Documentation
¶
Overview ¶
Package grype defines data model, Config, Decoder, Validator, and validation rules for Anchore Grype vulnerability reports.
Index ¶
- Constants
- func AllowListRule(match models.Match, config Config) bool
- func DenyListRule(matches []models.Match, config Config) error
- func NewReportDecoder() *gce.JSONWriterDecoder[ScanReport]
- func NewValidator() gcv.Validator[models.Match, Config]
- func ThresholdRule(matches []models.Match, config Config) error
- type Config
- type ListItem
- type ScanReport
Constants ¶
View Source
const ConfigFieldName = "grype"
ConfigFieldName ...
View Source
const ReportType = "Anchore Grype Scan Report"
ReportType the Grype Type plain text
Variables ¶
This section is empty.
Functions ¶
func AllowListRule ¶
AllowListRule allow vulnerabilities in custom allow list
func DenyListRule ¶
DenyListRule reject vulnerabilities in custom deny list
func NewReportDecoder ¶
func NewReportDecoder() *gce.JSONWriterDecoder[ScanReport]
NewReportDecoder ...
Types ¶
type Config ¶
type Config struct {
AllowList []ListItem `yaml:"allowList,omitempty" json:"allowList,omitempty"`
DenyList []ListItem `yaml:"denyList,omitempty" json:"denyList,omitempty"`
EPSSAllowThreshold float64 `yaml:"epssAllowThreshold,omitempty" json:"epssAllowThreshold,omitempty"`
EPSSDenyThreshold float64 `yaml:"epssDenyThreshold,omitempty" json:"epssDenyThreshold,omitempty"`
Critical int `yaml:"critical" json:"critical"`
High int `yaml:"high" json:"high"`
Medium int `yaml:"medium" json:"medium"`
Low int `yaml:"low" json:"low"`
Negligible int `yaml:"negligible" json:"negligible"`
Unknown int `yaml:"unknown" json:"unknown"`
}
Config data model for grype thresholds configuration
type ListItem ¶
type ListItem struct {
ID string `yaml:"id" json:"id"`
Reason string `yaml:"reason" json:"reason"`
}
ListItem for Allow/Deny list
type ScanReport ¶
ScanReport data model for grype reports aliased from grype code base
Source Files
Click to show internal directories.
Click to hide internal directories.