Documentation
¶
Overview ¶
Package worker contains the implementation for the vulnerability enrichment worker pipeline.
Package worker contains the implementation for the vulnerability enrichment worker pipeline.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Engine ¶
type Stores ¶
type Stores struct {
SourceRepo models.SourceRepositoryStore
Vulnerability models.VulnerabilityStore
Relations models.RelationsStore
ImportFindings models.ImportFindingsStore
PyPIPublisher clients.Publisher
}
type Subscriber ¶
type Subscriber struct {
Engine Engine
PubSubSub *pubsub.Subscriber
}
type Task ¶
type Task struct {
Type TaskType
Vuln *osvschema.Vulnerability
SourceID string
PathInSource string
// ReceivedTime is when the importer requested the vuln to be processed.
ReceivedTime *time.Time
// SourceTime is the modified time according to the source
SourceTime *time.Time
// SHA256 is only used when Vuln is not provided
SHA256 string
}
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package pipeline contains individual vulnerability enrichers for the worker pipeline.
|
Package pipeline contains individual vulnerability enrichers for the worker pipeline. |
|
enumerateversions
Package enumerateversions implements an enricher that populates the affected[].versions field for supported ecosystems.
|
Package enumerateversions implements an enricher that populates the affected[].versions field for supported ecosystems. |
|
filterecosystem
Package filterecosystem implements an enricher that filters out affected ecosystems that should not be there.
|
Package filterecosystem implements an enricher that filters out affected ecosystems that should not be there. |
|
makesemver
Package makesemver implements an enricher that converts affected[].ranges[].type to SEMVER from ECOSYSTEM for SEMVER ecosystems.
|
Package makesemver implements an enricher that converts affected[].ranges[].type to SEMVER from ECOSYSTEM for SEMVER ecosystems. |
|
namenormalize
Package namenormalize implements an enricher that normalizes package names in a vulnerability.
|
Package namenormalize implements an enricher that normalizes package names in a vulnerability. |
|
published
Package published implements an enricher that sets the published date if missing from the vulnerability.
|
Package published implements an enricher that sets the published date if missing from the vulnerability. |
|
purl
Package purl implements an enricher that adds missing PURLs to affected packages, and cleans up some invalid PURLs.
|
Package purl implements an enricher that adds missing PURLs to affected packages, and cleans up some invalid PURLs. |
|
registry
Package registry contains all the enrichers that are used in the worker pipeline.
|
Package registry contains all the enrichers that are used in the worker pipeline. |
|
relations
Package relations implements an enricher that populates computed alisases, related, and upstream ids.
|
Package relations implements an enricher that populates computed alisases, related, and upstream ids. |
|
schemaversion
Package schemaversion implements an enricher that sets the schema_version to the latest for the vulnerability.
|
Package schemaversion implements an enricher that sets the schema_version to the latest for the vulnerability. |
|
sourcelink
Package sourcelink implements an enricher that adds the source link to the vulnerability.
|
Package sourcelink implements an enricher that adds the source link to the vulnerability. |
Click to show internal directories.
Click to hide internal directories.