v1.0.4 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Feb 6, 2024 License: BSD-3-Clause Imports: 21 Imported by: 0



Package client provides an interface for accessing vulnerability databases, via either HTTP or local filesystem access.

The protocol is described at



This section is empty.


This section is empty.


This section is empty.


type Client

type Client struct {
	// contains filtered or unexported fields

A Client for reading vulnerability databases.

func NewClient

func NewClient(source string, opts *Options) (_ *Client, err error)

NewClient returns a client that reads the vulnerability database in source (an "http" or "file" prefixed URL).

It supports databases following the API described in

func NewInMemoryClient

func NewInMemoryClient(entries []*osv.Entry) (*Client, error)

func (*Client) ByModules added in v0.2.0

func (c *Client) ByModules(ctx context.Context, reqs []*ModuleRequest) (_ []*ModuleResponse, err error)

ByModules returns a list of responses containing the OSV entries corresponding to each request.

The order of the requests is preserved, and each request has a response even if there are no entries (in which case the Entries field is nil).

func (*Client) LastModifiedTime

func (c *Client) LastModifiedTime(ctx context.Context) (_ time.Time, err error)

type ModuleRequest added in v0.2.0

type ModuleRequest struct {
	// The module path to filter on.
	// This must be set (if empty, ByModule errors).
	Path string
	// (Optional) If set, only return vulnerabilities affected
	// at this version.
	Version string

type ModuleResponse added in v0.2.0

type ModuleResponse struct {
	Path    string
	Version string
	Entries []*osv.Entry

type Options

type Options struct {
	HTTPClient *http.Client

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL