Documentation ¶
Index ¶
- Constants
- func Format(vulns *Vulnerabilities, format string) ([]byte, error)
- func LocateLock(path string) (io.Reader, error)
- func ToANSI(vulns *Vulnerabilities) []byte
- func ToJSON(vulns *Vulnerabilities) ([]byte, error)
- func ToJunit(vulns *Vulnerabilities) ([]byte, error)
- func ToMarkdown(vulns *Vulnerabilities) []byte
- func ToYAML(vulns *Vulnerabilities) ([]byte, error)
- func TryParseTime(value string) (time.Time, bool)
- type Advisory
- type AdvisoryDB
- type Branch
- type Cache
- type Lock
- type Package
- type SimpleAdvisory
- type Time
- type Version
- type Vulnerabilities
- type Vulnerability
Constants ¶
const AdvisoryArchiveURL = "https://codeload.github.com/FriendsOfPHP/security-advisories/zip/master"
AdvisoryArchiveURL represents the advisories database URL
Variables ¶
This section is empty.
Functions ¶
func Format ¶
func Format(vulns *Vulnerabilities, format string) ([]byte, error)
Format formats the vulnerabilities in the given format
func LocateLock ¶
LocateLock locates a composer.lock
func ToANSI ¶
func ToANSI(vulns *Vulnerabilities) []byte
ToANSI returns vulnerabilities as text with ANSI code for colors
func ToJSON ¶
func ToJSON(vulns *Vulnerabilities) ([]byte, error)
ToJSON outputs vulnerabilities as JSON
func ToJunit ¶ added in v1.1.0
func ToJunit(vulns *Vulnerabilities) ([]byte, error)
func ToMarkdown ¶
func ToMarkdown(vulns *Vulnerabilities) []byte
ToMarkdown returns vulnerabilities as Markdown
func ToYAML ¶
func ToYAML(vulns *Vulnerabilities) ([]byte, error)
ToYAML outputs vulnerabilities as YAML
Types ¶
type Advisory ¶
type Advisory struct { Title string `yaml:"title"` Link string `yaml:"link"` CVE string `yaml:"cve"` Branches map[string]*Branch `yaml:"branches"` Reference string `yaml:"reference"` }
Advisory represents a single security advisory
type AdvisoryDB ¶
type AdvisoryDB struct { Advisories []Advisory // contains filtered or unexported fields }
AdvisoryDB stores all known security advisories
func NewDB ¶
func NewDB(noHTTPCalls bool, advisoryArchiveURL string) (*AdvisoryDB, error)
NewDB fetches the advisory DB from Github
func (*AdvisoryDB) Load ¶
func (db *AdvisoryDB) Load(advisoryArchiveURL string) error
Load Loads fetches the database from Github and reads/loads current advisories from the repository. Cache handling is delegated to http.Transport and **must** be handled appropriately.
type Lock ¶
type Lock struct { Packages []Package `json:"packages"` DevPackages []Package `json:"packages-dev"` }
Lock represents a Composer lock file
type Package ¶
type Package struct { Name string `json:"name"` Version Version `json:"version"` Time Time `json:"time,omitempty"` }
Package represents a Composer package
type SimpleAdvisory ¶
type SimpleAdvisory struct { Title string `json:"title"` Link string `json:"link"` CVE string `json:"cve"` }
SimpleAdvisory represents an advisory for export
func (SimpleAdvisory) String ¶
func (a SimpleAdvisory) String() string
type Time ¶
Time represents a Composer-like date
func (Time) MarshalJSON ¶
MarshalJSON dumps a Composer-like date to JSON from a Go time.Time
func (*Time) UnmarshalJSON ¶
UnmarshalJSON parses a Composer-like date from JSON to a Go time.Time
func (*Time) UnmarshalYAML ¶
UnmarshalYAML parses a Composer-like date from YAML to a Go time.Time
type Version ¶
type Version string
Version represents a composer.json version (can be a string or an integer)
func (*Version) UnmarshalJSON ¶
UnmarshalJSON converts versions as integers to strings
type Vulnerabilities ¶
type Vulnerabilities map[string]Vulnerability
Vulnerabilities stores vulnerabilities for a lock file
func Analyze ¶
func Analyze(lock *Lock, db *AdvisoryDB, noDevPackages bool) *Vulnerabilities
Analyze checks if a give lock references packages with known security issues
func (*Vulnerabilities) Count ¶
func (v *Vulnerabilities) Count() int
Count returns the number of vulnerabilities
func (*Vulnerabilities) CountVulnerablePackages ¶
func (v *Vulnerabilities) CountVulnerablePackages() int
CountVulnerablePackages returns the number of packages with vulnerabilities
func (*Vulnerabilities) Get ¶
func (v *Vulnerabilities) Get(pkg string) *Vulnerability
Get returns the list of vulnerabilities for a given package
func (*Vulnerabilities) Keys ¶
func (v *Vulnerabilities) Keys() []string
Keys returns package names in alpha order
type Vulnerability ¶
type Vulnerability struct { Version string `json:"version"` Advisories []SimpleAdvisory `json:"advisories"` }
Vulnerability represents an vulnerability