models

package
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 7, 2024 License: AGPL-3.0 Imports: 16 Imported by: 0

Documentation

Overview

Copyright (C) 2024 Tim Bastin, l3montree UG (haftungsbeschränkt)

This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.

Index

Constants

View Source 
const LatestVersion = "latest"

Variables

This section is empty.

Functions

func CheckStatusType 

func CheckStatusType(statusType string) error

Types

type AffectedComponent 

type AffectedComponent struct {
	ID               string `json:"id" gorm:"primaryKey;"`
	Source           string
	PURL             string  `json:"purl" gorm:"type:text;column:purl;index"`
	Ecosystem        string  `json:"ecosystem" gorm:"type:text;"`
	Scheme           string  `json:"scheme" gorm:"type:text;"`
	Type             string  `json:"type" gorm:"type:text;"`
	Name             string  `json:"name" gorm:"type:text;"`
	Namespace        *string `json:"namespace" gorm:"type:text;"`
	Qualifiers       *string `json:"qualifiers" gorm:"type:text;"`
	Subpath          *string `json:"subpath" gorm:"type:text;"`
	Version          *string `json:"version" gorm:"index"` // either version or semver is defined
	SemverIntroduced *string `json:"semverStart" gorm:"type:semver;index"`
	SemverFixed      *string `json:"semverEnd" gorm:"type:semver;index"`

	VersionIntroduced *string `json:"versionIntroduced" gorm:"index"` // for non semver packages - if both are defined, THIS one should be used for displaying. We might fake semver versions just for database querying and ordering
	VersionFixed      *string `json:"versionFixed" gorm:"index"`      // for non semver packages - if both are defined, THIS one should be used for displaying. We might fake semver versions just for database querying and ordering

	CVE []CVE `json:"cves" gorm:"many2many:cve_affected_component;constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
}

func AffectedComponentFromOSV added in v0.5.1 

func AffectedComponentFromOSV(osv obj.OSV) []AffectedComponent

func (*AffectedComponent) BeforeSave added in v0.5.1 

func (affectedComponent *AffectedComponent) BeforeSave(tx *gorm.DB) error

func (AffectedComponent) CalculateHash added in v0.5.1 

func (a AffectedComponent) CalculateHash() string

func (AffectedComponent) TableName 

func (affectedComponent AffectedComponent) TableName() string

type Asset 

type Asset struct {
	Model
	Name string `json:"name" gorm:"type:text"`
	Slug string `json:"slug" gorm:"type:text;uniqueIndex:idx_app_project_slug;not null;"`

	ProjectID   uuid.UUID `json:"projectId" gorm:"uniqueIndex:idx_app_project_slug;not null;type:uuid;"`
	Description string    `json:"description" gorm:"type:text"`
	Flaws       []Flaw    `json:"flaws" gorm:"foreignKey:AssetID;constraint:OnDelete:CASCADE;"`

	Type AssetType `json:"type" gorm:"type:text;not null;"`

	Importance            int  `json:"importance" gorm:"default:1;"`
	ReachableFromInternet bool `json:"reachableFromInternet" gorm:"default:false;"`

	ConfidentialityRequirement RequirementLevel `json:"confidentialityRequirement" gorm:"default:'high';not null;type:text;"`
	IntegrityRequirement       RequirementLevel `json:"integrityRequirement" gorm:"default:'high';not null;type:text;"`
	AvailabilityRequirement    RequirementLevel `json:"availabilityRequirement" gorm:"default:'high';not null;type:text;"`

	Components []ComponentDependency `json:"components" gorm:"hasMany;constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`

	Version             string    `json:"version" gorm:"type:text;"`
	LastComponentUpdate time.Time `json:"lastComponentUpdate"`

	RepositoryID *string `json:"repositoryId" gorm:"type:text;"` // the id will be prefixed with the provider name, e.g. github:<github app installation id>:123456
}

func (Asset) GetCurrentAssetComponents 

func (m Asset) GetCurrentAssetComponents() []ComponentDependency

func (Asset) TableName 

func (m Asset) TableName() string

type AssetType 

type AssetType string
const (
	AssetTypeApplication    AssetType = "application"
	AssetTypeInfrastructure AssetType = "infrastructure"
)

type CPEMatch 

type CPEMatch struct {
	MatchCriteriaID string `json:"matchCriteriaId" gorm:"primaryKey;type:text;"`
	Criteria        string `json:"criteria" gorm:"type:text;"`
	Part            string `json:"part" gorm:"index;type:text;"`
	Vendor          string `json:"vendor" gorm:"index;type:text;"`
	Product         string `json:"product" gorm:"index;type:text;"`

	Update    string `json:"update" gorm:"type:text;"`
	Edition   string `json:"edition" gorm:"type:text;"`
	Language  string `json:"language" gorm:"type:text;"`
	SwEdition string `json:"swEdition" gorm:"type:text;"`
	TargetSw  string `json:"targetSw" gorm:"type:text;"`
	TargetHw  string `json:"targetHw" gorm:"type:text;"`
	Other     string `json:"other" gorm:"type:text;"`

	Version string `json:"version" gorm:"index;type:text;"` // if any, should be '*'

	VersionEndExcluding *string `json:"versionEndExcluding" gorm:"index;type:text;"`
	VersionEndIncluding *string `json:"versionEndIncluding" gorm:"index;type:text;"`

	VersionStartIncluding *string `json:"versionStartIncluding" gorm:"index;type:text;"`
	VersionStartExcluding *string `json:"versionStartExcluding" gorm:"index;type:text;"`

	Vulnerable bool `json:"vulnerable" gorm:"type:boolean;"`

	CVEs []*CVE `json:"cve" gorm:"many2many:cve_cpe_match;constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
}

func (*CPEMatch) BeforeSave added in v0.5.1 

func (c *CPEMatch) BeforeSave(*gorm.DB) error

func (*CPEMatch) CalculateHash added in v0.5.1 

func (c *CPEMatch) CalculateHash() string

there is no stable id across the nvd and the cvelist project. we need to create a stable id for the cpe match thus use the criteria to create a stable id by hashing it

type CVE 

type CVE struct {
	CVE string `json:"cve" gorm:"primaryKey;not null;type:text;"`

	CreatedAt time.Time `json:"createdAt"`
	UpdatedAt time.Time `json:"updatedAt"`

	DatePublished    time.Time `json:"datePublished"`
	DateLastModified time.Time `json:"dateLastModified"`

	Weaknesses  []*Weakness `json:"weaknesses" gorm:"foreignKey:CVEID;constraint:OnDelete:CASCADE;"`
	Description string      `json:"description" gorm:"type:text;"`

	CVSS                float32  `json:"cvss" gorm:"type:decimal(4,2);"`
	Severity            Severity `json:"severity"`
	ExploitabilityScore float32  `json:"exploitabilityScore" gorm:"type:decimal(4,2);"`
	ImpactScore         float32  `json:"impactScore" gorm:"type:decimal(4,2);"`

	AttackVector          string `json:"attackVector"`
	AttackComplexity      string `json:"attackComplexity"`
	PrivilegesRequired    string `json:"privilegesRequired"`
	UserInteraction       string `json:"userInteractionRequired"`
	Scope                 string `json:"scope"`
	ConfidentialityImpact string `json:"confidentialityImpact"`
	IntegrityImpact       string `json:"integrityImpact"`
	AvailabilityImpact    string `json:"availabilityImpact"`

	References string `json:"references" gorm:"type:text;"`

	CISAExploitAdd        *datatypes.Date `json:"cisaExploitAdd" gorm:"type:date;"`
	CISAActionDue         *datatypes.Date `json:"cisaActionDue" gorm:"type:date;"`
	CISARequiredAction    string          `json:"cisaRequiredAction" gorm:"type:text;"`
	CISAVulnerabilityName string          `json:"cisaVulnerabilityName" gorm:"type:text;"`

	Configurations []*CPEMatch `json:"configurations" gorm:"many2many:cve_cpe_match;"`

	EPSS       *float64 `json:"epss" gorm:"type:decimal(6,5);"`
	Percentile *float32 `json:"percentile" gorm:"type:decimal(6,5);"`

	AffectedComponents []AffectedComponent `json:"affectedComponents" gorm:"many2many:cve_affected_component"`

	Vector string `json:"vector" gorm:"type:text;"`

	Risk     obj.RiskMetrics `json:"risk" gorm:"-"`
	Exploits []*Exploit      `json:"exploits" gorm:"foreignKey:CVEID;"`
}

func (CVE) GetReferences 

func (m CVE) GetReferences() ([]cveReference, error)

func (CVE) TableName 

func (m CVE) TableName() string

type CWE 

type CWE struct {
	CreatedAt time.Time    `json:"createdAt"`
	UpdatedAt time.Time    `json:"updatedAt"`
	DeletedAt sql.NullTime `gorm:"index" json:"-"`

	CWE string `json:"cwe" gorm:"primaryKey;not null;"`

	Description string `json:"description" gorm:"type:text;"`
}

func (CWE) TableName 

func (m CWE) TableName() string

type Comment 

type Comment struct {
	Model
	FlawID  uuid.UUID `json:"flawId"`
	UserID  uuid.UUID `json:"userId"`
	Comment string    `json:"comment"`
}

func (Comment) TableName 

func (m Comment) TableName() string

type Component 

type Component struct {
	// either cpe or purl is set
	Purl          string                `json:"purl" gorm:"primaryKey;column:purl"` // without qualifiers!
	Dependencies  []ComponentDependency `json:"dependsOn" gorm:"hasMany;"`
	Asset         Asset                 `json:"asset" gorm:"foreignKey:AssetID;constraint:OnDelete:CASCADE;"`
	AssetID       uuid.UUID             `json:"assetId" gorm:"column:asset_id;type:uuid;"`
	ScanType      string                `json:"scanType"` // the type of scan, which detected this component. It might be sca or container-scanning - whatever can generate a sbom.
	ComponentType ComponentType         `json:"componentType"`
	Version       string                `json:"version"`
}

func (Component) TableName 

func (c Component) TableName() string

type ComponentDependency 

type ComponentDependency struct {
	ID uuid.UUID `gorm:"primarykey;type:uuid;default:gen_random_uuid()" json:"id"`

	// the provided sbom from cyclondx only contains the transitive dependencies, which do really get used
	// this means, that the dependency graph between people using the same library might differ, since they use it differently
	// we use edges, which provide the information, that a component is used by another component in one asset
	AssetSemverStart string    `json:"semverStart" gorm:"column:semver_start;type:semver"`
	AssetSemverEnd   *string   `json:"semverEnd" gorm:"column:semver_end;type:semver"`
	Component        Component `json:"component" gorm:"foreignKey:ComponentPurl;references:Purl"`
	ComponentPurl    *string   `json:"componentPurl" gorm:"column:component_purl;"` // will be nil, for direct dependencies
	Dependency       Component `json:"dependency" gorm:"foreignKey:DependencyPurl;references:Purl"`
	DependencyPurl   string    `json:"dependencyPurl" gorm:"column:dependency_purl;"`
	AssetID          uuid.UUID `json:"assetId" gorm:"column:asset_id;type:uuid;"`
	Asset            Asset     `json:"asset" gorm:"foreignKey:AssetID;constraint:OnDelete:CASCADE;"`
	ScanType         string    `json:"scanType"` // the type of scan, which detected this component. It might be sca or container-scanning - whatever can generate a sbom.

	Depth int `json:"depth" gorm:"column:depth"`
}

func GetOnlyDirectDependencies 

func GetOnlyDirectDependencies(deps []ComponentDependency) []ComponentDependency

func (ComponentDependency) TableName 

func (c ComponentDependency) TableName() string

type ComponentType added in v0.5.1 

type ComponentType string
const (
	ComponentTypeApplication          ComponentType = "application"
	ComponentTypeContainer            ComponentType = "container"
	ComponentTypeData                 ComponentType = "data"
	ComponentTypeDevice               ComponentType = "device"
	ComponentTypeDeviceDriver         ComponentType = "device-driver"
	ComponentTypeFile                 ComponentType = "file"
	ComponentTypeFirmware             ComponentType = "firmware"
	ComponentTypeFramework            ComponentType = "framework"
	ComponentTypeLibrary              ComponentType = "library"
	ComponentTypeMachineLearningModel ComponentType = "machine-learning-model"
	ComponentTypeOS                   ComponentType = "operating-system"
	ComponentTypePlatform             ComponentType = "platform"
)

type Config 

type Config struct {
	Key string `gorm:"primarykey"`
	Val string `gorm:"type:text"`
}

func (Config) TableName 

func (Config) TableName() string

type Exploit 

type Exploit struct {
	ID          string     `json:"id" gorm:"primaryKey;"`
	Published   *time.Time `json:"pushed_at" gorm:"type:date;"`
	Updated     *time.Time `json:"updated_at" gorm:"type:date;"`
	Author      string     `json:"author" gorm:"type:text;"`
	Type        string     `json:"type" gorm:"type:text;"`
	Verified    bool       `json:"verified" gorm:"type:boolean;"`
	SourceURL   string     `json:"sourceURL" gorm:"type:text;"`
	Description string     `json:"description" gorm:"type:text;"`
	CVE         CVE        `json:"-" gorm:"foreignKey:CVEID;constraint:OnDelete:CASCADE;"`
	CVEID       string     `json:"cveID" gorm:"type:text;"`
	Tags        string     `json:"tags" gorm:"type:text;"`
	Forks       int        `json:"forks" gorm:"type:integer;"`
	Watchers    int        `json:"watchers" gorm:"type:integer;"`
	Subscribers int        `json:"subscribers_count" gorm:"type:integer;"`
	Stars       int        `json:"stargazers_count" gorm:"type:integer;"`
}

func (Exploit) TableName 

func (m Exploit) TableName() string

type Flaw 

type Flaw struct {
	ID string `json:"id" gorm:"primaryKey;not null;"`
	// the scanner which was used to detect this flaw
	ScannerID string `json:"scanner" gorm:"not null;"`

	Message  *string     `json:"message"`
	Comments []Comment   `gorm:"foreignKey:FlawID;constraint:OnDelete:CASCADE;" json:"comments"`
	Events   []FlawEvent `gorm:"foreignKey:FlawID;constraint:OnDelete:CASCADE;" json:"events"`
	AssetID  uuid.UUID   `json:"assetId" gorm:"not null;"`
	State    FlawState   `json:"state" gorm:"default:'open';not null;type:text;"`

	CVE           *CVE       `json:"cve"`
	CVEID         string     `json:"cveId" gorm:"null;type:text;default:null;"`
	Component     *Component `json:"component" gorm:"foreignKey:ComponentPurl;constraint:OnDelete:CASCADE;"`
	ComponentPurl string     `json:"componentPurl" gorm:"type:text;default:null;"`

	Effort            *int     `json:"effort" gorm:"default:null;"`
	RiskAssessment    *int     `json:"riskAssessment" gorm:"default:null;"`
	RawRiskAssessment *float64 `json:"rawRiskAssessment" gorm:"default:null;"`

	Priority *int `json:"priority" gorm:"default:null;"`

	ArbitraryJsonData string `json:"arbitraryJsonData" gorm:"type:text;"`

	LastDetected time.Time `json:"lastDetected" gorm:"default:now();not null;"`

	TicketID  *string `json:"ticketId" gorm:"default:null;"` // might be set by integrations
	TicketURL *string `json:"ticketUrl" gorm:"default:null;"`

	CreatedAt time.Time    `json:"createdAt"`
	UpdatedAt time.Time    `json:"updatedAt"`
	DeletedAt sql.NullTime `gorm:"index" json:"-"`
	// contains filtered or unexported fields
}

func (*Flaw) BeforeSave added in v0.5.1 

func (f *Flaw) BeforeSave(tx *gorm.DB) (err error)

hook to calculate the hash before creating the flaw

func (*Flaw) CalculateHash 

func (m *Flaw) CalculateHash() string

func (*Flaw) GetArbitraryJsonData 

func (m *Flaw) GetArbitraryJsonData() map[string]any

func (*Flaw) GetComponentDepth added in v0.4.19 

func (f *Flaw) GetComponentDepth() int

func (*Flaw) SetArbitraryJsonData 

func (m *Flaw) SetArbitraryJsonData(data map[string]any)

func (Flaw) TableName 

func (m Flaw) TableName() string

type FlawEvent 

type FlawEvent struct {
	Model
	Type   FlawEventType `json:"type" gorm:"type:text"`
	FlawID string        `json:"flawId"`
	UserID string        `json:"userId"`

	Justification *string `json:"justification" gorm:"type:text;"`

	ArbitraryJsonData string `json:"arbitraryJsonData" gorm:"type:text;"`
	// contains filtered or unexported fields
}

func NewAcceptedEvent added in v0.5.1 

func NewAcceptedEvent(flawID, userID, justification string) FlawEvent

func NewCommentEvent added in v0.5.1 

func NewCommentEvent(flawID, userID, justification string) FlawEvent

func NewDetectedEvent 

func NewDetectedEvent(flawID string, userID string, riskCalculationReport obj.RiskCalculationReport) FlawEvent

func NewFalsePositiveEvent added in v0.5.1 

func NewFalsePositiveEvent(flawID, userID, justification string) FlawEvent

func NewFixedEvent 

func NewFixedEvent(flawID string, userID string) FlawEvent

func NewMitigateEvent added in v0.5.1 

func NewMitigateEvent(flawID string, userID string, justification string, arbitraryData map[string]any) FlawEvent

func NewRawRiskAssessmentUpdatedEvent 

func NewRawRiskAssessmentUpdatedEvent(flawID string, userID string, justification string, report obj.RiskCalculationReport) FlawEvent

func NewReopenedEvent added in v0.5.1 

func NewReopenedEvent(flawID, userID, justification string) FlawEvent

func (FlawEvent) Apply 

func (e FlawEvent) Apply(flaw *Flaw)

func (*FlawEvent) GetArbitraryJsonData 

func (e *FlawEvent) GetArbitraryJsonData() map[string]any

func (*FlawEvent) SetArbitraryJsonData 

func (e *FlawEvent) SetArbitraryJsonData(data map[string]any)

func (FlawEvent) TableName 

func (m FlawEvent) TableName() string

type FlawEventType 

type FlawEventType string
const (
	EventTypeDetected FlawEventType = "detected"
	EventTypeFixed    FlawEventType = "fixed"
	EventTypeReopened FlawEventType = "reopened"

	//EventTypeRiskAssessmentUpdated FlawEventType = "riskAssessmentUpdated"
	EventTypeAccepted          FlawEventType = "accepted"
	EventTypeMitigate          FlawEventType = "mitigate"
	EventTypeFalsePositive     FlawEventType = "falsePositive"
	EventTypeMarkedForTransfer FlawEventType = "markedForTransfer"

	EventTypeRawRiskAssessmentUpdated FlawEventType = "rawRiskAssessmentUpdated"

	EventTypeComment FlawEventType = "comment"
)

type FlawState 

type FlawState string
const (
	FlawStateOpen              FlawState = "open"
	FlawStateFixed             FlawState = "fixed"         // we did not find the flaw anymore in the last scan!
	FlawStateAccepted          FlawState = "accepted"      // like ignore
	FlawStateFalsePositive     FlawState = "falsePositive" // we can use that for crowdsource vulnerability management. 27 People marked this as false positive and they have the same dependency tree - propably you are not either
	FlawStateMarkedForTransfer FlawState = "markedForTransfer"
)

type GithubAppInstallation 

type GithubAppInstallation struct {
	InstallationID int `json:"installationId" gorm:"primaryKey"`

	Org   *Org       `json:"org" gorm:"foreignKey:OrgID;constraint:OnDelete:CASCADE;"`
	OrgID *uuid.UUID `json:"orgId" gorm:"column:org_id"`

	InstallationCreatedWebhookReceivedTime time.Time `json:"installationCreatedWebhookReceivedTime"`

	SettingsURL string `json:"settingsUrl"`

	TargetType      string `json:"targetType"`
	TargetLogin     string `json:"targetLogin"`
	TargetAvatarURL string `json:"targetAvatarUrl"`
}

func (GithubAppInstallation) TableName 

func (GithubAppInstallation) TableName() string

type GithubUser added in v0.5.1 

type GithubUser struct {
	ID            int64  `json:"id" gorm:"primaryKey"`
	Username      string `json:"username"`
	AvatarURL     string `json:"avatarUrl"`
	Organizations []Org  `json:"orgs" gorm:"many2many:github_user_orgs;"`
}

func (GithubUser) TableName added in v0.5.1 

func (GithubUser) TableName() string

type Mitigation 

type Mitigation struct {
	Model
	Type             Type      `json:"mitigationType"`
	InitiatingUserID string    `json:"initiatingUserId"`
	ResultID         uuid.UUID `json:"resultId"`

	DueDate    *time.Time     `json:"dueDate"`
	Properties datatypes.JSON `gorm:"type:jsonb;default:'{}';not null"`

	MitigationPending bool   `json:"mitigationPending" gorm:"default:false"` // will be true for fix and transfer types - we are waiting for another scan report which verifies, that the related result is fixed. Will be false for avoid and accept types
	Justification     string `json:"justification"`
}

type Model 

type Model struct {
	ID        uuid.UUID    `gorm:"primarykey;type:uuid;default:gen_random_uuid()" json:"id"`
	CreatedAt time.Time    `json:"createdAt"`
	UpdatedAt time.Time    `json:"updatedAt"`
	DeletedAt sql.NullTime `gorm:"index" json:"-"`
}

func (Model) GetID 

func (a Model) GetID() uuid.UUID

func (Model) TableName 

func (m Model) TableName() string

type Org 

type Org struct {
	Model
	Name                   string    `json:"name" gorm:"type:text"`
	ContactPhoneNumber     *string   `json:"contactPhoneNumber" gorm:"type:text"`
	NumberOfEmployees      *int      `json:"numberOfEmployees"`
	Country                *string   `json:"country" gorm:"type:text"`
	Industry               *string   `json:"industry" gorm:"type:text"`
	CriticalInfrastructure bool      `json:"criticalInfrastructure"`
	ISO27001               bool      `json:"iso27001"`
	NIST                   bool      `json:"nist"`
	Grundschutz            bool      `json:"grundschutz"`
	Projects               []Project `json:"projects" gorm:"foreignKey:OrganizationID;"`
	Slug                   string    `json:"slug" gorm:"type:text;unique;not null;index"`
	Description            string    `json:"description" gorm:"type:text"`

	GithubAppInstallations []GithubAppInstallation `json:"githubAppInstallations" gorm:"foreignKey:OrgID;"`
}

type PAT 

type PAT struct {
	CreatedAt   time.Time `json:"createdAt"`
	UserID      uuid.UUID `json:"userId"`
	PubKey      string    `json:"pubKey"`
	Description string    `json:"description" gorm:"type:text"`
	ID          uuid.UUID `json:"id" gorm:"type:uuid;default:gen_random_uuid()"`
	Fingerprint string    `json:"fingerprint"`
}

func (PAT) GetUserID 

func (p PAT) GetUserID() string

func (PAT) HashToken 

func (p PAT) HashToken(token string) string

func (PAT) TableName 

func (p PAT) TableName() string

type Project 

type Project struct {
	Model
	Name           string    `json:"name" gorm:"type:text"`
	Assets         []Asset   `json:"assets" gorm:"foreignKey:ProjectID;constraint:OnDelete:CASCADE;"`
	OrganizationID uuid.UUID `json:"organizationId" gorm:"uniqueIndex:idx_project_org_slug;not null;type:uuid"`
	Slug           string    `json:"slug" gorm:"type:text;uniqueIndex:idx_project_org_slug;not null"`
	Description    string    `json:"description" gorm:"type:text"`
}

func (Project) TableName 

func (m Project) TableName() string

type RequirementLevel 

type RequirementLevel string
const (
	RequirementLevelLow    RequirementLevel = "low"
	RequirementLevelMedium RequirementLevel = "medium"
	RequirementLevelHigh   RequirementLevel = "high"
)

type Severity 

type Severity string
const (
	SeverityCritical Severity = "critical"
	SeverityHigh     Severity = "high"
	SeverityMedium   Severity = "medium"
	SeverityLow      Severity = "low"
	SeverityInfo     Severity = "info"
)

type Type 

type Type string
const (
	TypeAvoid    Type = "avoid"
	TypeAccept   Type = "accept"
	TypeFix      Type = "fix"
	TypeTransfer Type = "transfer"
)

type VulnInPackage 

type VulnInPackage struct {
	CVEID             string
	CVE               CVE
	FixedVersion      *string
	IntroducedVersion *string
	PackageName       string
	Purl              string
	InstalledVersion  string
	Depth             int
}

func (VulnInPackage) GetFixedVersion 

func (v VulnInPackage) GetFixedVersion() string

func (VulnInPackage) GetIntroducedVersion 

func (v VulnInPackage) GetIntroducedVersion() string

type Weakness 

type Weakness struct {
	Source string `json:"source" gorm:"type:text;"`
	Type   string `json:"type" gorm:"type:text;"`
	CVEID  string `json:"cve" gorm:"primaryKey;not null;type:text;"`
	CVE    CVE
	CWEID  string `json:"cwe" gorm:"primaryKey;not null;type:text;"`
}

func (Weakness) TableName 

func (m Weakness) TableName() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.