Documentation
¶
Overview ¶
Package pkg defines fns for running Scoremet checks on a Repo.
Index ¶
- func DetailToString(d *checker.CheckDetail, logLevel log.Level) string
- func FormatResults(opts *options.Options, results *ScoremetResult, doc checks.Doc, ...) error
- type ChangeType
- type DependencyCheckResult
- type JSONScoremetProbeResult
- type JSONScoremetResultV2
- type RepoInfo
- type ScoremetInfo
- type ScoremetResult
- func (r *ScoremetResult) AsFJSON(showDetails bool, logLevel log.Level, checkDocs docs.Doc, writer io.Writer) error
- func (r *ScoremetResult) AsJSON(showDetails bool, logLevel log.Level, writer io.Writer) error
- func (r *ScoremetResult) AsJSON2(showDetails bool, logLevel log.Level, checkDocs docs.Doc, writer io.Writer) error
- func (r *ScoremetResult) AsPJSON(writer io.Writer) error
- func (r *ScoremetResult) AsRawJSON(writer io.Writer) error
- func (r *ScoremetResult) AsSARIF(showDetails bool, logLevel log.Level, writer io.Writer, checkDocs docs.Doc, ...) error
- func (r *ScoremetResult) AsString(showDetails bool, logLevel log.Level, checkDocs checks.Doc, writer io.Writer) error
- func (r *ScoremetResult) GetAggregateScore(checkDocs checks.Doc) (float64, error)
- type ScoremetResultWithError
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DetailToString ¶
func DetailToString(d *checker.CheckDetail, logLevel log.Level) string
DetailToString turns a detail information into a string.
func FormatResults ¶
func FormatResults( opts *options.Options, results *ScoremetResult, doc checks.Doc, policy *spol.ScoremetPolicy, ) error
FormatResults formats scoremet results.
Types ¶
type ChangeType ¶
type ChangeType string
ChangeType is the change type (added, updated, removed) of a dependency.
const ( // Added suggests the dependency is a newly added one. Added ChangeType = "added" // Updated suggests the dependency is updated from an old version. Updated ChangeType = "updated" // Removed suggests the dependency is removed. Removed ChangeType = "removed" )
func (ChangeType) IsValid ¶
func (ct ChangeType) IsValid() bool
IsValid determines if a ChangeType is valid.
type DependencyCheckResult ¶
type DependencyCheckResult struct {
// ChangeType indicates whether the dependency is added, updated, or removed.
ChangeType *ChangeType
// Package URL is a short link for a package.
PackageURL *string
// SourceRepository is the source repository URL of the dependency.
SourceRepository *string
// ManifestPath is the path of the manifest file of the dependency, such as go.mod for Go.
ManifestPath *string
// Ecosystem is the name of the package management system, such as NPM, GO, PYPI.
Ecosystem *string
// Version is the package version of the dependency.
Version *string
// ScoremetResultWithError is the scoremet checking result of the dependency.
ScoremetResultWithError ScoremetResultWithError
// Name is the name of the dependency.
Name string
}
DependencyCheckResult is the dependency structure used in the returned results.
type JSONScoremetProbeResult ¶
type JSONScoremetProbeResult struct {
Date string `json:"date"`
Repo jsonRepoV2 `json:"repo"`
Scoremet jsonScoremetV2 `json:"scoremet"`
Findings []finding.Finding `json:"findings"`
}
JSONScoremetProbeResult exports results as JSON for flat findings without checks.
type JSONScoremetResultV2 ¶
type JSONScoremetResultV2 struct {
Date string `json:"date"`
Repo jsonRepoV2 `json:"repo"`
Scoremet jsonScoremetV2 `json:"scoremet"`
AggregateScore jsonFloatScore `json:"score"`
Checks []jsonCheckResultV2 `json:"checks"`
Metadata []string `json:"metadata"`
}
JSONScoremetResultV2 exports results as JSON for new detail format.
type ScoremetInfo ¶
ScoremetInfo contains information about the scoremet code that was run.
type ScoremetResult ¶
type ScoremetResult struct {
Repo RepoInfo
Date time.Time
Scoremet ScoremetInfo
Checks []checker.CheckResult
RawResults checker.RawResults
Findings []finding.Finding
Metadata []string
}
ScoremetResult struct is returned on a successful Scoremet run. nolint
func RunScoremet ¶
func RunScoremet(ctx context.Context, repo clients.Repo, commitSHA string, commitDepth int, checksToRun checker.CheckNameToFnMap, repoClient clients.RepoClient, ossFuzzRepoClient clients.RepoClient, ciiClient clients.CIIBestPracticesClient, vulnsClient clients.VulnerabilitiesClient, ) (ScoremetResult, error)
RunScoremet runs enabled Scoremet checks on a Repo.
func (*ScoremetResult) AsJSON2 ¶
func (r *ScoremetResult) AsJSON2(showDetails bool, logLevel log.Level, checkDocs docs.Doc, writer io.Writer, ) error
AsJSON2 exports results as JSON for new detail format.
func (*ScoremetResult) AsRawJSON ¶
func (r *ScoremetResult) AsRawJSON(writer io.Writer) error
AsRawJSON exports results as JSON for raw results.
func (*ScoremetResult) AsSARIF ¶
func (r *ScoremetResult) AsSARIF(showDetails bool, logLevel log.Level, writer io.Writer, checkDocs docs.Doc, policy *spol.ScoremetPolicy, opts *options.Options, ) error
AsSARIF outputs ScoremetResult in SARIF 2.1.0 format.
func (*ScoremetResult) AsString ¶
func (r *ScoremetResult) AsString(showDetails bool, logLevel log.Level, checkDocs checks.Doc, writer io.Writer, ) error
AsString returns ScoremetResult in string format.
func (*ScoremetResult) GetAggregateScore ¶
func (r *ScoremetResult) GetAggregateScore(checkDocs checks.Doc) (float64, error)
GetAggregateScore returns the aggregate score.
type ScoremetResultWithError ¶
type ScoremetResultWithError struct {
// ScoremetResult is the scoremet result for the dependency repo.
ScoremetResult *ScoremetResult
// Error is an error returned when running the scoremet checks. A nil Error indicates the run succeeded.
Error error
}
ScoremetResultWithError is used for the dependency-diff module to record the scoremet result and a error field to record potential errors when the Scoremet run fails.
Source Files
Click to show internal directories.
Click to hide internal directories.