vdb

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 11, 2026 License: AGPL-3.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DefaultBaseURL    = "https://api.vdb.vulnetix.com"
	DefaultAPIVersion = "/v1"
	Region            = "us-east-1"
	Service           = "vdb"
	Algorithm         = "AWS4-HMAC-SHA512"
	TokenExpiry       = 15 * time.Minute
	MaxRetries        = 2
	BaseBackoff       = 2 * time.Second
)

Variables

This section is empty.

Functions

func LoadCredentials 

func LoadCredentials() (orgID, secretKey string, err error)

LoadCredentials loads VDB credentials using the centralized auth package. Returns orgID and secretKey for backward compatibility with existing callers.

func LoadFullCredentials 

func LoadFullCredentials() (*auth.Credentials, error)

LoadFullCredentials loads credentials as a full Credentials struct

Types

type CVEInfo 

type CVEInfo struct {
	Data interface{} // Store full response for display (array or object)
}

CVEInfo represents vulnerability information for a CVE

type Client 

type Client struct {
	BaseURL         string
	APIVersion      string
	OrgID           string
	SecretKey       string
	AuthMethod      auth.AuthMethod
	APIKey          string // hex digest for Direct API Key auth
	HTTPClient      *http.Client
	LastRateLimit   *RateLimitInfo
	LastCacheStatus string // "HIT", "MISS", or "" if no X-Cache header
	// contains filtered or unexported fields
}

Client represents a VDB API client

func NewClient 

func NewClient(orgID, secretKey string) *Client

NewClient creates a new VDB API client using SigV4 auth

func NewClientFromCredentials 

func NewClientFromCredentials(creds *auth.Credentials) *Client

NewClientFromCredentials creates a VDB API client from centralized credentials

func (*Client) DoRequest 

func (c *Client) DoRequest(method, path string, body interface{}) ([]byte, error)

DoRequest performs an authenticated API request with retry for transient errors.

func (*Client) GetCVE 

func (c *Client) GetCVE(cveID string) (*CVEInfo, error)

GetCVE retrieves full vulnerability data for a specific CVE

func (*Client) GetCVEFixes 

func (c *Client) GetCVEFixes(identifier string) (map[string]interface{}, error)

GetCVEFixes retrieves fix data for a specific CVE identifier

func (*Client) GetCVEsByDateRange 

func (c *Client) GetCVEsByDateRange(start, end string) (map[string]interface{}, error)

GetCVEsByDateRange retrieves paginated CVEs by date range

func (*Client) GetEcosystems 

func (c *Client) GetEcosystems() ([]Ecosystem, error)

GetEcosystems retrieves the list of available ecosystems

func (*Client) GetExploitSources 

func (c *Client) GetExploitSources() (map[string]interface{}, error)

GetExploitSources retrieves the list of exploit intelligence sources

func (*Client) GetExploitTypes 

func (c *Client) GetExploitTypes() (map[string]interface{}, error)

GetExploitTypes retrieves the list of exploit type classifications

func (*Client) GetExploits 

func (c *Client) GetExploits(identifier string) (map[string]interface{}, error)

GetExploits retrieves exploit intelligence for a specific CVE identifier

func (*Client) GetFixDistributions 

func (c *Client) GetFixDistributions() (map[string]interface{}, error)

GetFixDistributions retrieves the list of supported Linux distributions for fix advisories

func (*Client) GetGCVEIssuances 

func (c *Client) GetGCVEIssuances(year, month, limit, offset int) (*GCVEIssuancesResponse, error)

GetGCVEIssuances retrieves GCVE issuances for a given year/month with pagination

func (*Client) GetHealth 

func (c *Client) GetHealth() (map[string]interface{}, error)

GetHealth checks the API health endpoint (unauthenticated, root-level path).

func (*Client) GetIdentifiersByMonth 

func (c *Client) GetIdentifiersByMonth(year, month, limit, offset int) (*IdentifiersMonthResponse, error)

GetIdentifiersByMonth retrieves CVE identifiers published in a given year/month

func (*Client) GetMetricTypes 

func (c *Client) GetMetricTypes() (map[string]interface{}, error)

GetMetricTypes retrieves the list of vulnerability metric/scoring types

func (*Client) GetOpenAPISpec 

func (c *Client) GetOpenAPISpec() (map[string]interface{}, error)

GetOpenAPISpec retrieves the OpenAPI specification

func (*Client) GetPackageVersions 

func (c *Client) GetPackageVersions(packageName string) (map[string]interface{}, error)

GetPackageVersions retrieves all known versions for a package across ecosystems

func (*Client) GetPackageVulnerabilities 

func (c *Client) GetPackageVulnerabilities(packageName string, limit, offset int) (*VulnerabilitiesResponse, error)

GetPackageVulnerabilities retrieves vulnerabilities for a package

func (*Client) GetProductVersion 

func (c *Client) GetProductVersion(productName, version string) (map[string]interface{}, error)

GetProductVersion retrieves information for a specific product version

func (*Client) GetProductVersionEcosystem 

func (c *Client) GetProductVersionEcosystem(productName, version, ecosystem string) (map[string]interface{}, error)

GetProductVersionEcosystem retrieves product version information scoped to a specific ecosystem

func (*Client) GetProductVersions 

func (c *Client) GetProductVersions(productName string, limit, offset int) (*ProductVersionsResponse, error)

GetProductVersions retrieves all versions for a product with pagination

func (*Client) GetSources 

func (c *Client) GetSources() (map[string]interface{}, error)

GetSources retrieves the list of vulnerability data sources

func (*Client) GetToken 

func (c *Client) GetToken() (string, error)

GetToken retrieves a valid JWT token (from cache or by requesting a new one)

func (*Client) SearchIdentifiers 

func (c *Client) SearchIdentifiers(prefix string, limit, offset int) (*IdentifiersSearchResponse, error)

SearchIdentifiers retrieves CVE identifiers matching a prefix

type Ecosystem 

type Ecosystem struct {
	Name  string `json:"name"`
	Count int    `json:"count"`
}

Ecosystem represents a single ecosystem entry

type EcosystemsResponse 

type EcosystemsResponse struct {
	Timestamp  int64       `json:"timestamp"`
	Ecosystems []Ecosystem `json:"ecosystems"`
}

EcosystemsResponse represents the ecosystems list response

type ErrorResponse 

type ErrorResponse struct {
	Success bool   `json:"success"`
	Error   string `json:"error"`
	Details string `json:"details,omitempty"`
}

ErrorResponse represents an API error response

type GCVEIssuanceIdentifier 

type GCVEIssuanceIdentifier struct {
	GcveID        string `json:"gcveId"`
	CveID         string `json:"cveId"`
	DatePublished int64  `json:"datePublished"`
}

GCVEIssuanceIdentifier represents a single GCVE issuance record

type GCVEIssuancesResponse 

type GCVEIssuancesResponse struct {
	Timestamp   int64                    `json:"timestamp"`
	Year        int                      `json:"year"`
	Month       int                      `json:"month"`
	Total       int                      `json:"total"`
	Limit       int                      `json:"limit"`
	Offset      int                      `json:"offset"`
	HasMore     bool                     `json:"hasMore"`
	Identifiers []GCVEIssuanceIdentifier `json:"identifiers"`
}

GCVEIssuancesResponse represents the paginated GCVE issuances response

type IdentifiersMonthResponse 

type IdentifiersMonthResponse struct {
	Timestamp   int64    `json:"timestamp"`
	Year        int      `json:"year"`
	Month       int      `json:"month"`
	Total       int      `json:"total"`
	Limit       int      `json:"limit"`
	Offset      int      `json:"offset"`
	HasMore     bool     `json:"hasMore"`
	Identifiers []string `json:"identifiers"`
}

IdentifiersMonthResponse represents the paginated CVE identifiers response by month

type IdentifiersSearchResponse 

type IdentifiersSearchResponse struct {
	Timestamp   int64    `json:"timestamp"`
	Prefix      string   `json:"prefix"`
	Total       int      `json:"total"`
	Limit       int      `json:"limit"`
	Offset      int      `json:"offset"`
	HasMore     bool     `json:"hasMore"`
	Identifiers []string `json:"identifiers"`
}

IdentifiersSearchResponse represents the paginated CVE identifiers search response

type ProductVersionsResponse 

type ProductVersionsResponse struct {
	PackageName string          `json:"packageName"`
	Timestamp   int64           `json:"timestamp"`
	Total       int             `json:"total"`
	Limit       int             `json:"limit"`
	Offset      int             `json:"offset"`
	HasMore     bool            `json:"hasMore"`
	Versions    []VersionRecord `json:"versions"`
}

ProductVersionsResponse represents product versions with pagination

type RateLimitInfo 

type RateLimitInfo struct {
	MinuteLimit   int
	Remaining     int
	Reset         int
	WeekLimit     int
	WeekRemaining int
	WeekReset     int
	Present       bool
}

RateLimitInfo holds rate limit data returned in API response headers.

type TokenCache 

type TokenCache struct {
	Token     string
	ExpiresAt time.Time
}

TokenCache stores the JWT token and its expiration

type TokenResponse 

type TokenResponse struct {
	Token string `json:"token"`
	Iss   string `json:"iss"`
	Sub   string `json:"sub"`
	Exp   int64  `json:"exp"`
}

TokenResponse represents the JWT token response

type VersionRecord 

type VersionRecord struct {
	Version   string          `json:"version"`
	Ecosystem string          `json:"ecosystem"`
	Sources   []VersionSource `json:"sources"`
	CVEIDs    []string        `json:"cveIds,omitempty"`
}

VersionRecord represents a single version entry with ecosystem and sources

type VersionSource 

type VersionSource struct {
	SourceTable string                 `json:"sourceTable"`
	SourceID    string                 `json:"sourceId"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

VersionSource represents a data source entry for a product version

type VulnerabilitiesResponse 

type VulnerabilitiesResponse struct {
	PackageName     string          `json:"packageName"`
	Timestamp       int64           `json:"timestamp"`
	TotalCVEs       int             `json:"totalCVEs"`
	Total           int             `json:"total"`
	Limit           int             `json:"limit"`
	Offset          int             `json:"offset"`
	HasMore         bool            `json:"hasMore"`
	Versions        []VersionRecord `json:"versions"`
	Vulnerabilities []VersionRecord `json:"vulnerabilities"` // alternative key used by some API paths
	RawData         interface{}     `json:"-"`               // full parsed response for fallback display
}

VulnerabilitiesResponse represents vulnerabilities for a package

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.