grype

package

v0.5.0 Latest Latest Go to latest Published: Apr 26, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/gatecheckdev/gatecheck

Links

Open Source Insights

Documentation ¶

Overview ¶

Package grype defines data model, Config, Decoder, Validator, and validation rules for Anchore Grype vulnerability reports.

Index ¶

Constants
func AllowListRule(match models.Match, config Config) bool
func DenyListRule(matches []models.Match, config Config) error
func NewReportDecoder() *gce.JSONWriterDecoder[ScanReport]
func NewValidator() gcv.Validator[models.Match, Config]
func ThresholdRule(matches []models.Match, config Config) error
type Config
type ListItem
type ScanReport
- func (r *ScanReport) String() string

Constants ¶

View Source

const ConfigFieldName = "grype"

ConfigFieldName ...

View Source

const ReportType = "Anchore Grype Scan Report"

ReportType the Grype Type plain text

Variables ¶

This section is empty.

Functions ¶

func AllowListRule ¶

func AllowListRule(match models.Match, config Config) bool

AllowListRule allow vulnerabilities in custom allow list

func DenyListRule ¶

func DenyListRule(matches []models.Match, config Config) error

DenyListRule reject vulnerabilities in custom deny list

func NewReportDecoder ¶

func NewReportDecoder() *gce.JSONWriterDecoder[ScanReport]

NewReportDecoder ...

func NewValidator ¶

func NewValidator() gcv.Validator[models.Match, Config]

NewValidator ...

func ThresholdRule ¶

func ThresholdRule(matches []models.Match, config Config) error

ThresholdRule will error if there are more vulnerabilities in X severity

Types ¶

type Config ¶

type Config struct {
	AllowList          []ListItem `json:"allowList,omitempty"          toml:"allowList,omitempty"          yaml:"allowList,omitempty"`
	DenyList           []ListItem `json:"denyList,omitempty"           toml:"denyList,omitempty"           yaml:"denyList,omitempty"`
	EPSSAllowThreshold float64    `json:"epssAllowThreshold,omitempty" toml:"epssAllowThreshold,omitempty" yaml:"epssAllowThreshold,omitempty"`
	EPSSDenyThreshold  float64    `json:"epssDenyThreshold,omitempty"  toml:"epssDenyThreshold,omitempty"  yaml:"epssDenyThreshold,omitempty"`
	Critical           int        `json:"critical"                     toml:"critical"                     yaml:"critical"`
	High               int        `json:"high"                         toml:"high"                         yaml:"high"`
	Medium             int        `json:"medium"                       toml:"medium"                       yaml:"medium"`
	Low                int        `json:"low"                          toml:"low"                          yaml:"low"`
	Negligible         int        `json:"negligible"                   toml:"negligible"                   yaml:"negligible"`
	Unknown            int        `json:"unknown"                      toml:"unknown"                      yaml:"unknown"`
}

Config data model for grype thresholds configuration

type ListItem ¶

type ListItem struct {
	ID     string `json:"id"     toml:"id"     yaml:"id"`
	Reason string `json:"reason" toml:"reason" yaml:"reason"`
}

ListItem for Allow/Deny list

type ScanReport ¶

type ScanReport models.Document

ScanReport data model for grype reports aliased from grype code base

func (*ScanReport) String ¶

func (r *ScanReport) String() string

String ...

Source Files ¶

View all Source files

grype.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL