v0.0.7
func PackageToPackageUrl(pkp Package) *packageurl.PackageURL
func RenderCommit ¶ added in v0.0.8
func RenderVulnerabilities ¶ added in v0.0.8
func SupportedTag ¶ added in v0.0.8
func ToAdvisoryUrl ¶
func ToPackageUrl ¶
func ToSeverity ¶ added in v0.0.8
func ToSeverityInt ¶ added in v0.0.8
Types ¶
type Advisory ¶
type Advisory struct {
Source string `edn:"vulnerability/source" json:"source"`
SourceId string `edn:"vulnerability/source-id" json:"source_id"`
References []Reference `edn:"vulnerability/references" json:"references"`
Description string `edn:"vulnerability/description" json:"description,omitempty"`
Cwes []Cwe `edn:"vulnerability/cwes" json:"cwes,omitempty"`
Urls []Url `edn:"vulnerability/urls" json:"urls,omitempty"`
}
type Cve ¶
type Cve struct {
Purl string `edn:"purl" json:"purl"`
Source string `edn:"source" json:"source"`
SourceId string `edn:"source-id" json:"source_id"`
VulnerableRange string `edn:"vulnerable-range" json:"vulnerable_range"`
AdvisoryUrl string `edn:"url" json:"-"`
FixedBy string `edn:"fixed-by" json:"fixed_by,omitempty"`
Advisory *Advisory `edn:"v" json:"vendor_advisory,omitempty"`
Cve *Advisory `edn:"cve" json:"nist_cve,omitempty"`
}
type Descriptor ¶
type Image ¶ added in v0.0.8
type Image struct {
TeamId string `edn:"atomist/team-id"`
Digest string `edn:"docker.image/digest"`
CreatedAt time.Time `edn:"docker.image/created-at"`
Tags []string `edn:"docker.image/tags"`
Tag []struct {
Name string `edn:"docker.tag/name"`
} `edn:"docker.image/tag"`
ManifestList []ManifestList `edn:"docker.image/manifest-list"`
Repository Repository `edn:"docker.image/repository"`
File struct {
Path string `edn:"git.file/path"`
} `edn:"docker.image/file"`
Commit struct {
Sha string `edn:"git.commit/sha"`
Repo struct {
Name string `edn:"git.repo/name"`
Org struct {
Name string `edn:"git.org/name"`
} `edn:"git.repo/org"`
} `edn:"git.commit/repo"`
} `edn:"docker.image/commit"`
Report []Report `edn:"vulnerability.report/report"`
}
type ImageSource ¶
type ImageSource struct {
Name string `json:"name"`
Digest string `json:"digest"`
Tags *[]string `json:"tags,omitempty"`
Manifest *v1.Manifest `json:"manifest"`
Config *v1.ConfigFile `json:"config"`
RawManifest string `json:"raw_manifest"`
RawConfig string `json:"raw_config"`
Distro Distro `json:"distro"`
Platform Platform `json:"platform"`
Size int64 `json:"size"`
}
type IndexImage ¶ added in v0.0.8
type IndexImage struct {
Digest string `json:"digest"`
CreatedAt time.Time `json:"createdAt"`
Platform struct {
Os string `json:"os"`
Arch string `json:"arch"`
Variant string `json:"variant"`
} `json:"platform"`
Layers []struct {
Digest string `json:"digest"`
Size int `json:"size"`
LastModified time.Time `json:"lastModified"`
} `json:"layers"`
DigestChainId string `json:"digestChainId"`
DiffIdChainId string `json:"diffIdChainId"`
}
type IndexManifestList ¶ added in v0.0.8
type IndexManifestList struct {
Name string `json:"name"`
Tags []string `json:"tags"`
Digest string `json:"digest"`
Images []IndexImage `json:"images"`
}
type IndexResult ¶
type LayerMapping ¶
type ManifestList ¶ added in v0.0.8
type Package ¶
type Package struct {
Type string `json:"type"`
Namespace string `json:"namespace,omitempty"`
Name string `json:"name"`
Version string `json:"version"`
Purl string `json:"purl"`
Author string `json:"author,omitempty"`
Description string `json:"description,omitempty"`
Licenses []string `json:"licenses,omitempty"`
Url string `json:"url,omitempty"`
Size int `json:"size,omitempty"`
InstalledSize int `json:"installed_size,omitempty"`
Locations []Location `json:"locations"`
Files []Location `json:"files,omitempty"`
Parent string `json:"parent,omitempty"`
}
func MergePackages ¶
func MergePackages(results ...IndexResult) []Package
func NormalizePackages ¶
type Report ¶ added in v0.0.8
type Report struct {
Total int64 `edn:"vulnerability.report/total"`
Critical int64 `edn:"vulnerability.report/critical"`
High int64 `edn:"vulnerability.report/high"`
Medium int64 `edn:"vulnerability.report/medium"`
Low int64 `edn:"vulnerability.report/low"`
Unspecified int64 `edn:"vulnerability.report/unspecified"`
}
type Repository ¶ added in v0.0.8
type Sbom ¶
type Sbom struct {
Source Source `json:"source"`
Artifacts []Package `json:"artifacts"`
Vulnerabilities []Cve `json:"vulnerabilities,omitempty"`
Descriptor Descriptor `json:"descriptor"`
}
type Source ¶
type Source struct {
Type string `json:"type"`
Image ImageSource `json:"image"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.