govulncheck

package

v0.13.0-pre.2 Latest Latest Go to latest Published: Jul 26, 2023 License: BSD-3-Clause Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

cs.opensource.google/go/x/tools

Links

Report a Vulnerability

Documentation ¶

Overview ¶

Package govulncheck provides an experimental govulncheck API.

Index ¶

Variables
func LatestFixed(modulePath string, as []osv.Affected) string
func NewInMemoryCache(underlying vulnc.Cache) *inMemoryCache
type AnalysisMode
type CallStack
type Config
type Module
type Package
type Result
type StackFrame
type Vuln

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// Source reports vulnerabilities that affect the analyzed packages.
	Source = govulncheck.Source

	// DefaultCache constructs cache for a vulnerability database client.
	DefaultCache = govulncheck.DefaultCache
)

Functions ¶

func LatestFixed ¶

func LatestFixed(modulePath string, as []osv.Affected) string

LatestFixed returns the latest fixed version in the list of affected ranges, or the empty string if there are no fixed versions.

func NewInMemoryCache ¶ added in v0.11.0

func NewInMemoryCache(underlying vulnc.Cache) *inMemoryCache

NewInMemoryCache returns a new memory-based cache that decorates the provided cache (file-based, perhaps).

Types ¶

type AnalysisMode ¶ added in v0.11.0

type AnalysisMode string

const (
	ModeInvalid     AnalysisMode = "" // zero value
	ModeGovulncheck AnalysisMode = "govulncheck"
	ModeImports     AnalysisMode = "imports"
)

type CallStack ¶ added in v0.11.0

type CallStack = govulncheck.CallStack

CallStacks contains a representative call stack for each vulnerable symbol that is called.

type Config ¶ added in v0.11.0

type Config = govulncheck.Config

Config is the configuration for Main.

type Module ¶ added in v0.11.0

type Module = govulncheck.Module

Module represents a specific vulnerability relevant to a single module or package.

type Package ¶ added in v0.11.0

type Package = govulncheck.Package

Package is a Go package with known vulnerable symbols.

type Result ¶ added in v0.11.0

type Result struct {
	// Vulns contains all vulnerabilities that are called or imported by
	// the analyzed module.
	Vulns []*Vuln `json:",omitempty"`

	// Mode contains the source of the vulnerability info.
	// Clients of the gopls.fetch_vulncheck_result command may need
	// to interpret the vulnerabilities differently based on the
	// analysis mode. For example, Vuln without callstack traces
	// indicate a vulnerability that is not used if the result was
	// from 'govulncheck' analysis mode. On the other hand, Vuln
	// without callstack traces just implies the package with the
	// vulnerability is known to the workspace and we do not know
	// whether the vulnerable symbols are actually used or not.
	Mode AnalysisMode `json:",omitempty"`

	// AsOf describes when this Result was computed using govulncheck.
	// It is valid only with the govulncheck analysis mode.
	AsOf time.Time `json:",omitempty"`
}

Result is the result of vulnerability scanning.

type StackFrame ¶ added in v0.11.0

type StackFrame = govulncheck.StackFrame

StackFrame represents a call stack entry.

type Vuln ¶ added in v0.10.0

type Vuln = govulncheck.Vuln

Vuln represents a single OSV entry.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
semver Package semver provides shared utilities for manipulating Go semantic versions.	Package semver provides shared utilities for manipulating Go semantic versions.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL