Documentation
¶
Index ¶
- type APIKey
- type AffectedPackage
- type AffectedVersion
- type AnalysisResult
- type AuditLog
- type BatchJob
- type BuildAnomaly
- type BuildIntegrityCheck
- type BuildIntegrityCheckType
- type BuildIntegrityInfo
- type BuildIntegrityOptions
- type BuildIntegrityRequest
- type BuildIntegrityResult
- type BuildMaterial
- type BuildProvenance
- type CVSSScore
- type ComplianceResult
- type ComplianceStatus
- type ComplianceViolation
- type ControlResult
- type Credit
- type CustomDetectionRule
- type CustomRegistry
- type Dependency
- type DependencyGraph
- type DependencyScope
- type DependencyTree
- type DetectionMatch
- type DetectionResult
- type Evidence
- type ExploitInfo
- type FindingType
- type GraphAnalysisAlgorithm
- type GraphAnalysisOptions
- type GraphAnalysisRequest
- type GraphEdge
- type GraphNode
- type GraphStats
- type IndicatorOfCompromise
- type MLModelInfo
- type Maintainer
- type NotificationSettings
- type Organization
- type OrganizationSettings
- type Package
- type PackageInfo
- type PackageMetadata
- type Policy
- type PolicyAction
- type PolicyCondition
- type PolicyRule
- type PolicyRuleType
- type ProjectScan
- type Recommendation
- type RecommendationAction
- type RecommendationType
- type Reference
- type RegistryInfo
- type RelationType
- type RemediationAdvice
- type RemediationEffort
- type RemediationPriority
- type RemediationStep
- type ReputationScore
- type RiskLevel
- type ScanMetadata
- type ScanRequest
- type ScanRequestOptions
- type ScanResponse
- type ScanResult
- type ScanSettings
- type ScanStatistics
- type ScanStatus
- type ScanSummary
- type SensitivityLevel
- type Severity
- type Signature
- type StandardCompliance
- type SupplyChainDependency
- type SupplyChainEvidence
- type SupplyChainFinding
- type SupplyChainScanOptions
- type SupplyChainScanRequest
- type SupplyChainScanResult
- type SupplyChainScanType
- type Threat
- type ThreatAttribution
- type ThreatEvidence
- type ThreatIntelInfo
- type ThreatIntelOptions
- type ThreatIntelRequest
- type ThreatIntelligenceResult
- type ThreatTactic
- type ThreatType
- type TrustLevel
- type User
- type UserRole
- type VersionEvent
- type VersionRange
- type Vulnerability
- type VulnerabilityCredit
- type VulnerabilityDatabase
- type VulnerabilityDatabaseConfig
- type VulnerabilityInfo
- type Warning
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type APIKey ¶
type APIKey struct {
ID string `json:"id"`
Name string `json:"name"`
KeyHash string `json:"key_hash"` // Never expose the actual key
Permissions []string `json:"permissions,omitempty"`
CreatedAt time.Time `json:"created_at"`
ExpiresAt *time.Time `json:"expires_at,omitempty"`
LastUsedAt *time.Time `json:"last_used_at,omitempty"`
Active bool `json:"active"`
}
APIKey represents an API key for authentication
type AffectedPackage ¶
type AffectedPackage struct {
Name string `json:"name"`
Vendor string `json:"vendor,omitempty"`
Version string `json:"version,omitempty"`
Versions []string `json:"versions,omitempty"` // Multiple affected versions
VersionRange string `json:"version_range,omitempty"`
Ecosystem string `json:"ecosystem,omitempty"`
PURL string `json:"purl,omitempty"` // Package URL
Ranges []VersionRange `json:"ranges,omitempty"` // Version ranges with events
DatabaseSpecific map[string]interface{} `json:"database_specific,omitempty"`
EcosystemSpecific map[string]interface{} `json:"ecosystem_specific,omitempty"`
}
AffectedPackage represents a package affected by a vulnerability
type AffectedVersion ¶
type AffectedVersion struct {
Ecosystem string `json:"ecosystem"`
Package string `json:"package"`
Ranges []VersionRange `json:"ranges"`
Versions []string `json:"versions,omitempty"`
Database string `json:"database,omitempty"`
}
AffectedVersion represents version ranges affected by a vulnerability
type AnalysisResult ¶
type AnalysisResult struct {
ID string `json:"id"`
Package *Dependency `json:"package"`
Threats []Threat `json:"threats"`
RiskLevel Severity `json:"risk_level"`
Timestamp time.Time `json:"timestamp"`
Metadata map[string]interface{} `json:"metadata"`
}
AnalysisResult represents the result of package analysis
type AuditLog ¶
type AuditLog struct {
ID string `json:"id"`
UserID string `json:"user_id,omitempty"`
OrganizationID string `json:"organization_id,omitempty"`
Action string `json:"action"`
Resource string `json:"resource"`
ResourceID string `json:"resource_id,omitempty"`
ResourceType string `json:"resource_type,omitempty"`
Details map[string]interface{} `json:"details,omitempty"`
IPAddress string `json:"ip_address,omitempty"`
UserAgent string `json:"user_agent,omitempty"`
Timestamp time.Time `json:"timestamp"`
Success bool `json:"success"`
Error string `json:"error,omitempty"`
}
AuditLog represents an audit log entry
type BatchJob ¶
type BatchJob struct {
ID string `json:"id"`
OrganizationID string `json:"organization_id"`
UserID string `json:"user_id"`
Name string `json:"name"`
Description string `json:"description,omitempty"`
Status string `json:"status"`
Progress float64 `json:"progress"`
TotalPackages int `json:"total_packages"`
ProcessedCount int `json:"processed_count"`
SuccessCount int `json:"success_count"`
FailureCount int `json:"failure_count"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
CompletedAt *time.Time `json:"completed_at,omitempty"`
Configuration map[string]interface{} `json:"configuration,omitempty"`
Results []AnalysisResult `json:"results,omitempty"`
Errors []string `json:"errors,omitempty"`
}
BatchJob represents a batch processing job
type BuildAnomaly ¶
type BuildAnomaly struct {
Type string `json:"type"`
Description string `json:"description"`
Severity RiskLevel `json:"severity"`
Evidence string `json:"evidence,omitempty"`
}
BuildAnomaly represents a build integrity anomaly
type BuildIntegrityCheck ¶
type BuildIntegrityCheck struct {
Name string `json:"name"`
Type string `json:"type"`
Status string `json:"status"`
Score float64 `json:"score"`
Description string `json:"description"`
Details string `json:"details,omitempty"`
Timestamp time.Time `json:"timestamp"`
}
BuildIntegrityCheck represents a build integrity check
type BuildIntegrityCheckType ¶
type BuildIntegrityCheckType string
BuildIntegrityCheckType represents a type of build integrity check
const ( CheckTypeChecksum BuildIntegrityCheckType = "checksum" CheckTypeSignature BuildIntegrityCheckType = "signature" CheckTypeReproducible BuildIntegrityCheckType = "reproducible" CheckTypeProvenance BuildIntegrityCheckType = "provenance" CheckTypeMetadata BuildIntegrityCheckType = "metadata" CheckTypeAnomaly BuildIntegrityCheckType = "anomaly" )
type BuildIntegrityInfo ¶
type BuildIntegrityInfo struct {
Verified bool `json:"verified"`
ChecksumMatch bool `json:"checksum_match"`
SignatureValid bool `json:"signature_valid"`
Reproducible bool `json:"reproducible"`
BuildSystem string `json:"build_system,omitempty"`
BuildMetadata map[string]interface{} `json:"build_metadata,omitempty"`
Provenance *BuildProvenance `json:"provenance,omitempty"`
Anomalies []BuildAnomaly `json:"anomalies,omitempty"`
TrustScore float64 `json:"trust_score"`
}
BuildIntegrityInfo contains build integrity information
type BuildIntegrityOptions ¶
type BuildIntegrityOptions struct {
VerifyChecksums bool `json:"verify_checksums"`
VerifySignatures bool `json:"verify_signatures"`
CheckReproducible bool `json:"check_reproducible"`
ValidateProvenance bool `json:"validate_provenance"`
DeepAnalysis bool `json:"deep_analysis"`
}
BuildIntegrityOptions contains options for build integrity checking
type BuildIntegrityRequest ¶
type BuildIntegrityRequest struct {
Target string `json:"target" binding:"required"`
Options BuildIntegrityOptions `json:"options"`
Checks []BuildIntegrityCheckType `json:"checks"`
}
BuildIntegrityRequest represents a request for build integrity checking
type BuildIntegrityResult ¶
type BuildIntegrityResult struct {
OverallScore float64 `json:"overall_score"`
Verified bool `json:"verified"`
Checks []BuildIntegrityCheck `json:"checks"`
Anomalies []BuildAnomaly `json:"anomalies"`
Provenance *BuildProvenance `json:"provenance,omitempty"`
Recommendations []Recommendation `json:"recommendations"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
BuildIntegrityResult contains build integrity scan results
type BuildMaterial ¶
BuildMaterial represents build materials/inputs
type BuildProvenance ¶
type BuildProvenance struct {
Builder string `json:"builder"`
BuildID string `json:"build_id"`
Timestamp time.Time `json:"timestamp"`
SourceRepo string `json:"source_repo"`
SourceRef string `json:"source_ref"`
SourceHash string `json:"source_hash"`
BuildConfig map[string]interface{} `json:"build_config,omitempty"`
Materials []BuildMaterial `json:"materials,omitempty"`
SLSALevel int `json:"slsa_level"`
}
BuildProvenance contains build provenance information
type CVSSScore ¶
type CVSSScore struct {
Version string `json:"version"`
Vector string `json:"vector"`
Score float64 `json:"score"`
Severity string `json:"severity"`
}
CVSSScore represents CVSS scoring information
type ComplianceResult ¶
type ComplianceResult struct {
OverallStatus ComplianceStatus `json:"overall_status"`
Score float64 `json:"score"`
Standards []StandardCompliance `json:"standards"`
Violations []ComplianceViolation `json:"violations"`
Recommendations []Recommendation `json:"recommendations"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
ComplianceResult contains compliance check results
type ComplianceStatus ¶
type ComplianceStatus string
ComplianceStatus represents compliance status
const ( ComplianceStatusCompliant ComplianceStatus = "compliant" ComplianceStatusNonCompliant ComplianceStatus = "non_compliant" ComplianceStatusPartial ComplianceStatus = "partial" ComplianceStatusUnknown ComplianceStatus = "unknown" )
type ComplianceViolation ¶
type ComplianceViolation struct {
Standard string `json:"standard"`
Control string `json:"control"`
Severity RiskLevel `json:"severity"`
Description string `json:"description"`
Evidence []SupplyChainEvidence `json:"evidence"`
Remediation string `json:"remediation"`
Deadline *time.Time `json:"deadline,omitempty"`
}
ComplianceViolation represents a compliance violation
type ControlResult ¶
type ControlResult struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Status ComplianceStatus `json:"status"`
Evidence []SupplyChainEvidence `json:"evidence,omitempty"`
Remediation string `json:"remediation,omitempty"`
}
ControlResult represents the result of a compliance control check
type Credit ¶
type Credit struct {
Name string `json:"name"`
Contact []string `json:"contact,omitempty"`
Type string `json:"type,omitempty"`
}
Credit represents credit information for vulnerability discovery
type CustomDetectionRule ¶
type CustomDetectionRule struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Type string `json:"type"`
Pattern string `json:"pattern"`
Severity RiskLevel `json:"severity"`
Enabled bool `json:"enabled"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
CustomDetectionRule represents a custom detection rule
type CustomRegistry ¶
type CustomRegistry struct {
ID int `json:"id"`
OrganizationID int `json:"organization_id"`
Name string `json:"name"`
Type string `json:"type"` // npm, pypi, maven, nuget, etc.
URL string `json:"url"`
AuthType string `json:"auth_type"` // none, basic, token, oauth
Username string `json:"username,omitempty"`
Password string `json:"password,omitempty"`
Token string `json:"token,omitempty"`
Enabled bool `json:"enabled"`
Priority int `json:"priority"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
CustomRegistry represents a custom package registry
type Dependency ¶
type Dependency struct {
Name string `json:"name"`
Version string `json:"version"`
Registry string `json:"registry"`
Source string `json:"source"` // file where dependency was found
Direct bool `json:"direct"` // true if direct dependency, false if transitive
Development bool `json:"development"` // true if dev dependency
Metadata PackageMetadata `json:"metadata,omitempty"`
Constraints string `json:"constraints,omitempty"` // version constraints
ExtraData map[string]interface{} `json:"extra_data,omitempty"`
}
Dependency represents a package dependency
type DependencyGraph ¶
type DependencyGraph struct {
Nodes []GraphNode `json:"nodes"`
Edges []GraphEdge `json:"edges"`
Stats GraphStats `json:"stats"`
}
DependencyGraph represents a dependency graph
type DependencyScope ¶
type DependencyScope string
DependencyScope represents the scope of a dependency
const ( ScopeRuntime DependencyScope = "runtime" ScopeDevelopment DependencyScope = "development" ScopeTest DependencyScope = "test" ScopeBuild DependencyScope = "build" ScopeOptional DependencyScope = "optional" )
type DependencyTree ¶
type DependencyTree struct {
Name interface{} `json:"name"`
Version interface{} `json:"version"`
Type string `json:"type"`
Threats []Threat `json:"threats,omitempty"`
Dependencies []DependencyTree `json:"dependencies"`
Depth int `json:"depth,omitempty"`
TotalCount int `json:"total_count,omitempty"`
CreatedAt time.Time `json:"created_at,omitempty"`
}
DependencyTree represents a tree structure of package dependencies
type DetectionMatch ¶
type DetectionMatch struct {
Package string `json:"package"`
Similarity float64 `json:"similarity"`
Type string `json:"type"`
Evidence []Evidence `json:"evidence,omitempty"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
DetectionMatch represents a match found by a detection algorithm
type DetectionResult ¶
type DetectionResult struct {
Algorithm string `json:"algorithm"`
Confidence float64 `json:"confidence"`
Matches []DetectionMatch `json:"matches,omitempty"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
Duration time.Duration `json:"duration"`
}
DetectionResult represents the result of a detection algorithm
type Evidence ¶
type Evidence struct {
Type string `json:"type"`
Description string `json:"description"`
Value interface{} `json:"value"`
Score float64 `json:"score,omitempty"`
}
Evidence represents evidence supporting a threat detection
type ExploitInfo ¶
type ExploitInfo struct {
Type string `json:"type"`
Description string `json:"description"`
URL string `json:"url,omitempty"`
Published time.Time `json:"published"`
Severity string `json:"severity"`
InTheWild bool `json:"in_the_wild"`
}
ExploitInfo contains information about known exploits
type FindingType ¶
type FindingType string
FindingType represents the type of security finding
const ( FindingTypeVulnerability FindingType = "vulnerability" FindingTypeMaliciousPackage FindingType = "malicious_package" FindingTypeTyposquatting FindingType = "typosquatting" FindingTypeDependencyConfusion FindingType = "dependency_confusion" FindingTypeBuildIntegrity FindingType = "build_integrity" FindingTypeLicenseViolation FindingType = "license_violation" FindingTypeOutdatedDependency FindingType = "outdated_dependency" FindingTypeSuspiciousMaintainer FindingType = "suspicious_maintainer" FindingTypeHoneypot FindingType = "honeypot" FindingTypeSupplyChainAttack FindingType = "supply_chain_attack" FindingTypeComplianceViolation FindingType = "compliance_violation" )
type GraphAnalysisAlgorithm ¶
type GraphAnalysisAlgorithm string
GraphAnalysisAlgorithm represents a graph analysis algorithm
const ( AlgorithmShortestPath GraphAnalysisAlgorithm = "shortest_path" AlgorithmCentrality GraphAnalysisAlgorithm = "centrality" AlgorithmCommunityDetection GraphAnalysisAlgorithm = "community_detection" AlgorithmAnomalyDetection GraphAnalysisAlgorithm = "anomaly_detection" AlgorithmRiskPropagation GraphAnalysisAlgorithm = "risk_propagation" )
type GraphAnalysisOptions ¶
type GraphAnalysisOptions struct {
MaxDepth int `json:"max_depth"`
IncludeDev bool `json:"include_dev"`
IncludeOptional bool `json:"include_optional"`
Visualization bool `json:"visualization"`
RiskPropagation bool `json:"risk_propagation"`
}
GraphAnalysisOptions contains options for graph analysis
type GraphAnalysisRequest ¶
type GraphAnalysisRequest struct {
Target string `json:"target" binding:"required"`
Options GraphAnalysisOptions `json:"options"`
Algorithms []GraphAnalysisAlgorithm `json:"algorithms"`
}
GraphAnalysisRequest represents a request for dependency graph analysis
type GraphEdge ¶
type GraphEdge struct {
From string `json:"from"`
To string `json:"to"`
RelationType RelationType `json:"relation_type"`
VersionRange string `json:"version_range,omitempty"`
Scope DependencyScope `json:"scope"`
Optional bool `json:"optional"`
Weight float64 `json:"weight"`
}
GraphEdge represents an edge in the dependency graph
type GraphNode ¶
type GraphNode struct {
ID string `json:"id"`
Package PackageInfo `json:"package"`
RiskScore float64 `json:"risk_score"`
Centrality float64 `json:"centrality"`
Depth int `json:"depth"`
Direct bool `json:"direct"`
Findings []SupplyChainFinding `json:"findings,omitempty"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
GraphNode represents a node in the dependency graph
type GraphStats ¶
type GraphStats struct {
TotalNodes int `json:"total_nodes"`
TotalEdges int `json:"total_edges"`
MaxDepth int `json:"max_depth"`
DirectDeps int `json:"direct_deps"`
TransitiveDeps int `json:"transitive_deps"`
CyclicDeps int `json:"cyclic_deps"`
AverageRisk float64 `json:"average_risk"`
HighRiskNodes int `json:"high_risk_nodes"`
}
GraphStats contains statistics about the dependency graph
type IndicatorOfCompromise ¶
type IndicatorOfCompromise struct {
Type string `json:"type"`
Value string `json:"value"`
Description string `json:"description,omitempty"`
Confidence float64 `json:"confidence"`
FirstSeen time.Time `json:"first_seen"`
LastSeen time.Time `json:"last_seen"`
}
IndicatorOfCompromise represents an IoC
type MLModelInfo ¶
type MLModelInfo struct {
Name string `json:"name"`
Version string `json:"version"`
Type string `json:"type"`
Description string `json:"description,omitempty"`
Accuracy float64 `json:"accuracy,omitempty"`
TrainedAt *time.Time `json:"trained_at,omitempty"`
Active bool `json:"active"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
MLModelInfo represents information about an ML model
type Maintainer ¶
type Maintainer struct {
Name string `json:"name"`
Email string `json:"email,omitempty"`
Username string `json:"username,omitempty"`
URL string `json:"url,omitempty"`
Since time.Time `json:"since,omitempty"`
Role string `json:"role,omitempty"`
Verified bool `json:"verified"`
}
Maintainer represents a package maintainer
type NotificationSettings ¶
type NotificationSettings struct {
EmailEnabled bool `json:"email_enabled"`
SlackEnabled bool `json:"slack_enabled"`
SlackWebhook string `json:"slack_webhook,omitempty"`
WebhookEnabled bool `json:"webhook_enabled"`
WebhookURL string `json:"webhook_url,omitempty"`
NotifyOnHigh bool `json:"notify_on_high"`
NotifyOnMedium bool `json:"notify_on_medium"`
NotifyOnLow bool `json:"notify_on_low"`
}
NotificationSettings contains notification configuration
type Organization ¶
type Organization struct {
ID int `json:"id"`
Name string `json:"name"`
Settings *OrganizationSettings `json:"settings,omitempty"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
Organization represents an organization in the system
type OrganizationSettings ¶
type OrganizationSettings struct {
CustomRegistries []*CustomRegistry `json:"custom_registries,omitempty"`
ScanSettings *ScanSettings `json:"scan_settings,omitempty"`
NotificationSettings *NotificationSettings `json:"notification_settings,omitempty"`
}
OrganizationSettings contains organization-specific settings
type Package ¶
type Package struct {
Name string `json:"name"`
Version string `json:"version"`
Type string `json:"type,omitempty"`
Registry string `json:"registry"`
Threats []Threat `json:"threats,omitempty"`
Warnings []Warning `json:"warnings,omitempty"`
RiskLevel Severity `json:"risk_level"`
RiskScore float64 `json:"risk_score"`
Metadata *PackageMetadata `json:"metadata,omitempty"`
Dependencies []Dependency `json:"dependencies,omitempty"`
AnalyzedAt time.Time `json:"analyzed_at"`
}
Package represents a scanned package with its analysis results
type PackageInfo ¶
type PackageInfo struct {
Name string `json:"name"`
Version string `json:"version"`
Ecosystem string `json:"ecosystem"`
PURL string `json:"purl,omitempty"`
Repository string `json:"repository,omitempty"`
Homepage string `json:"homepage,omitempty"`
License string `json:"license,omitempty"`
Maintainers []Maintainer `json:"maintainers,omitempty"`
Dependencies []SupplyChainDependency `json:"dependencies,omitempty"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
Checksums map[string]string `json:"checksums,omitempty"`
Signatures []Signature `json:"signatures,omitempty"`
}
PackageInfo contains information about a package
type PackageMetadata ¶
type PackageMetadata struct {
Name string `json:"name"`
Version string `json:"version"`
Registry string `json:"registry"`
Description string `json:"description,omitempty"`
Author string `json:"author,omitempty"`
Maintainers []string `json:"maintainers,omitempty"`
Homepage string `json:"homepage,omitempty"`
Repository string `json:"repository,omitempty"`
License string `json:"license,omitempty"`
Keywords []string `json:"keywords,omitempty"`
Downloads int64 `json:"downloads,omitempty"`
PublishedAt *time.Time `json:"published_at,omitempty"`
LastUpdated *time.Time `json:"last_updated,omitempty"`
CreationDate *time.Time `json:"creation_date,omitempty"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
Dependencies []string `json:"dependencies,omitempty"`
HasInstallScript bool `json:"has_install_script"`
FileCount int `json:"file_count,omitempty"`
Size int64 `json:"size,omitempty"`
Checksums map[string]string `json:"checksums,omitempty"`
Tags []string `json:"tags,omitempty"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
PackageMetadata contains metadata about a package
type Policy ¶
type Policy struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description,omitempty"`
Rules []PolicyRule `json:"rules"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
CreatedBy string `json:"created_by"`
Active bool `json:"active"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
Policy represents a security policy
type PolicyAction ¶
type PolicyAction string
PolicyAction represents the action to take when a rule matches
const ( PolicyActionBlock PolicyAction = "block" PolicyActionWarn PolicyAction = "warn" PolicyActionAllow PolicyAction = "allow" PolicyActionIgnore PolicyAction = "ignore" )
type PolicyCondition ¶
type PolicyCondition struct {
Field string `json:"field"`
Operator string `json:"operator"`
Value interface{} `json:"value"`
}
PolicyCondition represents a condition in a policy rule
type PolicyRule ¶
type PolicyRule struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description,omitempty"`
Type PolicyRuleType `json:"type"`
Action PolicyAction `json:"action"`
Conditions []PolicyCondition `json:"conditions"`
Enabled bool `json:"enabled"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
PolicyRule represents a rule within a policy
type PolicyRuleType ¶
type PolicyRuleType string
PolicyRuleType represents the type of policy rule
const ( PolicyRuleTypeBlock PolicyRuleType = "block" PolicyRuleTypeAllow PolicyRuleType = "allow" PolicyRuleTypeWarn PolicyRuleType = "warn" PolicyRuleTypeMonitor PolicyRuleType = "monitor" )
type ProjectScan ¶
type ProjectScan struct {
ID int `json:"id"`
Name string `json:"name"`
Path string `json:"path"`
Type string `json:"type"` // nodejs, python, go, etc.
OrganizationID int `json:"organization_id"`
LastScan *ScanResult `json:"last_scan,omitempty"`
AutoScan bool `json:"auto_scan"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
ProjectScan represents a project that can be scanned
type Recommendation ¶
type Recommendation struct {
ID string `json:"id"`
Type RecommendationType `json:"type"`
Priority RemediationPriority `json:"priority"`
Title string `json:"title"`
Description string `json:"description"`
Actions []RecommendationAction `json:"actions"`
Impact string `json:"impact"`
Effort RemediationEffort `json:"effort"`
References []Reference `json:"references,omitempty"`
}
Recommendation represents a security recommendation
type RecommendationAction ¶
type RecommendationAction struct {
Order int `json:"order"`
Description string `json:"description"`
Command string `json:"command,omitempty"`
Automated bool `json:"automated"`
Required bool `json:"required"`
}
RecommendationAction represents an action within a recommendation
type RecommendationType ¶
type RecommendationType string
RecommendationType represents the type of recommendation
const ( RecommendationTypeUpdate RecommendationType = "update" RecommendationTypeReplace RecommendationType = "replace" RecommendationTypeRemove RecommendationType = "remove" RecommendationTypeConfigure RecommendationType = "configure" RecommendationTypeMonitor RecommendationType = "monitor" RecommendationTypeInvestigate RecommendationType = "investigate" )
type RegistryInfo ¶
type RegistryInfo struct {
Name string `json:"name"`
Type string `json:"type"`
URL string `json:"url"`
Description string `json:"description,omitempty"`
Supported bool `json:"supported"`
Features []string `json:"features,omitempty"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
RegistryInfo represents information about a package registry
type RelationType ¶
type RelationType string
RelationType represents the type of relationship between packages
const ( RelationDependsOn RelationType = "depends_on" RelationDevDep RelationType = "dev_dependency" RelationPeerDep RelationType = "peer_dependency" RelationOptional RelationType = "optional_dependency" RelationBundled RelationType = "bundled_dependency" )
type RemediationAdvice ¶
type RemediationAdvice struct {
Summary string `json:"summary"`
Steps []RemediationStep `json:"steps"`
Alternatives []string `json:"alternatives,omitempty"`
References []Reference `json:"references,omitempty"`
Priority RemediationPriority `json:"priority"`
Effort RemediationEffort `json:"effort"`
Impact string `json:"impact,omitempty"`
}
RemediationAdvice contains remediation advice for findings
type RemediationEffort ¶
type RemediationEffort string
RemediationEffort represents the effort required for remediation
const ( EffortMinimal RemediationEffort = "minimal" EffortLow RemediationEffort = "low" EffortMedium RemediationEffort = "medium" EffortHigh RemediationEffort = "high" EffortExtensive RemediationEffort = "extensive" )
type RemediationPriority ¶
type RemediationPriority string
RemediationPriority represents the priority of remediation
const ( PriorityImmediate RemediationPriority = "immediate" PriorityHigh RemediationPriority = "high" PriorityMedium RemediationPriority = "medium" PriorityLow RemediationPriority = "low" )
type RemediationStep ¶
type RemediationStep struct {
Order int `json:"order"`
Description string `json:"description"`
Command string `json:"command,omitempty"`
Automated bool `json:"automated"`
}
RemediationStep represents a step in remediation
type ReputationScore ¶
type ReputationScore struct {
Score float64 `json:"score"`
TrustLevel TrustLevel `json:"trust_level"`
Factors []string `json:"factors,omitempty"`
Timestamp time.Time `json:"timestamp"`
}
ReputationScore represents the reputation score of a package
type ScanMetadata ¶
type ScanMetadata struct {
ScannerVersion string `json:"scanner_version"`
RulesVersion string `json:"rules_version"`
DatabaseVersion string `json:"database_version"`
ScanOptions SupplyChainScanOptions `json:"scan_options"`
Environment map[string]string `json:"environment,omitempty"`
Statistics ScanStatistics `json:"statistics"`
}
ScanMetadata contains metadata about the scan
type ScanRequest ¶
type ScanRequest struct {
ID string `json:"id"`
UserID string `json:"user_id,omitempty"`
OrganizationID string `json:"organization_id,omitempty"`
Path string `json:"path,omitempty"`
Dependencies []Dependency `json:"dependencies,omitempty"`
Options ScanRequestOptions `json:"options"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
CreatedAt time.Time `json:"created_at"`
StartedAt *time.Time `json:"started_at,omitempty"`
CompletedAt *time.Time `json:"completed_at,omitempty"`
ErrorMessage *string `json:"error_message,omitempty"`
Status ScanStatus `json:"status"`
}
ScanRequest represents a scan request
type ScanRequestOptions ¶
type ScanRequestOptions struct {
DeepAnalysis bool `json:"deep_analysis"`
IncludeDevDependencies bool `json:"include_dev_dependencies"`
SimilarityThreshold float64 `json:"similarity_threshold"`
ExcludePackages []string `json:"exclude_packages,omitempty"`
Registries []string `json:"registries,omitempty"`
PolicyID string `json:"policy_id,omitempty"`
}
ScanRequestOptions contains options for a scan request
type ScanResponse ¶
type ScanResponse struct {
ID string `json:"id"`
ScanID string `json:"scan_id"`
PackageName string `json:"package_name"`
PackageVersion string `json:"package_version"`
Registry string `json:"registry"`
Status ScanStatus `json:"status"`
Progress float64 `json:"progress"` // 0.0 to 1.0
StartedAt time.Time `json:"started_at"`
CompletedAt *time.Time `json:"completed_at,omitempty"`
Duration *time.Duration `json:"duration,omitempty"`
Threats []Threat `json:"threats,omitempty"`
Warnings []Warning `json:"warnings,omitempty"`
Summary *ScanSummary `json:"summary,omitempty"`
Error string `json:"error,omitempty"`
Timestamp time.Time `json:"timestamp"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
ScanResponse represents a scan response
type ScanResult ¶
type ScanResult struct {
ID string `json:"id"`
ProjectID int `json:"project_id,omitempty"`
PackageID string `json:"package_id,omitempty"`
OrganizationID string `json:"organization_id,omitempty"`
Target string `json:"target"`
Type string `json:"type"`
ScanType string `json:"scan_type,omitempty"`
Status string `json:"status"`
OverallRisk string `json:"overall_risk,omitempty"`
RiskScore float64 `json:"risk_score,omitempty"`
Packages []*Package `json:"packages"`
Findings []interface{} `json:"findings,omitempty"`
Summary *ScanSummary `json:"summary"`
Duration time.Duration `json:"duration"`
ScanDurationMs int64 `json:"scan_duration_ms,omitempty"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
CreatedAt time.Time `json:"created_at"`
Error string `json:"error,omitempty"`
}
ScanResult represents the result of a package scan
type ScanSettings ¶
type ScanSettings struct {
AutoScan bool `json:"auto_scan"`
ScanOnPush bool `json:"scan_on_push"`
ScanSchedule string `json:"scan_schedule"` // cron format
RiskThreshold float64 `json:"risk_threshold"`
IncludeDevDependencies bool `json:"include_dev_dependencies"`
MaxDepth int `json:"max_depth"`
}
ScanSettings contains scan configuration
type ScanStatistics ¶
type ScanStatistics struct {
PackagesScanned int `json:"packages_scanned"`
DependenciesFound int `json:"dependencies_found"`
VulnerabilitiesFound int `json:"vulnerabilities_found"`
ThreatsDetected int `json:"threats_detected"`
FindingsTotal int `json:"findings_total"`
ScanDuration time.Duration `json:"scan_duration"`
CacheHits int `json:"cache_hits"`
CacheMisses int `json:"cache_misses"`
APICallsMade int `json:"api_calls_made"`
ErrorsEncountered int `json:"errors_encountered"`
}
ScanStatistics contains scan statistics
type ScanStatus ¶
type ScanStatus string
ScanStatus represents the status of a scan
const ( ScanStatusPending ScanStatus = "pending" ScanStatusRunning ScanStatus = "running" ScanStatusCompleted ScanStatus = "completed" ScanStatusFailed ScanStatus = "failed" ScanStatusCancelled ScanStatus = "cancelled" )
type ScanSummary ¶
type ScanSummary struct {
TotalPackages int `json:"total_packages"`
ScannedPackages int `json:"scanned_packages"`
CleanPackages int `json:"clean_packages"`
CriticalThreats int `json:"critical_threats"`
HighThreats int `json:"high_threats"`
MediumThreats int `json:"medium_threats"`
LowThreats int `json:"low_threats"`
TotalThreats int `json:"total_threats"`
TotalWarnings int `json:"total_warnings"`
HighestSeverity Severity `json:"highest_severity"`
ThreatsFound int `json:"threats_found"`
RiskDistribution map[string]int `json:"risk_distribution"`
}
ScanSummary provides a summary of scan results
type SensitivityLevel ¶
type SensitivityLevel string
SensitivityLevel defines the sensitivity level for detection
const ( SensitivityLow SensitivityLevel = "low" SensitivityMedium SensitivityLevel = "medium" SensitivityHigh SensitivityLevel = "high" SensitivityCritical SensitivityLevel = "critical" )
type Signature ¶
type Signature struct {
Algorithm string `json:"algorithm"`
Value string `json:"value"`
KeyID string `json:"key_id,omitempty"`
Signer string `json:"signer,omitempty"`
Timestamp time.Time `json:"timestamp"`
Valid bool `json:"valid"`
TrustLevel string `json:"trust_level"`
}
Signature represents a cryptographic signature
type StandardCompliance ¶
type StandardCompliance struct {
Standard string `json:"standard"`
Version string `json:"version"`
Status ComplianceStatus `json:"status"`
Score float64 `json:"score"`
Controls []ControlResult `json:"controls"`
LastChecked time.Time `json:"last_checked"`
}
StandardCompliance represents compliance with a specific standard
type SupplyChainDependency ¶
type SupplyChainDependency struct {
Dependency // Embed the existing Dependency type
VersionRange string `json:"version_range,omitempty"`
Ecosystem string `json:"ecosystem"`
Scope DependencyScope `json:"scope"`
Optional bool `json:"optional"`
Depth int `json:"depth"`
PURL string `json:"purl,omitempty"`
License string `json:"license,omitempty"`
RiskScore float64 `json:"risk_score"`
}
SupplyChainDependency extends the base Dependency type with supply chain specific fields
type SupplyChainEvidence ¶
type SupplyChainEvidence struct {
Evidence // Embed the existing Evidence type
Data map[string]interface{} `json:"data,omitempty"`
Source string `json:"source"`
Timestamp time.Time `json:"timestamp"`
Confidence float64 `json:"confidence"`
}
SupplyChainEvidence extends the base Evidence type with supply chain specific fields
type SupplyChainFinding ¶
type SupplyChainFinding struct {
ID string `json:"id"`
Type FindingType `json:"type"`
Severity RiskLevel `json:"severity"`
Title string `json:"title"`
Description string `json:"description"`
Package PackageInfo `json:"package"`
Vulnerability *VulnerabilityInfo `json:"vulnerability,omitempty"`
ThreatIntel *ThreatIntelInfo `json:"threat_intel,omitempty"`
BuildIntegrity *BuildIntegrityInfo `json:"build_integrity,omitempty"`
Evidence []SupplyChainEvidence `json:"evidence"`
Remediation RemediationAdvice `json:"remediation"`
CVSS *CVSSScore `json:"cvss,omitempty"`
CWE []string `json:"cwe,omitempty"`
References []Reference `json:"references"`
FirstSeen time.Time `json:"first_seen"`
LastUpdated time.Time `json:"last_updated"`
Confidence float64 `json:"confidence"`
FalsePositive bool `json:"false_positive"`
}
SupplyChainFinding represents a security finding in the supply chain
type SupplyChainScanOptions ¶
type SupplyChainScanOptions struct {
DeepAnalysis bool `json:"deep_analysis"`
IncludeDev bool `json:"include_dev"`
MaxDepth int `json:"max_depth"`
ThreatIntelEnabled bool `json:"threat_intel_enabled"`
BuildIntegrity bool `json:"build_integrity"`
GraphAnalysis bool `json:"graph_analysis"`
HoneypotDetection bool `json:"honeypot_detection"`
ComplianceCheck bool `json:"compliance_check"`
SensitivityLevel SensitivityLevel `json:"sensitivity_level"`
CustomRules []CustomDetectionRule `json:"custom_rules,omitempty"`
ExcludePatterns []string `json:"exclude_patterns,omitempty"`
Timeout time.Duration `json:"timeout"`
}
SupplyChainScanOptions contains options for supply chain scanning
type SupplyChainScanRequest ¶
type SupplyChainScanRequest struct {
Target string `json:"target" binding:"required"`
ScanType SupplyChainScanType `json:"scan_type"`
Options SupplyChainScanOptions `json:"options"`
CallbackURL string `json:"callback_url,omitempty"`
}
SupplyChainScanRequest represents a request for supply chain security scanning
type SupplyChainScanResult ¶
type SupplyChainScanResult struct {
ScanID string `json:"scan_id"`
Target string `json:"target"`
ScanType SupplyChainScanType `json:"scan_type"`
Status ScanStatus `json:"status"`
StartTime time.Time `json:"start_time"`
EndTime *time.Time `json:"end_time,omitempty"`
Duration time.Duration `json:"duration"`
RiskScore float64 `json:"risk_score"`
RiskLevel RiskLevel `json:"risk_level"`
Findings []SupplyChainFinding `json:"findings"`
DependencyGraph *DependencyGraph `json:"dependency_graph,omitempty"`
BuildIntegrity *BuildIntegrityResult `json:"build_integrity,omitempty"`
ThreatIntel *ThreatIntelligenceResult `json:"threat_intel,omitempty"`
Compliance *ComplianceResult `json:"compliance,omitempty"`
Metadata ScanMetadata `json:"metadata"`
Recommendations []Recommendation `json:"recommendations"`
}
SupplyChainScanResult represents the result of a supply chain scan
type SupplyChainScanType ¶
type SupplyChainScanType string
SupplyChainScanType defines the type of supply chain scan
const ( ScanTypeAdvanced SupplyChainScanType = "advanced" ScanTypeBuildIntegrity SupplyChainScanType = "build_integrity" ScanTypeGraphAnalysis SupplyChainScanType = "graph_analysis" ScanTypeThreatIntel SupplyChainScanType = "threat_intel" ScanTypeHoneypot SupplyChainScanType = "honeypot" ScanTypeCompliance SupplyChainScanType = "compliance" )
type Threat ¶
type Threat struct {
ID string `json:"id"`
Package string `json:"package"`
Version string `json:"version,omitempty"`
Registry string `json:"registry"`
Type ThreatType `json:"type"`
Severity Severity `json:"severity"`
Confidence float64 `json:"confidence"` // 0.0 to 1.0
Description string `json:"description"`
SimilarTo string `json:"similar_to,omitempty"`
Recommendation string `json:"recommendation,omitempty"`
Evidence []Evidence `json:"evidence,omitempty"`
CVEs []string `json:"cves,omitempty"`
References []string `json:"references,omitempty"`
DetectedAt time.Time `json:"detected_at"`
DetectionMethod string `json:"detection_method"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
Threat represents a detected security threat
type ThreatAttribution ¶
type ThreatAttribution struct {
Actor string `json:"actor,omitempty"`
Group string `json:"group,omitempty"`
Campaign string `json:"campaign,omitempty"`
Motivation string `json:"motivation,omitempty"`
Country string `json:"country,omitempty"`
Confidence float64 `json:"confidence"`
Aliases []string `json:"aliases,omitempty"`
}
ThreatAttribution contains threat attribution information
type ThreatEvidence ¶
type ThreatEvidence struct {
Type string `json:"type"`
Description string `json:"description"`
Confidence float64 `json:"confidence"`
Value interface{} `json:"value,omitempty"`
}
ThreatEvidence represents evidence for a specific threat
type ThreatIntelInfo ¶
type ThreatIntelInfo struct {
Source string `json:"source"`
ThreatType string `json:"threat_type"`
Confidence float64 `json:"confidence"`
Severity RiskLevel `json:"severity"`
Description string `json:"description"`
IOCs []IndicatorOfCompromise `json:"iocs,omitempty"`
TTP []ThreatTactic `json:"ttp,omitempty"`
Attribution *ThreatAttribution `json:"attribution,omitempty"`
FirstSeen time.Time `json:"first_seen"`
LastSeen time.Time `json:"last_seen"`
Active bool `json:"active"`
}
ThreatIntelInfo contains threat intelligence information
type ThreatIntelOptions ¶
type ThreatIntelOptions struct {
IncludeIOCs bool `json:"include_iocs"`
IncludeAttribution bool `json:"include_attribution"`
MaxAge time.Duration `json:"max_age"`
MinConfidence float64 `json:"min_confidence"`
ActiveOnly bool `json:"active_only"`
}
ThreatIntelOptions contains options for threat intelligence queries
type ThreatIntelRequest ¶
type ThreatIntelRequest struct {
Target string `json:"target" binding:"required"`
Sources []string `json:"sources,omitempty"`
Options ThreatIntelOptions `json:"options"`
}
ThreatIntelRequest represents a request for threat intelligence
type ThreatIntelligenceResult ¶
type ThreatIntelligenceResult struct {
OverallRisk RiskLevel `json:"overall_risk"`
ThreatScore float64 `json:"threat_score"`
Threats []ThreatIntelInfo `json:"threats"`
IOCs []IndicatorOfCompromise `json:"iocs"`
Attribution []ThreatAttribution `json:"attribution,omitempty"`
Recommendations []Recommendation `json:"recommendations"`
Sources []string `json:"sources"`
LastUpdated time.Time `json:"last_updated"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
ThreatIntelligenceResult contains threat intelligence results
type ThreatTactic ¶
type ThreatTactic struct {
Tactic string `json:"tactic"`
Technique string `json:"technique"`
Procedure string `json:"procedure,omitempty"`
MITREID string `json:"mitre_id,omitempty"`
Description string `json:"description"`
}
ThreatTactic represents threat tactics, techniques, and procedures
type ThreatType ¶
type ThreatType string
ThreatType represents the type of security threat
const ( ThreatTypeTyposquatting ThreatType = "typosquatting" ThreatTypeDependencyConfusion ThreatType = "dependency_confusion" ThreatTypeMaliciousPackage ThreatType = "malicious_package" ThreatTypeHomoglyph ThreatType = "homoglyph" ThreatTypeReputationRisk ThreatType = "reputation_risk" ThreatTypeSemanticSimilarity ThreatType = "semantic_similarity" ThreatTypeSupplyChainRisk ThreatType = "supply_chain_risk" ThreatTypeUnknownPackage ThreatType = "unknown_package" ThreatTypeLowReputation ThreatType = "low_reputation" ThreatTypeMalicious ThreatType = "malicious" ThreatTypeVulnerable ThreatType = "vulnerable" ThreatTypeSuspicious ThreatType = "suspicious" ThreatTypeCommunityFlag ThreatType = "community_flag" ThreatTypeZeroDay ThreatType = "zero_day" ThreatTypeSupplyChain ThreatType = "supply_chain" ThreatTypeEnterprisePolicy ThreatType = "enterprise_policy" )
type TrustLevel ¶
type TrustLevel string
TrustLevel represents the trust level of a package
const ( TrustLevelVeryLow TrustLevel = "very_low" TrustLevelLow TrustLevel = "low" TrustLevelMedium TrustLevel = "medium" TrustLevelHigh TrustLevel = "high" )
type User ¶
type User struct {
ID int `json:"id"`
Username string `json:"username"`
Email string `json:"email"`
Role string `json:"role"`
OrganizationID int `json:"organization_id"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
User represents a user in the system
type VersionEvent ¶
type VersionEvent struct {
Introduced string `json:"introduced,omitempty"`
Fixed string `json:"fixed,omitempty"`
LastAffected string `json:"last_affected,omitempty"`
Limit string `json:"limit,omitempty"`
}
VersionEvent represents a version event (introduced, fixed, etc.)
type VersionRange ¶
type VersionRange struct {
Type string `json:"type"` // ECOSYSTEM, SEMVER, GIT
Repo string `json:"repo,omitempty"`
Events []VersionEvent `json:"events"`
}
VersionRange represents a range of affected versions
type Vulnerability ¶
type Vulnerability struct {
ID string `json:"id"`
CVE string `json:"cve,omitempty"`
Title string `json:"title"`
Description string `json:"description"`
Severity Severity `json:"severity"`
CVSS string `json:"cvss,omitempty"` // CVSS vector string or score
CVSSScore float64 `json:"cvss_score,omitempty"`
Package string `json:"package"`
Versions []string `json:"versions,omitempty"`
AffectedPackages []AffectedPackage `json:"affected_packages,omitempty"`
References []string `json:"references,omitempty"`
Aliases []string `json:"aliases,omitempty"` // Alternative IDs (CVE, GHSA, etc.)
Published string `json:"published,omitempty"` // Published date as string
Modified string `json:"modified,omitempty"` // Modified date as string
PublishedAt time.Time `json:"published_at,omitempty"`
UpdatedAt time.Time `json:"updated_at,omitempty"`
Withdrawn string `json:"withdrawn,omitempty"` // Withdrawn date if applicable
Source string `json:"source,omitempty"` // Source database (OSV, GitHub, NVD)
DatabaseSpecific map[string]interface{} `json:"database_specific,omitempty"` // Database-specific fields
EcosystemSpecific map[string]interface{} `json:"ecosystem_specific,omitempty"` // Ecosystem-specific fields
Credits []VulnerabilityCredit `json:"credits,omitempty"` // Credits for discovery/reporting
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
Vulnerability represents a security vulnerability
type VulnerabilityCredit ¶
type VulnerabilityCredit struct {
Name string `json:"name"`
Contact []string `json:"contact,omitempty"`
Type string `json:"type,omitempty"` // finder, reporter, analyst, coordinator, remediation_developer, remediation_reviewer, remediation_verifier, tool, sponsor, other
}
VulnerabilityCredit represents credit for vulnerability discovery/reporting
type VulnerabilityDatabase ¶
type VulnerabilityDatabase interface {
CheckVulnerabilities(pkg *Package) ([]*Vulnerability, error)
GetVulnerabilityByID(id string) (*Vulnerability, error)
SearchVulnerabilities(query string) ([]*Vulnerability, error)
}
VulnerabilityDatabase interface for vulnerability database implementations
type VulnerabilityDatabaseConfig ¶
type VulnerabilityDatabaseConfig struct {
Type string `json:"type"` // osv, github, nvd
Enabled bool `json:"enabled"`
APIKey string `json:"api_key,omitempty"`
BaseURL string `json:"base_url,omitempty"`
Timeout time.Duration `json:"timeout,omitempty"`
Options map[string]interface{} `json:"options,omitempty"`
}
VulnerabilityDatabaseConfig represents configuration for vulnerability databases
type VulnerabilityInfo ¶
type VulnerabilityInfo struct {
CVE string `json:"cve,omitempty"`
GHSA string `json:"ghsa,omitempty"`
OSV string `json:"osv,omitempty"`
Title string `json:"title"`
Description string `json:"description"`
Severity RiskLevel `json:"severity"`
CVSS *CVSSScore `json:"cvss,omitempty"`
CWE []string `json:"cwe,omitempty"`
Affected []AffectedVersion `json:"affected"`
Fixed []string `json:"fixed,omitempty"`
Patched []string `json:"patched,omitempty"`
Published time.Time `json:"published"`
Modified time.Time `json:"modified"`
Withdrawn *time.Time `json:"withdrawn,omitempty"`
References []Reference `json:"references"`
Credits []Credit `json:"credits,omitempty"`
Exploits []ExploitInfo `json:"exploits,omitempty"`
}
VulnerabilityInfo contains detailed vulnerability information
type Warning ¶
type Warning struct {
ID string `json:"id"`
Package string `json:"package"`
Version string `json:"version,omitempty"`
Registry string `json:"registry"`
Type string `json:"type"`
Message string `json:"message"`
Suggestion string `json:"suggestion,omitempty"`
DetectedAt time.Time `json:"detected_at"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
Warning represents a non-critical security warning
Source Files
Click to show internal directories.
Click to hide internal directories.