Documentation
¶
Overview ¶
Copyright (C) 2026 l3montree GmbH
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
Index ¶
- Variables
- type Bugs
- type DebianResolver
- func (d *DebianResolver) CheckIfVulnerabilityIsFixed(vulnVersion string, fixedVersion string) bool
- func (d *DebianResolver) FetchPackageMetadata(purl packageurl.PackageURL) (DebianResponse, error)
- func (d *DebianResolver) FindDependencyVersionInMeta(depMeta DebianResponse, pkgName string) (VersionConstraint, bool)
- func (d *DebianResolver) GetUpgradeCandidates(allVersionsMeta DebianResponse, currentVersion string) ([]string, error)
- func (d *DebianResolver) ParseVersionConstraint(spec string) (rangeType string, baseVersion string)
- func (d *DebianResolver) ResolveBestVersion(allVersionsMeta DebianResponse, versionConstraint VersionConstraint, ...) (string, error)
- type DebianResponse
- type Dist
- type DistTags
- type NPMResolver
- func (resolver *NPMResolver) CheckIfVulnerabilityIsFixed(vulnVersion string, fixedVersion string) bool
- func (resolver *NPMResolver) FetchPackageMetadata(purl packageurl.PackageURL) (*NPMResponse, error)
- func (resolver *NPMResolver) FindDependencyVersionInMeta(depMeta *NPMResponse, pkgName string) (VersionConstraint, bool)
- func (resolver *NPMResolver) GetUpgradeCandidates(npmResponse *NPMResponse, currentVersion string) ([]string, error)
- func (resolver *NPMResolver) ParseVersionConstraint(spec string) (rangeType string, baseVersion string)
- func (resolver *NPMResolver) ResolveBestVersion(allVersionsMeta *NPMResponse, versionConstraint VersionConstraint, ...) (string, error)
- type NPMResponse
- type Person
- type Repository
- type Resolver
- type Signatures
- type VersionConstraint
- type VersionData
- type VulnerabilityPathAnalysisFixedVersionResolver
Constants ¶
This section is empty.
Variables ¶
View Source
var Module = fx.Options( fx.Provide(fx.Annotate( NewVulnerabilityPathAnalysisFixedVersionResolver, fx.As(new(shared.FixedVersionResolver)), )), )
Functions ¶
This section is empty.
Types ¶
type DebianResolver ¶
type DebianResolver struct {
// contains filtered or unexported fields
}
func NewDebianResolver ¶
func NewDebianResolver() *DebianResolver
func (*DebianResolver) CheckIfVulnerabilityIsFixed ¶
func (d *DebianResolver) CheckIfVulnerabilityIsFixed(vulnVersion string, fixedVersion string) bool
func (*DebianResolver) FetchPackageMetadata ¶
func (d *DebianResolver) FetchPackageMetadata(purl packageurl.PackageURL) (DebianResponse, error)
func (*DebianResolver) FindDependencyVersionInMeta ¶
func (d *DebianResolver) FindDependencyVersionInMeta(depMeta DebianResponse, pkgName string) (VersionConstraint, bool)
func (*DebianResolver) GetUpgradeCandidates ¶
func (d *DebianResolver) GetUpgradeCandidates(allVersionsMeta DebianResponse, currentVersion string) ([]string, error)
GetUpgradeCandidates returns newer versions than currentVersion (upgrade candidates)
func (*DebianResolver) ParseVersionConstraint ¶
func (d *DebianResolver) ParseVersionConstraint(spec string) (rangeType string, baseVersion string)
func (*DebianResolver) ResolveBestVersion ¶
func (d *DebianResolver) ResolveBestVersion(allVersionsMeta DebianResponse, versionConstraint VersionConstraint, currentVersion string) (string, error)
type DebianResponse ¶
type Dist ¶
type Dist struct {
Shasum string `json:"shasum"`
Tarball string `json:"tarball"`
Integrity string `json:"integrity"`
Signatures []Signatures `json:"signatures"`
}
type NPMResolver ¶
type NPMResolver struct{}
func (*NPMResolver) CheckIfVulnerabilityIsFixed ¶
func (resolver *NPMResolver) CheckIfVulnerabilityIsFixed(vulnVersion string, fixedVersion string) bool
func (*NPMResolver) FetchPackageMetadata ¶
func (resolver *NPMResolver) FetchPackageMetadata(purl packageurl.PackageURL) (*NPMResponse, error)
func (*NPMResolver) FindDependencyVersionInMeta ¶
func (resolver *NPMResolver) FindDependencyVersionInMeta(depMeta *NPMResponse, pkgName string) (VersionConstraint, bool)
func (*NPMResolver) GetUpgradeCandidates ¶
func (resolver *NPMResolver) GetUpgradeCandidates(npmResponse *NPMResponse, currentVersion string) ([]string, error)
this currently implements the versioning algorithm for "always take latest"
func (*NPMResolver) ParseVersionConstraint ¶
func (resolver *NPMResolver) ParseVersionConstraint(spec string) (rangeType string, baseVersion string)
func (*NPMResolver) ResolveBestVersion ¶
func (resolver *NPMResolver) ResolveBestVersion(allVersionsMeta *NPMResponse, versionConstraint VersionConstraint, currentVersion string) (string, error)
resolveBestVersion finds the best matching version given a version spec and all available versions versionConstraint examples: "15.4.7", "^15.0.0", "~15.4.0", ">15.0.0", ">=15.4.0" Also supports incomplete semver like "^14.0", "^14", "~15", etc. Returns the highest matching version, or error if no match or spec is invalid
type NPMResponse ¶
type NPMResponse struct {
ID string `json:"_id"`
Rev string `json:"_rev"`
Name string `json:"name"`
Description string `json:"description"`
DistTags DistTags `json:"dist-tags"`
Versions map[string]VersionData `json:"versions"`
Time map[string]string `json:"time"`
Bugs Bugs `json:"bugs"`
Author interface{} `json:"author"`
License interface{} `json:"license"`
Homepage string `json:"homepage"`
Keywords []string `json:"keywords"`
Repository interface{} `json:"repository"`
Contributors []Person `json:"contributors"`
Maintainers []Person `json:"maintainers"`
ReadMe string `json:"readme"`
ReadMeFilename string `json:"readmeFilename"`
Users map[string]bool `json:"users"`
Dependencies map[string]string `json:"dependencies"`
DevDependencies map[string]string `json:"devDependencies"`
PeerDependencies map[string]string `json:"peerDependencies"`
OptionalDependencies map[string]string `json:"optionalDependencies"`
}
type Repository ¶
type Resolver ¶
type Resolver[T any] interface { FetchPackageMetadata(purl packageurl.PackageURL) (T, error) GetUpgradeCandidates(allVersionsMeta T, currentVersion string) ([]string, error) FindDependencyVersionInMeta(depMeta T, pkgName string) (VersionConstraint, bool) ResolveBestVersion(allVersionsMeta T, versionConstraint VersionConstraint, currentVersion string) (string, error) CheckIfVulnerabilityIsFixed(vulnVersion string, fixedVersion string) bool ParseVersionConstraint(spec string) (rangeType string, baseVersion string) }
type Signatures ¶
type VersionConstraint ¶
type VersionConstraint string
type VersionData ¶
type VersionData struct {
Name string `json:"name"`
Version string `json:"version"`
Keywords []string `json:"keywords"`
Author interface{} `json:"author"`
License interface{} `json:"license"`
ID string `json:"_id"`
Maintainers []Person `json:"maintainers"`
Contributors []Person `json:"contributors"`
Homepage string `json:"homepage"`
Bugs Bugs `json:"bugs"`
Jam map[string]interface{} `json:"jam"`
Dist Dist `json:"dist"`
Main string `json:"main"`
From string `json:"from"`
Engines interface{} `json:"engines"`
NpmUser Person `json:"_npmUser"`
Repository interface{} `json:"repository"`
NpmVersion string `json:"_npmVersion"`
Description string `json:"description"`
Directories map[string]string `json:"directories"`
}
type VulnerabilityPathAnalysisFixedVersionResolver ¶
type VulnerabilityPathAnalysisFixedVersionResolver struct {
// contains filtered or unexported fields
}
func NewVulnerabilityPathAnalysisFixedVersionResolver ¶
func NewVulnerabilityPathAnalysisFixedVersionResolver() *VulnerabilityPathAnalysisFixedVersionResolver
func (*VulnerabilityPathAnalysisFixedVersionResolver) CheckVulnerabilityFixChainAuto ¶
func (v *VulnerabilityPathAnalysisFixedVersionResolver) CheckVulnerabilityFixChainAuto(purls []packageurl.PackageURL, fixedVersion string) (string, error)
func (*VulnerabilityPathAnalysisFixedVersionResolver) ResolveFixedVersions ¶
func (v *VulnerabilityPathAnalysisFixedVersionResolver) ResolveFixedVersions(path []packageurl.PackageURL, fixedVersion string) (string, error)
Source Files
Click to show internal directories.
Click to hide internal directories.