Documentation
¶
Index ¶
- type Artifact
- type ArtifactLocation
- type AuditEntry
- type AuditTrail
- type ComplianceReportData
- type ComplianceStandard
- type Configuration
- type CycloneDXAuthor
- type CycloneDXComponent
- type CycloneDXDataFlow
- type CycloneDXDependency
- type CycloneDXDocument
- type CycloneDXExternalRef
- type CycloneDXFormatter
- type CycloneDXHash
- type CycloneDXLicense
- type CycloneDXLicenseChoice
- type CycloneDXMetadata
- type CycloneDXProperty
- type CycloneDXService
- type CycloneDXTool
- type CycloneDXVulnAffects
- type CycloneDXVulnAnalysis
- type CycloneDXVulnCredits
- type CycloneDXVulnIndividual
- type CycloneDXVulnOrganization
- type CycloneDXVulnRating
- type CycloneDXVulnReference
- type CycloneDXVulnSource
- type CycloneDXVulnerability
- type DetectionMethod
- type Driver
- type EnterpriseMetadata
- type EvidenceInfo
- type ExecutiveReportData
- type FuturisticFormatter
- func (f *FuturisticFormatter) PrintAnalysisResults(result *detector.CheckPackageResult)
- func (f *FuturisticFormatter) PrintBanner()
- func (f *FuturisticFormatter) PrintScanResults(result *analyzer.ScanResult)
- func (f *FuturisticFormatter) PrintScanStart(path string)
- func (f *FuturisticFormatter) PrintVersion(version string)
- type Invocation
- type Location
- type LogicalLocation
- type Message
- type PDFGenerator
- func (pg *PDFGenerator) BatchGenerateReports(reports []ReportRequest) error
- func (pg *PDFGenerator) CleanupOldReports(maxAge time.Duration) error
- func (pg *PDFGenerator) GenerateComplianceReport(data interface{}, outputFilename string) error
- func (pg *PDFGenerator) GenerateExecutiveReport(data interface{}, outputFilename string) error
- func (pg *PDFGenerator) GeneratePDFFromHTML(htmlContent string, outputFilename string) error
- func (pg *PDFGenerator) GeneratePDFStream(templateName string, data interface{}) ([]byte, error)
- func (pg *PDFGenerator) GenerateReportPDF(templateName string, data interface{}, outputFilename string) error
- func (pg *PDFGenerator) GenerateTechnicalReport(data interface{}, outputFilename string) error
- func (pg *PDFGenerator) GetAvailableTemplates() ([]string, error)
- func (pg *PDFGenerator) SetCustomOptions(options PDFOptions)
- func (pg *PDFGenerator) StreamPDFToWriter(templateName string, data interface{}, writer io.Writer) error
- func (pg *PDFGenerator) ValidateTemplate(templateName string) error
- type PDFInfo
- type PDFOptions
- type PartialFingerprints
- type PerformanceMetrics
- type PhysicalLocation
- type Properties
- type Region
- type RemediationPhase
- type RemediationStep
- type ReportData
- type ReportGenerator
- func (rg *ReportGenerator) CleanupOldReports(maxAge time.Duration) error
- func (rg *ReportGenerator) GenerateAllReports(baseData ReportData, executiveData ExecutiveReportData, ...) error
- func (rg *ReportGenerator) GenerateComplianceReport(data ComplianceReportData, filename string) error
- func (rg *ReportGenerator) GenerateExecutiveReport(data ExecutiveReportData, filename string) error
- func (rg *ReportGenerator) GenerateReportByType(reportType ReportType, data interface{}, filename string) error
- func (rg *ReportGenerator) GenerateTechnicalReport(data TechnicalReportData, filename string) error
- func (rg *ReportGenerator) GetAvailableTemplates() ([]string, error)
- func (rg *ReportGenerator) GetReportPath(filename string) string
- func (rg *ReportGenerator) GetReportStats() (map[string]interface{}, error)
- func (rg *ReportGenerator) SetPDFOptions(options PDFOptions)
- func (rg *ReportGenerator) ValidateReportData(data ReportData) error
- type ReportRequest
- type ReportType
- type RepositoryAnalysis
- type Result
- type ResultProperties
- type RiskItem
- type Rule
- type RuleProperties
- type Run
- type SARIF
- type SARIFFormatter
- type SPDXAnnotation
- type SPDXAuditInfo
- type SPDXCreationInfo
- type SPDXDocument
- type SPDXEnterpriseInfo
- type SPDXExternalRef
- type SPDXFormatter
- type SPDXPackage
- type SPDXRelationship
- type SPDXRiskAssessment
- type SPDXScanContext
- type SPDXScanPolicy
- type SPDXVulnerability
- type ScanContext
- type ScanEvent
- type ScanOverview
- type SecurityControl
- type SystemConfig
- type TechnicalReportData
- type Tool
- type VulnerabilityDetail
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Artifact ¶
type Artifact struct {
Location *ArtifactLocation `json:"location"`
Length int64 `json:"length,omitempty"`
MimeType string `json:"mimeType,omitempty"`
Hashes map[string]string `json:"hashes,omitempty"`
LastModifiedTimeUtc string `json:"lastModifiedTimeUtc,omitempty"`
}
Artifact represents a file or other artifact
type ArtifactLocation ¶
ArtifactLocation represents the location of an artifact
type AuditEntry ¶
type AuditTrail ¶
type AuditTrail struct {
ScanID string `json:"scanId,omitempty"`
ApprovalStatus string `json:"approvalStatus,omitempty"`
ApprovedBy string `json:"approvedBy,omitempty"`
ApprovalTime string `json:"approvalTime,omitempty"`
RetentionPolicy string `json:"retentionPolicy,omitempty"`
DataClassification string `json:"dataClassification,omitempty"`
}
AuditTrail represents audit information for compliance
type ComplianceReportData ¶
type ComplianceReportData struct {
ReportData
ExecutiveSummary string `json:"executive_summary"`
AssessmentPeriod string `json:"assessment_period"`
Assessor string `json:"assessor"`
ComplianceFramework string `json:"compliance_framework"`
AssessmentScope string `json:"assessment_scope"`
OverallScore float64 `json:"overall_score"`
TotalRequirements int `json:"total_requirements"`
CompliantRequirements int `json:"compliant_requirements"`
PartiallyCompliant int `json:"partially_compliant"`
NonCompliant int `json:"non_compliant"`
ComplianceStandards []ComplianceStandard `json:"compliance_standards"`
DetailedAssessment []interface{} `json:"detailed_assessment"` // Removed orchestrator dependency
SecurityControls []SecurityControl `json:"security_controls"`
HighRiskFindings int `json:"high_risk_findings"`
MediumRiskFindings int `json:"medium_risk_findings"`
LowRiskFindings int `json:"low_risk_findings"`
OverallRiskScore string `json:"overall_risk_score"`
RemediationRoadmap []RemediationPhase `json:"remediation_roadmap"`
AuditTrail []AuditEntry `json:"audit_trail"`
ReportVersion string `json:"report_version"`
}
ComplianceReportData contains data specific to compliance reports
type ComplianceStandard ¶
type ComplianceStandard struct {
Name string `json:"name"`
Score float64 `json:"score"`
ScoreClass string `json:"score_class"`
Status string `json:"status"`
StatusClass string `json:"status_class"`
RequirementsMet int `json:"requirements_met"`
TotalRequirements int `json:"total_requirements"`
LastAssessment string `json:"last_assessment"`
CriticalGaps []string `json:"critical_gaps,omitempty"`
}
type Configuration ¶
type Configuration struct {
Level string `json:"level"`
}
Configuration represents rule configuration
type CycloneDXAuthor ¶
CycloneDXAuthor represents an author of the SBOM
type CycloneDXComponent ¶
type CycloneDXComponent struct {
Type string `json:"type"`
BOMRef string `json:"bom-ref"`
Name string `json:"name"`
Version string `json:"version,omitempty"`
Description string `json:"description,omitempty"`
Scope string `json:"scope,omitempty"`
Hashes []CycloneDXHash `json:"hashes,omitempty"`
Licenses []CycloneDXLicense `json:"licenses,omitempty"`
Copyright string `json:"copyright,omitempty"`
CPE string `json:"cpe,omitempty"`
PURL string `json:"purl,omitempty"`
ExternalRefs []CycloneDXExternalRef `json:"externalReferences,omitempty"`
Properties []CycloneDXProperty `json:"properties,omitempty"`
}
CycloneDXComponent represents a software component
type CycloneDXDataFlow ¶
type CycloneDXDataFlow struct {
Flow string `json:"flow"`
Classification string `json:"classification"`
}
CycloneDXDataFlow represents data flow information
type CycloneDXDependency ¶
type CycloneDXDependency struct {
Ref string `json:"ref"`
DependsOn []string `json:"dependsOn,omitempty"`
}
CycloneDXDependency represents a dependency relationship
type CycloneDXDocument ¶
type CycloneDXDocument struct {
BOMFormat string `json:"bomFormat"`
SpecVersion string `json:"specVersion"`
SerialNumber string `json:"serialNumber"`
Version int `json:"version"`
Metadata CycloneDXMetadata `json:"metadata"`
Components []CycloneDXComponent `json:"components"`
Services []CycloneDXService `json:"services,omitempty"`
Dependencies []CycloneDXDependency `json:"dependencies,omitempty"`
Vulnerabilities []CycloneDXVulnerability `json:"vulnerabilities,omitempty"`
}
CycloneDXDocument represents a CycloneDX SBOM document
type CycloneDXExternalRef ¶
CycloneDXExternalRef represents an external reference
type CycloneDXFormatter ¶
type CycloneDXFormatter struct{}
CycloneDXFormatter implements the CycloneDX SBOM format
func NewCycloneDXFormatter ¶
func NewCycloneDXFormatter() *CycloneDXFormatter
NewCycloneDXFormatter creates a new CycloneDX formatter
func (*CycloneDXFormatter) Format ¶
func (f *CycloneDXFormatter) Format(results *scanner.ScanResults, options *FormatterOptions) ([]byte, error)
Format formats scan results as CycloneDX SBOM
type CycloneDXHash ¶
CycloneDXHash represents a hash value
type CycloneDXLicense ¶
type CycloneDXLicense struct {
License CycloneDXLicenseChoice `json:"license"`
}
CycloneDXLicense represents a license
type CycloneDXLicenseChoice ¶
type CycloneDXLicenseChoice struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Text string `json:"text,omitempty"`
URL string `json:"url,omitempty"`
}
CycloneDXLicenseChoice represents a license choice
type CycloneDXMetadata ¶
type CycloneDXMetadata struct {
Timestamp string `json:"timestamp"`
Tools []CycloneDXTool `json:"tools"`
Authors []CycloneDXAuthor `json:"authors,omitempty"`
Component *CycloneDXComponent `json:"component,omitempty"`
}
CycloneDXMetadata contains metadata about the SBOM
type CycloneDXProperty ¶
CycloneDXProperty represents a property
type CycloneDXService ¶
type CycloneDXService struct {
BOMRef string `json:"bom-ref"`
Name string `json:"name"`
Version string `json:"version,omitempty"`
Description string `json:"description,omitempty"`
Endpoints []string `json:"endpoints,omitempty"`
Authenticated bool `json:"authenticated,omitempty"`
XTrustBoundary bool `json:"x-trust-boundary,omitempty"`
Data []CycloneDXDataFlow `json:"data,omitempty"`
Licenses []CycloneDXLicense `json:"licenses,omitempty"`
ExternalRefs []CycloneDXExternalRef `json:"externalReferences,omitempty"`
}
CycloneDXService represents a service
type CycloneDXTool ¶
type CycloneDXTool struct {
Vendor string `json:"vendor"`
Name string `json:"name"`
Version string `json:"version"`
}
CycloneDXTool represents a tool used to create the SBOM
type CycloneDXVulnAffects ¶
type CycloneDXVulnAffects struct {
Ref string `json:"ref"`
}
CycloneDXVulnAffects represents what a vulnerability affects
type CycloneDXVulnAnalysis ¶
type CycloneDXVulnAnalysis struct {
State string `json:"state,omitempty"`
Justification string `json:"justification,omitempty"`
Response []string `json:"response,omitempty"`
Detail string `json:"detail,omitempty"`
FirstIssued string `json:"firstIssued,omitempty"`
LastUpdated string `json:"lastUpdated,omitempty"`
}
CycloneDXVulnAnalysis represents vulnerability analysis information
type CycloneDXVulnCredits ¶
type CycloneDXVulnCredits struct {
Individuals []CycloneDXVulnIndividual `json:"individuals,omitempty"`
Organizations []CycloneDXVulnOrganization `json:"organizations,omitempty"`
}
CycloneDXVulnCredits represents vulnerability credits
type CycloneDXVulnIndividual ¶
type CycloneDXVulnIndividual struct {
Name string `json:"name"`
Email string `json:"email,omitempty"`
}
CycloneDXVulnIndividual represents an individual credited for vulnerability discovery
type CycloneDXVulnOrganization ¶
type CycloneDXVulnOrganization struct {
Name string `json:"name"`
URL string `json:"url,omitempty"`
}
CycloneDXVulnOrganization represents an organization credited for vulnerability discovery
type CycloneDXVulnRating ¶
type CycloneDXVulnRating struct {
Source CycloneDXVulnSource `json:"source"`
Score float64 `json:"score,omitempty"`
Severity string `json:"severity,omitempty"`
Method string `json:"method,omitempty"`
Vector string `json:"vector,omitempty"`
}
CycloneDXVulnRating represents a vulnerability rating
type CycloneDXVulnReference ¶
type CycloneDXVulnReference struct {
ID string `json:"id"`
Source CycloneDXVulnSource `json:"source"`
}
CycloneDXVulnReference represents a vulnerability reference
type CycloneDXVulnSource ¶
CycloneDXVulnSource represents a vulnerability source
type CycloneDXVulnerability ¶
type CycloneDXVulnerability struct {
BOMRef string `json:"bom-ref"`
ID string `json:"id"`
Source CycloneDXVulnSource `json:"source"`
References []CycloneDXVulnReference `json:"references,omitempty"`
Ratings []CycloneDXVulnRating `json:"ratings,omitempty"`
CWEs []int `json:"cwes,omitempty"`
Description string `json:"description,omitempty"`
Detail string `json:"detail,omitempty"`
Recommendation string `json:"recommendation,omitempty"`
Affects []CycloneDXVulnAffects `json:"affects,omitempty"`
Published string `json:"published,omitempty"`
Updated string `json:"updated,omitempty"`
Credits CycloneDXVulnCredits `json:"credits,omitempty"`
Tools []CycloneDXTool `json:"tools,omitempty"`
Analysis CycloneDXVulnAnalysis `json:"analysis,omitempty"`
}
CycloneDXVulnerability represents a security vulnerability
type DetectionMethod ¶
type Driver ¶
type Driver struct {
Name string `json:"name"`
Version string `json:"version"`
InformationUri string `json:"informationUri,omitempty"`
Organization string `json:"organization,omitempty"`
SemanticVersion string `json:"semanticVersion,omitempty"`
Rules []Rule `json:"rules,omitempty"`
}
Driver represents the tool driver information
type EnterpriseMetadata ¶
type EnterpriseMetadata struct {
OrganizationID string `json:"organizationId,omitempty"`
TenantID string `json:"tenantId,omitempty"`
ScannerVersion string `json:"scannerVersion,omitempty"`
PolicyVersion string `json:"policyVersion,omitempty"`
ComplianceFrameworks []string `json:"complianceFrameworks,omitempty"`
RiskScore float64 `json:"riskScore,omitempty"`
ScanContext *ScanContext `json:"scanContext,omitempty"`
AuditTrail *AuditTrail `json:"auditTrail,omitempty"`
}
EnterpriseMetadata represents enterprise-specific metadata
type EvidenceInfo ¶
type EvidenceInfo struct {
Type string `json:"type"`
Description string `json:"description"`
Value interface{} `json:"value"`
Score float64 `json:"score,omitempty"`
Confidence float64 `json:"confidence,omitempty"`
}
EvidenceInfo represents evidence supporting a threat detection
type ExecutiveReportData ¶
type ExecutiveReportData struct {
ReportData
ExecutiveSummary string `json:"executive_summary"`
TotalRepositories int `json:"total_repositories"`
ScannedRepositories int `json:"scanned_repositories"`
TotalVulnerabilities int `json:"total_vulnerabilities"`
CriticalIssues int `json:"critical_issues"`
HighRiskIssues int `json:"high_risk_issues"`
MediumRiskIssues int `json:"medium_risk_issues"`
LowRiskIssues int `json:"low_risk_issues"`
ComplianceScore float64 `json:"compliance_score"`
SecurityTrend string `json:"security_trend"`
TopRisks []RiskItem `json:"top_risks"`
Recommendations []string `json:"recommendations"`
Metrics map[string]interface{} `json:"metrics"`
}
ExecutiveReportData contains data specific to executive reports
type FuturisticFormatter ¶
type FuturisticFormatter struct {
// contains filtered or unexported fields
}
func NewFuturisticFormatter ¶
func NewFuturisticFormatter(verbose, json bool) *FuturisticFormatter
func (*FuturisticFormatter) PrintAnalysisResults ¶
func (f *FuturisticFormatter) PrintAnalysisResults(result *detector.CheckPackageResult)
func (*FuturisticFormatter) PrintBanner ¶
func (f *FuturisticFormatter) PrintBanner()
func (*FuturisticFormatter) PrintScanResults ¶
func (f *FuturisticFormatter) PrintScanResults(result *analyzer.ScanResult)
func (*FuturisticFormatter) PrintScanStart ¶
func (f *FuturisticFormatter) PrintScanStart(path string)
func (*FuturisticFormatter) PrintVersion ¶
func (f *FuturisticFormatter) PrintVersion(version string)
type Invocation ¶
type Invocation struct {
ExecutionSuccessful bool `json:"executionSuccessful"`
StartTimeUtc string `json:"startTimeUtc,omitempty"`
EndTimeUtc string `json:"endTimeUtc,omitempty"`
ExitCode int `json:"exitCode,omitempty"`
CommandLine string `json:"commandLine,omitempty"`
Arguments []string `json:"arguments,omitempty"`
WorkingDirectory *ArtifactLocation `json:"workingDirectory,omitempty"`
}
Invocation represents a tool invocation
type Location ¶
type Location struct {
PhysicalLocation *PhysicalLocation `json:"physicalLocation,omitempty"`
LogicalLocations []LogicalLocation `json:"logicalLocations,omitempty"`
}
Location represents a location in the source code
type LogicalLocation ¶
type LogicalLocation struct {
Name string `json:"name,omitempty"`
FullyQualifiedName string `json:"fullyQualifiedName,omitempty"`
Kind string `json:"kind,omitempty"`
}
LogicalLocation represents a logical location
type Message ¶
type Message struct {
Text string `json:"text"`
}
Message represents a message with text
type PDFGenerator ¶
type PDFGenerator struct {
TemplateDir string
OutputDir string
Options PDFOptions
}
PDFGenerator handles PDF generation from HTML templates
func NewPDFGenerator ¶
func NewPDFGenerator(templateDir, outputDir string, options *PDFOptions) *PDFGenerator
NewPDFGenerator creates a new PDF generator instance
func (*PDFGenerator) BatchGenerateReports ¶
func (pg *PDFGenerator) BatchGenerateReports(reports []ReportRequest) error
BatchGenerateReports generates multiple reports in batch
func (*PDFGenerator) CleanupOldReports ¶
func (pg *PDFGenerator) CleanupOldReports(maxAge time.Duration) error
CleanupOldReports removes PDF files older than the specified duration
func (*PDFGenerator) GenerateComplianceReport ¶
func (pg *PDFGenerator) GenerateComplianceReport(data interface{}, outputFilename string) error
GenerateComplianceReport generates a compliance report PDF
func (*PDFGenerator) GenerateExecutiveReport ¶
func (pg *PDFGenerator) GenerateExecutiveReport(data interface{}, outputFilename string) error
GenerateExecutiveReport generates an executive report PDF
func (*PDFGenerator) GeneratePDFFromHTML ¶
func (pg *PDFGenerator) GeneratePDFFromHTML(htmlContent string, outputFilename string) error
GeneratePDFFromHTML generates PDF directly from HTML string
func (*PDFGenerator) GeneratePDFStream ¶
func (pg *PDFGenerator) GeneratePDFStream(templateName string, data interface{}) ([]byte, error)
GeneratePDFStream generates PDF and returns it as a byte stream
func (*PDFGenerator) GenerateReportPDF ¶
func (pg *PDFGenerator) GenerateReportPDF(templateName string, data interface{}, outputFilename string) error
GenerateReportPDF generates a PDF from an HTML template with data
func (*PDFGenerator) GenerateTechnicalReport ¶
func (pg *PDFGenerator) GenerateTechnicalReport(data interface{}, outputFilename string) error
GenerateTechnicalReport generates a technical report PDF
func (*PDFGenerator) GetAvailableTemplates ¶
func (pg *PDFGenerator) GetAvailableTemplates() ([]string, error)
GetAvailableTemplates returns a list of available HTML templates
func (*PDFGenerator) SetCustomOptions ¶
func (pg *PDFGenerator) SetCustomOptions(options PDFOptions)
SetCustomOptions allows updating PDF generation options
func (*PDFGenerator) StreamPDFToWriter ¶
func (pg *PDFGenerator) StreamPDFToWriter(templateName string, data interface{}, writer io.Writer) error
StreamPDFToWriter generates PDF and writes it directly to an io.Writer
func (*PDFGenerator) ValidateTemplate ¶
func (pg *PDFGenerator) ValidateTemplate(templateName string) error
ValidateTemplate checks if a template file exists and is valid
type PDFInfo ¶
type PDFInfo struct {
FilePath string `json:"file_path"`
FileName string `json:"file_name"`
FileSize int64 `json:"file_size"`
CreatedAt time.Time `json:"created_at"`
IsReadable bool `json:"is_readable"`
}
PDFInfo contains information about a generated PDF
func GetPDFInfo ¶
GetPDFInfo returns information about a generated PDF file
type PDFOptions ¶
type PDFOptions struct {
PaperWidth float64 `json:"paper_width"` // in inches
PaperHeight float64 `json:"paper_height"` // in inches
MarginTop float64 `json:"margin_top"` // in inches
MarginBottom float64 `json:"margin_bottom"` // in inches
MarginLeft float64 `json:"margin_left"` // in inches
MarginRight float64 `json:"margin_right"` // in inches
PrintBackground bool `json:"print_background"` // include background graphics
Landscape bool `json:"landscape"` // page orientation
Scale float64 `json:"scale"` // page scale (0.1 to 2.0)
HeaderTemplate string `json:"header_template"`
PreferCSSPageSize bool `json:"prefer_css_page_size"`
}
PDFOptions configures PDF generation settings
func DefaultPDFOptions ¶
func DefaultPDFOptions() PDFOptions
DefaultPDFOptions returns sensible default PDF generation options
type PartialFingerprints ¶
type PartialFingerprints struct {
PrimaryLocationLineHash string `json:"primaryLocationLineHash,omitempty"`
}
PartialFingerprints represents partial fingerprints for result matching
type PerformanceMetrics ¶
type PhysicalLocation ¶
type PhysicalLocation struct {
ArtifactLocation *ArtifactLocation `json:"artifactLocation,omitempty"`
Region *Region `json:"region,omitempty"`
}
PhysicalLocation represents a physical location in a file
type Properties ¶
type Properties struct {
RepositoryURL string `json:"repositoryUrl,omitempty"`
Branch string `json:"branch,omitempty"`
CommitSHA string `json:"commitSha,omitempty"`
ScanType string `json:"scanType,omitempty"`
Metrics map[string]interface{} `json:"metrics,omitempty"`
// Enterprise metadata
Enterprise *EnterpriseMetadata `json:"enterprise,omitempty"`
}
Properties represents additional properties
type Region ¶
type Region struct {
StartLine int `json:"startLine,omitempty"`
StartColumn int `json:"startColumn,omitempty"`
EndLine int `json:"endLine,omitempty"`
EndColumn int `json:"endColumn,omitempty"`
}
Region represents a region in a file
type RemediationPhase ¶
type RemediationStep ¶
type ReportData ¶
type ReportData struct {
Organization string `json:"organization"`
ReportDate string `json:"report_date"`
ReportID string `json:"report_id"`
ReportType string `json:"report_type"`
GeneratedBy string `json:"generated_by"`
Version string `json:"version"`
ScanPeriod string `json:"scan_period"`
Timestamp time.Time `json:"timestamp"`
}
ReportData contains common data for all report types
type ReportGenerator ¶
type ReportGenerator struct {
// contains filtered or unexported fields
}
ReportGenerator manages the generation of various report types
func NewReportGenerator ¶
func NewReportGenerator(templateDir, outputDir string, pdfOptions *PDFOptions, logger *logrus.Logger) *ReportGenerator
NewReportGenerator creates a new report generator
func (*ReportGenerator) CleanupOldReports ¶
func (rg *ReportGenerator) CleanupOldReports(maxAge time.Duration) error
CleanupOldReports removes old report files
func (*ReportGenerator) GenerateAllReports ¶
func (rg *ReportGenerator) GenerateAllReports(baseData ReportData, executiveData ExecutiveReportData, technicalData TechnicalReportData, complianceData ComplianceReportData) error
GenerateAllReports generates all three report types from the same base data
func (*ReportGenerator) GenerateComplianceReport ¶
func (rg *ReportGenerator) GenerateComplianceReport(data ComplianceReportData, filename string) error
GenerateComplianceReport generates a compliance report in PDF format
func (*ReportGenerator) GenerateExecutiveReport ¶
func (rg *ReportGenerator) GenerateExecutiveReport(data ExecutiveReportData, filename string) error
GenerateExecutiveReport generates an executive report in PDF format
func (*ReportGenerator) GenerateReportByType ¶
func (rg *ReportGenerator) GenerateReportByType(reportType ReportType, data interface{}, filename string) error
GenerateReportByType generates a report based on the specified type
func (*ReportGenerator) GenerateTechnicalReport ¶
func (rg *ReportGenerator) GenerateTechnicalReport(data TechnicalReportData, filename string) error
GenerateTechnicalReport generates a technical report in PDF format
func (*ReportGenerator) GetAvailableTemplates ¶
func (rg *ReportGenerator) GetAvailableTemplates() ([]string, error)
GetAvailableTemplates returns available report templates
func (*ReportGenerator) GetReportPath ¶
func (rg *ReportGenerator) GetReportPath(filename string) string
GetReportPath returns the full path to a generated report
func (*ReportGenerator) GetReportStats ¶
func (rg *ReportGenerator) GetReportStats() (map[string]interface{}, error)
GetReportStats returns statistics about generated reports
func (*ReportGenerator) SetPDFOptions ¶
func (rg *ReportGenerator) SetPDFOptions(options PDFOptions)
SetPDFOptions updates PDF generation options
func (*ReportGenerator) ValidateReportData ¶
func (rg *ReportGenerator) ValidateReportData(data ReportData) error
ValidateReportData validates common report data fields
type ReportRequest ¶
type ReportRequest struct {
TemplateName string `json:"template_name"`
Data interface{} `json:"data"`
OutputFilename string `json:"output_filename"`
}
ReportRequest represents a single report generation request
type ReportType ¶
type ReportType string
ReportType defines the type of report to generate
const ( ExecutiveReport ReportType = "executive" TechnicalReport ReportType = "technical" ComplianceReport ReportType = "compliance" )
type RepositoryAnalysis ¶
type Result ¶
type Result struct {
RuleID string `json:"ruleId"`
RuleIndex int `json:"ruleIndex,omitempty"`
Message Message `json:"message"`
Level string `json:"level"`
Locations []Location `json:"locations,omitempty"`
PartialFingerprints *PartialFingerprints `json:"partialFingerprints,omitempty"`
Properties *ResultProperties `json:"properties,omitempty"`
}
Result represents a single analysis result
type ResultProperties ¶
type ResultProperties struct {
Severity string `json:"severity,omitempty"`
Confidence string `json:"confidence,omitempty"`
PackageName string `json:"packageName,omitempty"`
PackageVersion string `json:"packageVersion,omitempty"`
VulnerabilityID string `json:"vulnerabilityId,omitempty"`
ThreatType string `json:"threatType,omitempty"`
Registry string `json:"registry,omitempty"`
DetectionMethod string `json:"detectionMethod,omitempty"`
SimilarTo string `json:"similarTo,omitempty"`
Recommendation string `json:"recommendation,omitempty"`
CVEs []string `json:"cves,omitempty"`
References []string `json:"references,omitempty"`
Evidence []EvidenceInfo `json:"evidence,omitempty"`
ThreatMetadata map[string]interface{} `json:"threatMetadata,omitempty"`
RiskScore float64 `json:"riskScore,omitempty"`
}
ResultProperties represents result-specific properties
type RiskItem ¶
type RiskItem struct {
Title string `json:"title"`
Description string `json:"description"`
Severity string `json:"severity"`
Impact string `json:"impact"`
Count int `json:"count"`
}
Supporting data structures
type Rule ¶
type Rule struct {
ID string `json:"id"`
Name string `json:"name,omitempty"`
ShortDescription *Message `json:"shortDescription,omitempty"`
FullDescription *Message `json:"fullDescription,omitempty"`
Help *Message `json:"help,omitempty"`
HelpUri string `json:"helpUri,omitempty"`
Properties *RuleProperties `json:"properties,omitempty"`
DefaultConfiguration *Configuration `json:"defaultConfiguration,omitempty"`
}
Rule represents a rule definition
type RuleProperties ¶
type RuleProperties struct {
Severity string `json:"severity,omitempty"`
Category string `json:"category,omitempty"`
Tags []string `json:"tags,omitempty"`
Precision string `json:"precision,omitempty"`
ProblemKind string `json:"problem.kind,omitempty"`
}
RuleProperties represents rule-specific properties
type Run ¶
type Run struct {
Tool Tool `json:"tool"`
Results []Result `json:"results"`
Artifacts []Artifact `json:"artifacts,omitempty"`
Invocations []Invocation `json:"invocations,omitempty"`
Properties *Properties `json:"properties,omitempty"`
}
Run represents a single run of the analysis tool
type SARIF ¶
type SARIF struct {
Version string `json:"version"`
Schema string `json:"$schema"`
Runs []Run `json:"runs"`
}
SARIF represents the Static Analysis Results Interchange Format
type SARIFFormatter ¶
type SARIFFormatter struct {
RepositoryURL string
Branch string
CommitSHA string
ScanType string
// Enterprise fields
EnterpriseMetadata *EnterpriseMetadata
}
SARIFFormatter implements SARIF output format
func NewEnterpriseSARIFFormatter ¶
func NewEnterpriseSARIFFormatter(repoURL, branch, commitSHA, scanType string, enterpriseMetadata *EnterpriseMetadata) *SARIFFormatter
NewEnterpriseSARIFFormatter creates a new SARIF formatter with enterprise metadata
func NewSARIFFormatter ¶
func NewSARIFFormatter(repoURL, branch, commitSHA, scanType string) *SARIFFormatter
NewSARIFFormatter creates a new SARIF formatter
func (*SARIFFormatter) Format ¶
func (f *SARIFFormatter) Format(results *analyzer.ScanResult) ([]byte, error)
Format converts scan results to SARIF format
type SPDXAnnotation ¶
type SPDXAnnotation struct {
AnnotationType string `json:"annotationType"`
Annotator string `json:"annotator"`
AnnotationDate string `json:"annotationDate"`
AnnotationComment string `json:"annotationComment"`
}
SPDXAnnotation represents an annotation
type SPDXAuditInfo ¶
type SPDXAuditInfo struct {
ScanID string `json:"scanId,omitempty"`
ApprovalRequired bool `json:"approvalRequired"`
ApprovalStatus string `json:"approvalStatus,omitempty"`
ApprovedBy string `json:"approvedBy,omitempty"`
ApprovalTimestamp string `json:"approvalTimestamp,omitempty"`
RetentionPeriod string `json:"retentionPeriod,omitempty"`
DataClassification string `json:"dataClassification,omitempty"`
}
SPDXAuditInfo represents audit trail information
type SPDXCreationInfo ¶
type SPDXCreationInfo struct {
Created string `json:"created"`
Creators []string `json:"creators"`
LicenseListVersion string `json:"licenseListVersion,omitempty"`
}
SPDXCreationInfo contains document creation information
type SPDXDocument ¶
type SPDXDocument struct {
SPDXVersion string `json:"spdxVersion"`
DataLicense string `json:"dataLicense"`
SPDXID string `json:"SPDXID"`
DocumentName string `json:"documentName"`
DocumentNamespace string `json:"documentNamespace"`
CreationInfo SPDXCreationInfo `json:"creationInfo"`
Packages []SPDXPackage `json:"packages"`
Relationships []SPDXRelationship `json:"relationships"`
Annotations []SPDXAnnotation `json:"annotations,omitempty"`
// Enterprise extensions
EnterpriseInfo *SPDXEnterpriseInfo `json:"enterpriseInfo,omitempty"`
}
SPDXDocument represents an SPDX document
type SPDXEnterpriseInfo ¶
type SPDXEnterpriseInfo struct {
OrganizationID string `json:"organizationId,omitempty"`
TenantID string `json:"tenantId,omitempty"`
ScanPolicy *SPDXScanPolicy `json:"scanPolicy,omitempty"`
ComplianceFrameworks []string `json:"complianceFrameworks,omitempty"`
RiskAssessment *SPDXRiskAssessment `json:"riskAssessment,omitempty"`
AuditInfo *SPDXAuditInfo `json:"auditInfo,omitempty"`
ScanContext *SPDXScanContext `json:"scanContext,omitempty"`
}
SPDXEnterpriseInfo contains enterprise-specific metadata
type SPDXExternalRef ¶
type SPDXExternalRef struct {
ReferenceCategory string `json:"referenceCategory"`
ReferenceType string `json:"referenceType"`
ReferenceLocator string `json:"referenceLocator"`
Comment string `json:"comment,omitempty"`
}
SPDXExternalRef represents an external reference
type SPDXFormatter ¶
type SPDXFormatter struct {
// Enterprise fields
EnterpriseInfo *SPDXEnterpriseInfo
// contains filtered or unexported fields
}
SPDXFormatter implements SPDX (Software Package Data Exchange) format
func NewEnterpriseSPDXFormatter ¶
func NewEnterpriseSPDXFormatter(enterpriseInfo *SPDXEnterpriseInfo) *SPDXFormatter
NewEnterpriseSPDXFormatter creates a new SPDX formatter with enterprise metadata
func NewSPDXFormatter ¶
func NewSPDXFormatter() *SPDXFormatter
NewSPDXFormatter creates a new SPDX formatter
func (*SPDXFormatter) Format ¶
func (f *SPDXFormatter) Format(results *scanner.ScanResults, options FormatterOptions) ([]byte, error)
Format formats scan results as SPDX JSON
func (*SPDXFormatter) GetFileExtension ¶
func (f *SPDXFormatter) GetFileExtension() string
GetFileExtension returns the file extension for SPDX format
func (*SPDXFormatter) GetMimeType ¶
func (f *SPDXFormatter) GetMimeType() string
GetMimeType returns the MIME type for SPDX format
type SPDXPackage ¶
type SPDXPackage struct {
SPDXID string `json:"SPDXID"`
Name string `json:"name"`
DownloadLocation string `json:"downloadLocation"`
FilesAnalyzed bool `json:"filesAnalyzed"`
LicenseConcluded string `json:"licenseConcluded"`
LicenseDeclared string `json:"licenseDeclared"`
CopyrightText string `json:"copyrightText"`
VersionInfo string `json:"versionInfo,omitempty"`
Supplier string `json:"supplier,omitempty"`
Originator string `json:"originator,omitempty"`
Homepage string `json:"homepage,omitempty"`
Description string `json:"description,omitempty"`
ExternalRefs []SPDXExternalRef `json:"externalRefs,omitempty"`
AttributionTexts []string `json:"attributionTexts,omitempty"`
Annotations []SPDXAnnotation `json:"annotations,omitempty"`
SecurityVulnerabilities []SPDXVulnerability `json:"securityVulnerabilities,omitempty"`
}
SPDXPackage represents a software package
type SPDXRelationship ¶
type SPDXRelationship struct {
SPDXElementID string `json:"spdxElementId"`
RelationshipType string `json:"relationshipType"`
RelatedSPDXElement string `json:"relatedSpdxElement"`
Comment string `json:"comment,omitempty"`
}
SPDXRelationship represents a relationship between SPDX elements
type SPDXRiskAssessment ¶
type SPDXRiskAssessment struct {
OverallRiskScore float64 `json:"overallRiskScore,omitempty"`
RiskFactors map[string]float64 `json:"riskFactors,omitempty"`
MitigationStatus string `json:"mitigationStatus,omitempty"`
Recommendations []string `json:"recommendations,omitempty"`
}
SPDXRiskAssessment represents risk assessment data
type SPDXScanContext ¶
type SPDXScanContext struct {
InitiatedBy string `json:"initiatedBy,omitempty"`
ScanReason string `json:"scanReason,omitempty"`
Environment string `json:"environment,omitempty"`
CICDPipeline string `json:"cicdPipeline,omitempty"`
ProjectID string `json:"projectId,omitempty"`
RepositoryURL string `json:"repositoryUrl,omitempty"`
Branch string `json:"branch,omitempty"`
CommitSHA string `json:"commitSha,omitempty"`
}
SPDXScanContext represents the context of the scan
type SPDXScanPolicy ¶
type SPDXScanPolicy struct {
PolicyID string `json:"policyId,omitempty"`
PolicyVersion string `json:"policyVersion,omitempty"`
PolicyName string `json:"policyName,omitempty"`
Enforcement string `json:"enforcement,omitempty"`
}
SPDXScanPolicy represents the scan policy used
type SPDXVulnerability ¶
type SPDXVulnerability struct {
ID string `json:"id"`
Description string `json:"description"`
Severity string `json:"severity"`
CVSSv3 string `json:"cvssv3,omitempty"`
References []string `json:"references,omitempty"`
}
SPDXVulnerability represents a security vulnerability
type ScanContext ¶
type ScanContext struct {
InitiatedBy string `json:"initiatedBy,omitempty"`
ScanReason string `json:"scanReason,omitempty"`
ScheduledScan bool `json:"scheduledScan"`
CICDPipeline string `json:"cicdPipeline,omitempty"`
Environment string `json:"environment,omitempty"`
ProjectID string `json:"projectId,omitempty"`
}
ScanContext represents the context in which the scan was performed
type ScanOverview ¶
type SecurityControl ¶
type SecurityControl struct {
ControlID string `json:"control_id"`
ControlName string `json:"control_name"`
Status string `json:"status"`
StatusClass string `json:"status_class"`
Effectiveness string `json:"effectiveness"`
LastTested string `json:"last_tested"`
RiskLevel string `json:"risk_level"`
}
type SystemConfig ¶
type TechnicalReportData ¶
type TechnicalReportData struct {
ReportData
ScanOverview ScanOverview `json:"scan_overview"`
Vulnerabilities []VulnerabilityDetail `json:"vulnerabilities"`
RepositoryAnalysis []RepositoryAnalysis `json:"repository_analysis"`
DetectionMethods []DetectionMethod `json:"detection_methods"`
ScanTimeline []ScanEvent `json:"scan_timeline"`
SystemConfiguration SystemConfig `json:"system_configuration"`
PerformanceMetrics PerformanceMetrics `json:"performance_metrics"`
}
TechnicalReportData contains data specific to technical reports
type Tool ¶
type Tool struct {
Driver Driver `json:"driver"`
}
Tool represents the analysis tool information
type VulnerabilityDetail ¶
type VulnerabilityDetail struct {
ID string `json:"id"`
Title string `json:"title"`
Description string `json:"description"`
Severity string `json:"severity"`
CVSS string `json:"cvss"`
Repository string `json:"repository"`
FilePath string `json:"file_path"`
LineNumber int `json:"line_number"`
Status string `json:"status"`
FirstFound string `json:"first_found"`
LastSeen string `json:"last_seen"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.