Documentation
¶
Index ¶
- func AppendToBundle(bundleRWS io.ReadWriteSeeker, src io.Reader, label string, tags []string) error
- func CreateBundle(dstBundle io.Writer, src io.Reader, label string, tags []string) error
- func DownloadEPSS(w io.Writer, optionFuncs ...optionFunc) error
- func DownloadKEV(w io.Writer, optionFuncs ...optionFunc) error
- func EncodeConfigTo(w io.Writer, config *Config, format string) error
- func List(dst io.Writer, src io.Reader, inputFilename string) error
- func ListAll(dst io.Writer, src io.Reader, inputFilename string, client *http.Client, ...) error
- func ListCyclonedx(dst io.Writer, src io.Reader) error
- func ListGrypeReport(dst io.Writer, src io.Reader) error
- func ListSemgrep(dst io.Writer, src io.Reader) error
- func LoadCatalogAndData(config *Config, catalog *kev.Catalog, epssData *epss.Data, ...) error
- func RemoveFromBundle(bundleRWS io.ReadWriteSeeker, label string) error
- func Validate(config *Config, reportSrc io.Reader, targetfilename string, ...) error
- func WithEPSSFile(r io.Reader) optionFunc
- func WithEPSSURL(url string) optionFunc
- func WithKEVFile(r io.Reader) optionFunc
- func WithKEVURL(url string) optionFunc
- func WriteDefaultConfig(w io.Writer, format string) error
- type ApplicationMetadata
- type Config
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AppendToBundle ¶ added in v0.4.0
AppendToBundle adds a file to an existing bundle
If the bundle doesn't exist, use CreateBundle
func CreateBundle ¶ added in v0.4.0
CreateBundle create a new bundle with a file
If the bundle already exist, use CreateBundle. this function will completely overwrite an existing bundle
func DownloadEPSS ¶ added in v0.4.0
func DownloadKEV ¶ added in v0.4.0
func EncodeConfigTo ¶ added in v0.4.0
func ListAll ¶ added in v0.4.0
func ListAll(dst io.Writer, src io.Reader, inputFilename string, client *http.Client, epssURL string, epssFile io.Reader) error
ListAll will print a table of vulnerabilities with EPSS Score and Percentile
if epssURL is "", it will use the default value
func LoadCatalogAndData ¶ added in v0.4.0
func RemoveFromBundle ¶ added in v0.4.0
func RemoveFromBundle(bundleRWS io.ReadWriteSeeker, label string) error
RemoveFromBundle removes a file from an existing bundle
func Validate ¶ added in v0.4.0
func Validate(config *Config, reportSrc io.Reader, targetfilename string, optionFuncs ...optionFunc) error
Validate against config thresholds
func WithEPSSFile ¶ added in v0.4.0
func WithEPSSURL ¶ added in v0.4.0
func WithEPSSURL(url string) optionFunc
WithEPSSURL optionFunc that sets the fetch URL for EPSS data
Will use the default option if "" is passed
func WithKEVFile ¶ added in v0.4.0
func WithKEVURL ¶ added in v0.4.0
func WithKEVURL(url string) optionFunc
WithKEVURL optionFunc that sets the fetch URL for KEV data
Will use the default option if "" is passed
Types ¶
type ApplicationMetadata ¶ added in v0.4.0
type ApplicationMetadata struct {
CLIVersion string
GitCommit string
BuildDate string
GitDescription string
Platform string
GoVersion string
Compiler string
}
ApplicationMetadata ...
func (ApplicationMetadata) String ¶ added in v0.4.0
func (m ApplicationMetadata) String() string
type Config ¶
type Config struct {
Version string `json:"version" toml:"version" yaml:"version"`
Metadata configMetadata `json:"metadata" toml:"metadata" yaml:"metadata"`
Grype reportWithCVEs `json:"grype" toml:"grype" yaml:"grype"`
Cyclonedx reportWithCVEs `json:"cyclonedx" toml:"cyclonedx" yaml:"cyclonedx"`
Semgrep configSemgrepReport `json:"semgrep" toml:"semgrep" yaml:"semgrep"`
Gitleaks configGitleaksReport `json:"gitleaks" toml:"gitleaks" yaml:"gitleaks"`
}
Config is used to set limits and allowances during validation
The report can be encoded/decoded into json, yaml, or toml Metadata fields are intended for arbitrary data and shouldn't conflict with rule validation
func NewDefaultConfig ¶ added in v0.4.0
func NewDefaultConfig() *Config
Source Files