policy

package
v1.2.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 17, 2026 License: MIT Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func LoadVEX 

func LoadVEX(path string) (map[string]string, error)

LoadVEX parses an OpenVEX JSON document and returns a map of vuln ID → status. NOTE: The OpenVEX "products" field is intentionally ignored; filtering is by vulnerability ID only. Product-scoped suppression is a known limitation.

Types

type Policy 

type Policy struct {
	FailOn      model.SeverityLevel
	IgnoreIDs   map[string]bool
	VEXStatuses map[string]string
}

Policy determines which findings matter and what exit code to return.

func New 

func New(failOn string, ignoreIDs []string) *Policy

New creates a Policy from CLI flags.

func (*Policy) ExitCode 

func (p *Policy) ExitCode(findings []model.Finding) model.ExitCode

ExitCode determines the process exit code based on findings.

func (*Policy) Filter 

func (p *Policy) Filter(findings []model.Finding) []model.Finding

Filter removes ignored findings and returns only actionable ones.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.