The highest tagged major version is
Documentation
¶
Overview ¶
Package ruleset provides code for the analyzer to use to load external scanner configurations. These rulesets are loaded from .gitlab/{sast}-ruleset.toml.
Index ¶
Constants ¶
const ( // EnvVarGitlabFeatures lists Gitlab features available EnvVarGitlabFeatures = "GITLAB_FEATURES" // GitlabFeatureCustomRulesetsSAST indicates that sast custom rulesets are enabled GitlabFeatureCustomRulesetsSAST = "sast_custom_rulesets" // PathSAST is the default path to custom sast rules PathSAST = ".gitlab/sast-ruleset.toml" // PathSecretDetection is the default path to custom secret detection rulesets PathSecretDetection = ".gitlab/secret-detection-ruleset.toml" // PassThroughFile should be used when the ruleset passthrough is a file. PassThroughFile PassThroughType = "file" // PassThroughRaw should be used when the ruleset passthrough is defined inline. PassThroughRaw PassThroughType = "raw" )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Config ¶ added in v2.21.0
type Config struct {
PassThrough []PassThrough
Ruleset []Ruleset
Path string
}
Config is used for overriding default scanner configurations for the analyzers.
type ConfigFileNotFoundError ¶ added in v2.21.1
type ConfigFileNotFoundError struct {
RulesetPath string
}
ConfigFileNotFoundError indicates the config file was not found
func (*ConfigFileNotFoundError) Error ¶ added in v2.21.1
func (e *ConfigFileNotFoundError) Error() string
Error formats and returns a ConfigFileNotFoundError
type ConfigNotFoundError ¶ added in v2.21.1
ConfigNotFoundError indicates custom rule config is not found
func (*ConfigNotFoundError) Error ¶ added in v2.21.1
func (e *ConfigNotFoundError) Error() string
Error formats and returns a ConfigNotFoundError
type Identifier ¶ added in v2.21.0
Identifier is a vulnerability id. Identifier.Value is used to filter or override vulnerability information in the final report.
type InvalidConfig ¶ added in v2.21.1
InvalidConfig indicates an invalid toml file
func (*InvalidConfig) Error ¶ added in v2.21.1
func (e *InvalidConfig) Error() string
Error formats and returns an InvalidConfig
type NotEnabledError ¶ added in v2.21.1
type NotEnabledError struct{}
NotEnabledError indicates custom rulesets have not been enabled
func (*NotEnabledError) Error ¶ added in v2.21.1
func (e *NotEnabledError) Error() string
Error formats and returns a NotEnabledError
type PassThrough ¶
type PassThrough struct {
Type PassThroughType
Target string
Value string
}
PassThrough is a struct that analyzers use to load external scanner configurations. Users can define in a project's ruleset file a PassThroughType (file, raw) and a value. Depending on the type, the value will either be a scanner specific file configuration or an inline configuration.
type PassThroughType ¶
type PassThroughType string
PassThroughType determines how the analyzer loads the ruleset which can either be via a file or defined inline.
type Ruleset ¶
type Ruleset struct {
Identifier Identifier
Disable bool
}
Ruleset is used for disabling rules
Source Files