osv

package
v0.24.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 2, 2026 License: MIT Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrScannerNotFound = errors.New("osv: osv-scanner executable was not found")

Functions

This section is empty.

Types

type Affected 

type Affected struct {
	DatabaseSpecific  map[string]any   `json:"database_specific,omitempty"`
	EcosystemSpecific map[string]any   `json:"ecosystem_specific,omitempty"`
	Package           *AffectedPackage `json:"package,omitempty"`
	Ranges            []AffectedRange  `json:"ranges,omitempty"`
	Severities        []Severity       `json:"severity,omitempty"`
	Versions          []string         `json:"versions,omitempty"`
}

type AffectedPackage 

type AffectedPackage struct {
	Ecosystem string `json:"ecosystem"`
	Name      string `json:"name"`
	Purl      string `json:"purl,omitempty"`
}

type AffectedRange 

type AffectedRange struct {
	Type             string         `json:"type"`
	DatabaseSpecific map[string]any `json:"database_specific,omitempty"`
	Events           []Event        `json:"events,omitempty"`
	Repo             string         `json:"repo,omitempty"`
}

type Credit 

type Credit struct {
	Name    string   `json:"name"`
	Contact []string `json:"contact,omitempty"`
	Type    string   `json:"type,omitempty"`
}

type Event 

type Event struct {
	Introduced   string `json:"introduced,omitempty"`
	Fixed        string `json:"fixed,omitempty"`
	LastAffected string `json:"last_affected,omitempty"`
	Limit        string `json:"limit,omitempty"`
}

type NormalizedSeverity 

type NormalizedSeverity string
const (
	NormalizedSeverityCritical    NormalizedSeverity = "critical"
	NormalizedSeverityHigh        NormalizedSeverity = "high"
	NormalizedSeverityMedium      NormalizedSeverity = "medium"
	NormalizedSeverityLow         NormalizedSeverity = "low"
	NormalizedSeverityUnspecified NormalizedSeverity = "unspecified"
)

func (NormalizedSeverity) Compare 

func (s NormalizedSeverity) Compare(o NormalizedSeverity) int

Compare returns negative if s is of higher severity than o. Positive if s is of lower severity than o. 0 if equivalent (or both severities are unknown).

Useful to sort severities using functions like slices.Sort.

type Reference 

type Reference struct {
	Type ReferenceType `json:"type"`
	URL  string        `json:"url"`
}

type ReferenceType 

type ReferenceType string
const (
	ReferenceTypeAdvisory   ReferenceType = "ADVISORY"
	ReferenceTypeArticle    ReferenceType = "ARTICLE"
	ReferenceTypeDetection  ReferenceType = "DETECTION"
	ReferenceTypeDiscussion ReferenceType = "DISCUSSION"
	ReferenceTypeReport     ReferenceType = "REPORT"
	ReferenceTypeFix        ReferenceType = "FIX"
	ReferenceTypeGit        ReferenceType = "GIT"
	ReferenceTypeIntroduced ReferenceType = "INTRODUCED"
	ReferenceTypePackage    ReferenceType = "PACKAGE"
	ReferenceTypeEvidence   ReferenceType = "EVIDENCE"
	ReferenceTypeWeb        ReferenceType = "WEB"
)

type Severity 

type Severity struct {
	Type  string `json:"type"`
	Score string `json:"score"`
}

type Vulnerability 

type Vulnerability struct {
	ID               string         `json:"id"`
	Modified         time.Time      `json:"modified"`
	Affected         []Affected     `json:"affected,omitempty"`
	Aliases          []string       `json:"aliases,omitempty"`
	Credits          []Credit       `json:"credits,omitempty"`
	DatabaseSpecific map[string]any `json:"database_specific,omitempty"`
	Details          string         `json:"details,omitempty"`
	Published        *time.Time     `json:"published,omitempty"`
	References       []Reference    `json:"references,omitempty"`
	Related          []string       `json:"related,omitempty"`
	SchemaVersion    string         `json:"schema_version,omitempty"`
	Severities       []Severity     `json:"severity,omitempty"`
	Summary          string         `json:"summary,omitempty"`
	Withdrawn        *time.Time     `json:"withdrawn,omitempty"`
}

A schema for describing a vulnerability in an open source package. See also https://ossf.github.io/osv-schema/.

func ScanSPDX 

func ScanSPDX(ctx context.Context, sbom string) ([]Vulnerability, error)

ScanSPDX scans a SBOM of the SPDX format.

func (Vulnerability) NormalizedSeverity 

func (o Vulnerability) NormalizedSeverity() NormalizedSeverity

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.