insights

package

v0.0.0-...-7c5165e Latest Latest Go to latest Published: Jan 10, 2020 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/ebuckle/dependency-insights

Links

Open Source Insights

Documentation ¶

Index ¶

type DependencyData
type LicenseData
type NpmReport
- func ProduceInsights(language string, projectPath string) (*NpmReport, error)
type RiskyKeywordHit
type Vulnerabilities

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type DependencyData ¶

type DependencyData struct {
	Version              string                     `json:"version"`
	From                 string                     `json:"from"`
	Resolved             string                     `json:"resolved"`
	Dependencies         map[string]*DependencyData `json:"dependencies"`
	Path                 string                     `json:"path"`
	Audit                map[string]interface{}     `json:"audit"`
	LicenseAnalysis      map[string]api.Match       `json:"licenseAnalysis"`
	LicenseAnalysisError string                     `json:"licenseAnalysisError"`
	DeclaredLicenses     string                     `json:"declaredLicenses"`
	Vulnerabilities      *Vulnerabilities           `json:"Vulnerabilities"`
	ChildVulnerabilities *Vulnerabilities           `json:"childVulnerabilities"`
	LicenseData          *LicenseData               `json:"licenseData"`
	ChildLicenseData     *LicenseData               `json:"childLicenseData"`
	RiskyKeywords        []*RiskyKeywordHit         `json:"riskKeywords"`
}

DependencyData is the data structure representing a single dependency and its sub dependencies

type LicenseData ¶

type LicenseData struct {
	Unknown              int    `json:"unknown"`
	RiskyKeywords        int    `json:"riskyKeywords"`
	LicenseCompatability int    `json:"licenseCompatability"`
	Comment              string `json:"comment"`
}

LicenseData stores data about licensing issues for a package

type NpmReport ¶

type NpmReport struct {
	Dependencies         map[string]*DependencyData
	Version              string
	Name                 string
	Problems             []string
	Audit                map[string]interface{}
	ChildVulnerabilities *Vulnerabilities
	ChildLicenseData     *LicenseData
}

NpmReport contains information about the parent project, dependencies, npm audit and project issues

func ProduceInsights ¶

func ProduceInsights(language string, projectPath string) (*NpmReport, error)

ProduceInsights calls the appropriate crawling function for the provided language and then reports on licensing

type RiskyKeywordHit ¶

type RiskyKeywordHit struct {
	File       string `json:"file"`
	LineNumber string `json:"lineNumber"`
	LineText   string `json:"lineText"`
}

RiskyKeywordHit represents a successful finding of a risky keyword

type Vulnerabilities ¶

type Vulnerabilities struct {
	High   int `json:"high"`
	Medium int `json:"medium"`
	Low    int `json:"low"`
}

Vulnerabilities stores the number of vulnerabilities a package has

Source Files ¶

View all Source files

insights.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL