Documentation
¶
Index ¶
- Constants
- func ApplyAgentActionBOMFocus(summary *Summary, focusPathID string) error
- func ApplyFocusPreset(summary *Summary, raw string) error
- func BuildPairID(summary Summary, pairedProfile ShareProfile) string
- func FocusPresetUsage() string
- func IsAgentActionBOMFocusError(err error) bool
- func IsComplianceSummaryError(err error) bool
- func MCPVisibilityWarnings(findings []source.Finding) []string
- func MarkdownLines(markdown string) []string
- func PairedArtifactPath(path string, suffix string) string
- func PublicSanitizeFindings(in []risk.ScoredFinding) []risk.ScoredFinding
- func RenderBacklogCSV(backlog *controlbacklog.Backlog) ([]byte, error)
- func RenderCampaignPublicMarkdown(artifact CampaignArtifact) string
- func RenderEvidenceBundleJSON(summary Summary) ([]byte, error)
- func RenderMarkdown(summary Summary) string
- func ResolveGeneratedAtForCLI(snapshot state.Snapshot, generatedAt time.Time) time.Time
- func SanitizeFindings(in []risk.ScoredFinding, config RedactionConfig) []risk.ScoredFinding
- func SelectTopFindings(report risk.Report, requested int) []risk.ScoredFinding
- func ValidateBuyerArtifactTexts(input BuyerArtifactQAInput) error
- type ActionSurfaceRegistryEntry
- type ActivationItem
- type ActivationSummary
- type AgentActionBOM
- type AgentActionBOMGraphRefs
- type AgentActionBOMItem
- type AgentActionBOMPrimaryPathMap
- type AgentActionBOMPrimaryView
- type AgentActionBOMReachability
- type AgentActionBOMSummary
- type ArtifactJoinEntry
- type ArtifactJoinMap
- type ArtifactMetadata
- type AssessmentSummary
- type AttackPathSummary
- type BuildInput
- type BuyerArtifactPathEvidence
- type BuyerArtifactQAInput
- type CampaignArtifact
- type CampaignDetector
- type CampaignMethodology
- type CampaignMetrics
- type CampaignOptions
- type CampaignScanInput
- type CampaignScanResult
- type CampaignSegmentBucket
- type CampaignSegments
- type ChecklistItem
- type ControlProofStatus
- type DeltaMetric
- type DeltaSummary
- type EvidenceBundle
- type FocusPreset
- type FocusView
- type Headline
- type LifecycleSummary
- type LifecycleTransition
- type MCPCandidate
- type MCPList
- type MCPListOptions
- type MCPListRow
- type MCPMissDiagnostic
- type Methodology
- type ProofReference
- type PublicSurfaceAssessment
- type PublicSurfaceEntry
- type PublicSurfaceLabelCounts
- type ReasonGroup
- type RecentPRReview
- type RecentPRReviewItem
- type RecentPRReviewOptions
- type RecordTypeCount
- type RedactionConfig
- type RedactionField
- type RegressSummary
- type RiskItem
- type ScanScopeSummary
- type Section
- type SegmentMetadata
- type ShareProfile
- type ShareProfileMetadata
- type Summary
- type Template
- type WorkflowHighlight
- type WorkflowHighlights
Constants ¶
View Source
const ( ArtifactVariantInternal = "internal" ArtifactVariantCustomerRedacted = "customer_redacted" )
View Source
const ( BoundaryLabelDiscoveryOnly = "discovery_only" BoundaryLabelReportOnly = "report_only" BoundaryLabelApprovalCapable = "approval_capable" BoundaryLabelEnforcementCapable = "enforcement_capable" )
View Source
const ( MCPTrustTrusted = "trusted" MCPTrustBlocked = "blocked" MCPTrustUnreviewed = "unreviewed" )
View Source
const ( AgentActionBOMPrimarySelectionDefaultTopPath = "default_top_path" AgentActionBOMPrimarySelectionExplicitFocusPath = "explicit_focus_path" )
View Source
const ( SectionHeadline = "headline_posture" SectionMethodology = "methodology" SectionTopRisks = "top_prioritized_risks" SectionChanges = "change_since_previous" SectionLifecycle = "lifecycle_actions" SectionProof = "proof_verification_footer" SectionNextAction = "next_actions" )
View Source
const AgentActionBOMSchemaVersion = "v1"
View Source
const SummaryVersion = "v1"
Variables ¶
This section is empty.
Functions ¶
func ApplyAgentActionBOMFocus ¶ added in v1.6.0
ApplyAgentActionBOMFocus updates the buyer-facing primary view to the requested path.
func ApplyFocusPreset ¶ added in v1.6.0
func BuildPairID ¶ added in v1.6.0
func BuildPairID(summary Summary, pairedProfile ShareProfile) string
func FocusPresetUsage ¶ added in v1.6.0
func FocusPresetUsage() string
func IsAgentActionBOMFocusError ¶ added in v1.6.0
func IsComplianceSummaryError ¶ added in v1.0.8
func MCPVisibilityWarnings ¶ added in v1.0.8
func MarkdownLines ¶
func PairedArtifactPath ¶ added in v1.6.0
func PublicSanitizeFindings ¶
func PublicSanitizeFindings(in []risk.ScoredFinding) []risk.ScoredFinding
func RenderBacklogCSV ¶ added in v1.2.0
func RenderBacklogCSV(backlog *controlbacklog.Backlog) ([]byte, error)
func RenderCampaignPublicMarkdown ¶ added in v1.0.2
func RenderCampaignPublicMarkdown(artifact CampaignArtifact) string
func RenderEvidenceBundleJSON ¶ added in v1.2.0
func RenderMarkdown ¶
func ResolveGeneratedAtForCLI ¶ added in v1.0.8
func SanitizeFindings ¶ added in v1.5.0
func SanitizeFindings(in []risk.ScoredFinding, config RedactionConfig) []risk.ScoredFinding
func SelectTopFindings ¶
func SelectTopFindings(report risk.Report, requested int) []risk.ScoredFinding
func ValidateBuyerArtifactTexts ¶ added in v1.6.0
func ValidateBuyerArtifactTexts(input BuyerArtifactQAInput) error
Types ¶
type ActionSurfaceRegistryEntry ¶ added in v1.5.0
type ActionSurfaceRegistryEntry struct {
RegistryID string `json:"registry_id"`
SurfaceType string `json:"surface_type,omitempty"`
Org string `json:"org"`
Repo string `json:"repo"`
ToolType string `json:"tool_type"`
ToolInstanceID string `json:"tool_instance_id,omitempty"`
Location string `json:"location,omitempty"`
Label string `json:"label,omitempty"`
Owner string `json:"owner,omitempty"`
OwnerSource string `json:"owner_source,omitempty"`
Purpose string `json:"purpose,omitempty"`
PurposeSource string `json:"purpose_source,omitempty"`
PurposeConfidence string `json:"purpose_confidence,omitempty"`
Version string `json:"version,omitempty"`
VersionSource string `json:"version_source,omitempty"`
ConfigFingerprint string `json:"config_fingerprint,omitempty"`
ConfigSource string `json:"config_source,omitempty"`
Credentials []*agginventory.CredentialProvenance `json:"credentials,omitempty"`
CredentialAuthority *agginventory.CredentialAuthority `json:"credential_authority,omitempty"`
ReachableActions []string `json:"reachable_actions,omitempty"`
MutableEndpointSemantics []agginventory.MutableEndpointSemantic `json:"mutable_endpoint_semantics,omitempty"`
ConfidenceLane string `json:"confidence_lane,omitempty"`
ProofStatus string `json:"proof_status,omitempty"`
Remediation string `json:"remediation,omitempty"`
PathIDs []string `json:"path_ids,omitempty"`
ActionPathCount int `json:"action_path_count"`
GraphRefs AgentActionBOMGraphRefs `json:"graph_refs,omitempty"`
}
func BuildActionSurfaceRegistry ¶ added in v1.5.0
func BuildActionSurfaceRegistry(summary Summary) []ActionSurfaceRegistryEntry
type ActivationItem ¶ added in v1.0.9
type ActivationItem struct {
Rank int `json:"rank"`
RiskScore float64 `json:"risk_score"`
FindingType string `json:"finding_type"`
ToolType string `json:"tool_type"`
Severity string `json:"severity"`
Location string `json:"location"`
Repo string `json:"repo"`
NextStep string `json:"next_step"`
ItemClass string `json:"item_class,omitempty"`
WriteCapable bool `json:"write_capable,omitempty"`
ProductionWrite bool `json:"production_write,omitempty"`
ApprovalClassification string `json:"approval_classification,omitempty"`
SecurityVisibilityStatus string `json:"security_visibility_status,omitempty"`
}
type ActivationSummary ¶ added in v1.0.9
type ActivationSummary struct {
TargetMode string `json:"target_mode"`
Message string `json:"message"`
EligibleCount int `json:"eligible_count"`
SuppressedPolicyItems bool `json:"suppressed_policy_items,omitempty"`
Reason string `json:"reason,omitempty"`
Items []ActivationItem `json:"items"`
}
func BuildActivation ¶ added in v1.0.9
func BuildActivation(targetMode string, ranked []risk.ScoredFinding, inventory *agginventory.Inventory, actionPaths []risk.ActionPath, limit int) *ActivationSummary
BuildActivation projects a first-value view for local-machine scans without mutating raw risk ranking.
type AgentActionBOM ¶ added in v1.3.0
type AgentActionBOM struct {
BOMID string `json:"bom_id"`
SchemaVersion string `json:"schema_version"`
GeneratedAt string `json:"generated_at"`
Summary AgentActionBOMSummary `json:"summary"`
ScanQuality *scanquality.Report `json:"scan_quality,omitempty"`
Items []AgentActionBOMItem `json:"items,omitempty"`
GraphRefs AgentActionBOMGraphRefs `json:"graph_refs,omitempty"`
EvidenceRefs []string `json:"evidence_refs,omitempty"`
ProofRefs []string `json:"proof_refs,omitempty"`
}
func BuildAgentActionBOM ¶ added in v1.3.0
func BuildAgentActionBOM(summary Summary) *AgentActionBOM
type AgentActionBOMGraphRefs ¶ added in v1.3.0
type AgentActionBOMItem ¶ added in v1.3.0
type AgentActionBOMItem struct {
PathID string `json:"path_id"`
AgentID string `json:"agent_id,omitempty"`
ToolFamilyID string `json:"tool_family_id,omitempty"`
ToolInstanceID string `json:"tool_instance_id,omitempty"`
Org string `json:"org"`
Repo string `json:"repo"`
ToolType string `json:"tool_type"`
Location string `json:"location,omitempty"`
Purpose string `json:"purpose,omitempty"`
PurposeSource string `json:"purpose_source,omitempty"`
PurposeConfidence string `json:"purpose_confidence,omitempty"`
Version string `json:"version,omitempty"`
VersionSource string `json:"version_source,omitempty"`
ConfigFingerprint string `json:"config_fingerprint,omitempty"`
ConfigSource string `json:"config_source,omitempty"`
Owner string `json:"owner,omitempty"`
OwnerSource string `json:"owner_source,omitempty"`
OwnershipStatus string `json:"ownership_status,omitempty"`
OwnershipState string `json:"ownership_state,omitempty"`
EvidenceDecisions []evidencepolicy.Decision `json:"evidence_decisions,omitempty"`
Contradictions []evidencepolicy.Contradiction `json:"contradictions,omitempty"`
ControlResolutionState string `json:"control_resolution_state,omitempty"`
BoundaryLabel string `json:"boundary_label,omitempty"`
ControlResolutionReasons []string `json:"control_resolution_reasons,omitempty"`
ControlEvidenceRefs []string `json:"control_evidence_refs,omitempty"`
ConstraintEvidenceClasses []string `json:"constraint_evidence_classes,omitempty"`
ConstraintEvidenceRefs []string `json:"constraint_evidence_refs,omitempty"`
ApprovalEvidenceState string `json:"approval_evidence_state,omitempty"`
OwnerEvidenceState string `json:"owner_evidence_state,omitempty"`
ProofEvidenceState string `json:"proof_evidence_state,omitempty"`
RuntimeEvidenceState string `json:"runtime_evidence_state,omitempty"`
TargetEvidenceState string `json:"target_evidence_state,omitempty"`
CredentialEvidenceState string `json:"credential_evidence_state,omitempty"`
TargetClass string `json:"target_class,omitempty"`
TargetClassReasons []string `json:"target_class_reasons,omitempty"`
TargetClassEvidenceRefs []string `json:"target_class_evidence_refs,omitempty"`
ActionPathType string `json:"action_path_type,omitempty"`
ActionPathTypeReasons []string `json:"action_path_type_reasons,omitempty"`
ActionPathTypeEvidenceRefs []string `json:"action_path_type_evidence_refs,omitempty"`
CredentialAccess bool `json:"credential_access"`
Credentials []*agginventory.CredentialProvenance `json:"credentials,omitempty"`
CredentialProvenance *agginventory.CredentialProvenance `json:"credential_provenance,omitempty"`
CredentialAuthority *agginventory.CredentialAuthority `json:"credential_authority,omitempty"`
AuthorityBindings []*agginventory.AuthorityBinding `json:"authority_bindings,omitempty"`
PathContext *agginventory.PathContext `json:"path_context,omitempty"`
StandingPrivilege bool `json:"standing_privilege,omitempty"`
StandingPrivilegeReasons []string `json:"standing_privilege_reasons,omitempty"`
ControlState string `json:"control_state,omitempty"`
ControlStateReasons []string `json:"control_state_reasons,omitempty"`
RiskZone string `json:"risk_zone,omitempty"`
RiskZoneReasons []string `json:"risk_zone_reasons,omitempty"`
ReviewBurden string `json:"review_burden,omitempty"`
ReviewBurdenReasons []string `json:"review_burden_reasons,omitempty"`
ConfidenceLane string `json:"confidence_lane,omitempty"`
ConfidenceLaneReasons []string `json:"confidence_lane_reasons,omitempty"`
AutonomyTier string `json:"autonomy_tier,omitempty"`
AutonomyTierReasons []string `json:"autonomy_tier_reasons,omitempty"`
AutonomyTierEvidenceRefs []string `json:"autonomy_tier_evidence_refs,omitempty"`
DelegationReadinessState string `json:"delegation_readiness_state,omitempty"`
DelegationReadinessReasons []string `json:"delegation_readiness_reasons,omitempty"`
RecommendedControl string `json:"recommended_control,omitempty"`
RecommendedControlReasons []string `json:"recommended_control_reasons,omitempty"`
RiskClassificationValidationReasons []string `json:"risk_classification_validation_reasons,omitempty"`
RiskClassificationValidationRefs []string `json:"risk_classification_validation_refs,omitempty"`
RecommendedActionContract *risk.RecommendedActionContract `json:"recommended_action_contract,omitempty"`
TodayPath *risk.GovernedPathView `json:"today_path,omitempty"`
RecommendedGovernedPath *risk.GovernedPathView `json:"recommended_governed_path,omitempty"`
HighStakesPresets []risk.HighStakesPreset `json:"high_stakes_presets,omitempty"`
ProductionContext *risk.ProductionContext `json:"production_context,omitempty"`
EvidencePacketStatus string `json:"evidence_packet_status,omitempty"`
EvidencePacketResult string `json:"evidence_packet_result,omitempty"`
EvidencePacketMissingEvidenceState string `json:"evidence_packet_missing_evidence_state,omitempty"`
EvidencePacketRefs []string `json:"evidence_packet_refs,omitempty"`
ActionClasses []string `json:"action_classes,omitempty"`
ActionReasons []string `json:"action_reasons,omitempty"`
MutableEndpointSemantics []agginventory.MutableEndpointSemantic `json:"mutable_endpoint_semantics,omitempty"`
ProductionWrite bool `json:"production_write,omitempty"`
ProductionTargetStatus string `json:"production_target_status,omitempty"`
MatchedProductionTargets []string `json:"matched_production_targets,omitempty"`
ApprovalGap bool `json:"approval_gap"`
ApprovalGapReasons []string `json:"approval_gap_reasons,omitempty"`
PolicyStatus string `json:"policy_status,omitempty"`
PolicyRefs []string `json:"policy_refs,omitempty"`
PolicyMissingReasons []string `json:"policy_missing_reasons,omitempty"`
PolicyStatusReasons []string `json:"policy_status_reasons,omitempty"`
PolicyConfidence string `json:"policy_confidence,omitempty"`
PolicyEvidenceRefs []string `json:"policy_evidence_refs,omitempty"`
ProofCoverage string `json:"proof_coverage,omitempty"`
ProofRefs []string `json:"proof_refs,omitempty"`
RuntimeSessionStatus string `json:"runtime_session_status,omitempty"`
RuntimeSessionRefs []string `json:"runtime_session_refs,omitempty"`
ObservedSessionActions []string `json:"observed_session_actions,omitempty"`
ObservedChangedFiles []string `json:"observed_changed_files,omitempty"`
RuntimeEvidenceStatus string `json:"runtime_evidence_status,omitempty"`
RuntimeEvidenceAbsenceStatus string `json:"runtime_evidence_absence_status,omitempty"`
RuntimeEvidenceClasses []string `json:"runtime_evidence_classes,omitempty"`
RuntimeEvidenceRefs []string `json:"runtime_evidence_refs,omitempty"`
GaitCoverage *risk.GaitCoverage `json:"gait_coverage,omitempty"`
Confidence string `json:"confidence,omitempty"`
EvidenceStrength string `json:"evidence_strength,omitempty"`
InventoryRisk string `json:"inventory_risk,omitempty"`
ControlPriority string `json:"control_priority,omitempty"`
RiskTier string `json:"risk_tier,omitempty"`
RecommendedNextAction string `json:"recommended_next_action,omitempty"`
Queue string `json:"queue,omitempty"`
FindingVisibility string `json:"finding_visibility,omitempty"`
Remediation string `json:"remediation,omitempty"`
ClosureRequirements []risk.ClosureRequirement `json:"closure_requirements,omitempty"`
EvidenceCompleteness *risk.EvidenceCompleteness `json:"evidence_completeness,omitempty"`
GovernanceDisposition *controlbacklog.GovernanceDisposition `json:"governance_disposition,omitempty"`
LifecycleQueue *governancequeue.Item `json:"lifecycle_queue,omitempty"`
AttackPathRefs []string `json:"attack_path_refs,omitempty"`
SourceFindingKeys []string `json:"source_finding_keys,omitempty"`
WorkflowChainRefs []string `json:"workflow_chain_refs,omitempty"`
ExclusionReason string `json:"exclusion_reason,omitempty"`
GraphRefs AgentActionBOMGraphRefs `json:"graph_refs,omitempty"`
EvidenceRefs []string `json:"evidence_refs,omitempty"`
Reachability []AgentActionBOMReachability `json:"reachability,omitempty"`
ReachableServers []AgentActionBOMReachability `json:"reachable_servers,omitempty"`
ReachableTools []AgentActionBOMReachability `json:"reachable_tools,omitempty"`
ReachableEndpoints []AgentActionBOMReachability `json:"reachable_endpoints,omitempty"`
ReachableTargets []AgentActionBOMReachability `json:"reachable_targets,omitempty"`
ReachableAPIs []AgentActionBOMReachability `json:"reachable_apis,omitempty"`
ReachableAgents []AgentActionBOMReachability `json:"reachable_agents,omitempty"`
IntroducedBy *attribution.Result `json:"introduced_by,omitempty"`
ActionLineage *risk.ActionLineage `json:"action_lineage,omitempty"`
}
type AgentActionBOMPrimaryPathMap ¶ added in v1.6.0
type AgentActionBOMPrimaryView ¶ added in v1.6.0
type AgentActionBOMPrimaryView struct {
PathID string `json:"path_id"`
SelectionReason string `json:"selection_reason"`
PathMap AgentActionBOMPrimaryPathMap `json:"path_map"`
ControlResolutionState string `json:"control_resolution_state,omitempty"`
BoundaryLabel string `json:"boundary_label,omitempty"`
ApprovalEvidenceState string `json:"approval_evidence_state,omitempty"`
OwnerEvidenceState string `json:"owner_evidence_state,omitempty"`
ProofEvidenceState string `json:"proof_evidence_state,omitempty"`
RuntimeEvidenceState string `json:"runtime_evidence_state,omitempty"`
TargetEvidenceState string `json:"target_evidence_state,omitempty"`
CredentialEvidenceState string `json:"credential_evidence_state,omitempty"`
AutonomyTier string `json:"autonomy_tier,omitempty"`
DelegationReadinessState string `json:"delegation_readiness_state,omitempty"`
RecommendedControl string `json:"recommended_control,omitempty"`
EvidenceCompletenessLabel string `json:"evidence_completeness_label,omitempty"`
EvidenceCompletenessScore int `json:"evidence_completeness_score,omitempty"`
UnresolvedEvidence []string `json:"unresolved_evidence,omitempty"`
TodayPath *risk.GovernedPathView `json:"today_path,omitempty"`
RecommendedGovernedPath *risk.GovernedPathView `json:"recommended_governed_path,omitempty"`
RecommendedActionContract *risk.RecommendedActionContract `json:"recommended_action_contract,omitempty"`
WorkflowChainRefs []string `json:"workflow_chain_refs,omitempty"`
GraphRefs AgentActionBOMGraphRefs `json:"graph_refs,omitempty"`
ProofRefs []string `json:"proof_refs,omitempty"`
EvidencePacketRefs []string `json:"evidence_packet_refs,omitempty"`
AppendixRefs []string `json:"appendix_refs,omitempty"`
}
type AgentActionBOMReachability ¶ added in v1.3.0
type AgentActionBOMReachability struct {
Surface string `json:"surface"`
Name string `json:"name,omitempty"`
Capabilities []string `json:"capabilities,omitempty"`
TrustDepth *agginventory.TrustDepth `json:"trust_depth,omitempty"`
EvidenceRefs []string `json:"evidence_refs,omitempty"`
}
type AgentActionBOMSummary ¶ added in v1.3.0
type AgentActionBOMSummary struct {
TotalItems int `json:"total_items"`
ControlFirstItems int `json:"control_first_items"`
StandingPrivilegeItems int `json:"standing_privilege_items"`
StaticCredentialItems int `json:"static_credential_items"`
ProductionTargetItems int `json:"production_target_items"`
AcceptedRiskItems int `json:"accepted_risk_items,omitempty"`
LifecycleQueueItems int `json:"lifecycle_queue_items,omitempty"`
ApprovalEvidenceUnknownItems int `json:"approval_evidence_unknown_items,omitempty"`
ControlEvidenceUnknownItems int `json:"control_evidence_unknown_items,omitempty"`
OwnerEvidenceUnknownItems int `json:"owner_evidence_unknown_items,omitempty"`
ProofEvidenceUnknownItems int `json:"proof_evidence_unknown_items,omitempty"`
MissingApprovalItems int `json:"missing_approval_items"`
MissingPolicyItems int `json:"missing_policy_items"`
MissingProofItems int `json:"missing_proof_items"`
RuntimeProvenItems int `json:"runtime_proven_items"`
UnresolvedOwnerItems int `json:"unresolved_owner_items"`
ConfirmedActionPathItems int `json:"confirmed_action_path_items,omitempty"`
LikelyActionPathItems int `json:"likely_action_path_items,omitempty"`
SemanticReviewCandidateItems int `json:"semantic_review_candidate_items,omitempty"`
ContextOnlyItems int `json:"context_only_items,omitempty"`
EmptyStateStatus string `json:"empty_state_status,omitempty"`
EmptyStateReasons []string `json:"empty_state_reasons,omitempty"`
ScanScope *ScanScopeSummary `json:"scan_scope,omitempty"`
SourcePrivacy *sourceprivacy.Contract `json:"source_privacy,omitempty"`
OperationalExposure *scorecore.AxisSummary `json:"operational_exposure,omitempty"`
GovernanceReadiness *scorecore.AxisSummary `json:"governance_readiness,omitempty"`
EvidenceCompleteness *risk.EvidenceCompletenessSummary `json:"evidence_completeness,omitempty"`
ExecutiveRollup *controlbacklog.ExecutiveRollup `json:"executive_rollup,omitempty"`
GovernedUsageMetrics *controlbacklog.GovernedUsageMetrics `json:"governed_usage_metrics,omitempty"`
ScanCoverage *scanquality.CompactCoverageSummary `json:"scan_coverage,omitempty"`
CoverageConfidence string `json:"coverage_confidence,omitempty"`
AutonomyTiers risk.AutonomyTierCounts `json:"autonomy_tiers"`
DelegationReadiness risk.DelegationReadinessCounts `json:"delegation_readiness"`
RecommendedControls risk.RecommendedControlCounts `json:"recommended_controls"`
DriftReview *RegressSummary `json:"drift_review,omitempty"`
PrimaryView *AgentActionBOMPrimaryView `json:"primary_view,omitempty"`
}
type ArtifactJoinEntry ¶ added in v1.6.0
type ArtifactJoinMap ¶ added in v1.6.0
type ArtifactJoinMap struct {
PairID string `json:"pair_id"`
GeneratedAt string `json:"generated_at"`
Entries []ArtifactJoinEntry `json:"entries,omitempty"`
}
func BuildPrivateJoinMap ¶ added in v1.6.0
func BuildPrivateJoinMap(internal Summary, external Summary, pairID string) ArtifactJoinMap
type ArtifactMetadata ¶ added in v1.6.0
type ArtifactMetadata struct {
ArtifactID string `json:"artifact_id"`
PairID string `json:"pair_id,omitempty"`
VariantKind string `json:"variant_kind,omitempty"`
RedactionVersion string `json:"redaction_version,omitempty"`
SelectedFields []string `json:"selected_fields,omitempty"`
SourceArtifactRefs []string `json:"source_artifact_refs,omitempty"`
PrivateJoinMapPath string `json:"private_join_map_path,omitempty"`
}
func BuildArtifactMetadata ¶ added in v1.6.0
type AssessmentSummary ¶ added in v1.1.0
type AssessmentSummary struct {
GovernablePathCount int `json:"governable_path_count"`
WriteCapablePathCount int `json:"write_capable_path_count"`
ProductionBackedPathCount int `json:"production_target_backed_path_count"`
TopPathToControlFirst *risk.ActionPath `json:"top_path_to_control_first,omitempty"`
TopExecutionIdentityBacked *risk.ActionPath `json:"top_execution_identity_backed_path,omitempty"`
OwnerlessExposure *risk.OwnerlessExposure `json:"ownerless_exposure,omitempty"`
IdentityExposureSummary *risk.IdentityExposureSummary `json:"identity_exposure_summary,omitempty"`
IdentityToReviewFirst *risk.IdentityActionTarget `json:"identity_to_review_first,omitempty"`
IdentityToRevokeFirst *risk.IdentityActionTarget `json:"identity_to_revoke_first,omitempty"`
ProofChainPath string `json:"proof_chain_path,omitempty"`
}
type AttackPathSummary ¶ added in v1.0.5
type BuildInput ¶
type BuyerArtifactPathEvidence ¶ added in v1.6.0
type BuyerArtifactQAInput ¶ added in v1.6.0
type BuyerArtifactQAInput struct {
ActionPathTypes []string
PathEvidence []BuyerArtifactPathEvidence
Texts map[string]string
}
type CampaignArtifact ¶ added in v1.0.2
type CampaignArtifact struct {
SchemaVersion string `json:"schema_version"`
GeneratedAt string `json:"generated_at"`
InputGlob string `json:"input_glob,omitempty"`
Methodology CampaignMethodology `json:"methodology"`
Metrics CampaignMetrics `json:"metrics"`
Segments CampaignSegments `json:"segments"`
Scans []CampaignScanResult `json:"scans"`
}
func AggregateCampaign ¶ added in v1.0.2
func AggregateCampaign(inputs []CampaignScanInput, generatedAt time.Time) CampaignArtifact
func AggregateCampaignWithOptions ¶ added in v1.0.2
func AggregateCampaignWithOptions(inputs []CampaignScanInput, generatedAt time.Time, opts CampaignOptions) CampaignArtifact
type CampaignDetector ¶ added in v1.0.2
type CampaignMethodology ¶ added in v1.0.2
type CampaignMethodology struct {
WrkrVersion string `json:"wrkr_version"`
ScanCount int `json:"scan_count"`
RepoCount int `json:"repo_count"`
FileCountProcessed int `json:"file_count_processed"`
Detectors []CampaignDetector `json:"detectors"`
}
type CampaignMetrics ¶ added in v1.0.2
type CampaignMetrics struct {
ReposScanned int `json:"repos_scanned"`
ToolsDetectedTotal int `json:"tools_detected_total"`
WriteCapableTools int `json:"write_capable_tools"`
CredentialAccessTools int `json:"credential_access_tools"`
ExecCapableTools int `json:"exec_capable_tools"`
ApprovedTools int `json:"approved_tools"`
UnapprovedTools int `json:"unapproved_tools"`
UnknownTools int `json:"unknown_tools"`
UnknownToSecurityTools int `json:"unknown_to_security_tools"`
UnknownToSecurityAgents int `json:"unknown_to_security_agents"`
UnknownToSecurityWriteCapableAgents int `json:"unknown_to_security_write_capable_agents"`
SecurityVisibilityReference string `json:"security_visibility_reference"`
ApprovedPercent float64 `json:"approved_percent"`
UnapprovedPercent float64 `json:"unapproved_percent"`
UnknownPercent float64 `json:"unknown_percent"`
UnapprovedPerApproved *float64 `json:"unapproved_per_approved"`
ProductionWriteStatus string `json:"production_write_status"`
ProductionWriteTools *int `json:"production_write_tools"`
}
type CampaignOptions ¶ added in v1.0.2
type CampaignOptions struct {
SegmentMetadata map[string]SegmentMetadata
}
type CampaignScanInput ¶ added in v1.0.2
type CampaignScanInput struct {
Path string
Target source.Target
SourceManifest source.Manifest
Inventory *agginventory.Inventory
PrivilegeBudget agginventory.PrivilegeBudget
Findings []source.Finding
}
type CampaignScanResult ¶ added in v1.0.2
type CampaignScanResult struct {
Path string `json:"path"`
TargetMode string `json:"target_mode"`
TargetValue string `json:"target_value"`
RepoCount int `json:"repo_count"`
ToolsDetected int `json:"tools_detected"`
WriteCapableTools int `json:"write_capable_tools"`
CredentialAccessTool int `json:"credential_access_tools"`
ExecCapableTools int `json:"exec_capable_tools"`
}
type CampaignSegmentBucket ¶ added in v1.0.2
type CampaignSegments ¶ added in v1.0.2
type CampaignSegments struct {
OrgSizeBands []CampaignSegmentBucket `json:"org_size_bands"`
IndustryBands []CampaignSegmentBucket `json:"industry_bands"`
}
type ChecklistItem ¶
type ControlProofStatus ¶ added in v1.3.0
type ControlProofStatus struct {
LinkedActionPathID string `json:"linked_action_path_id,omitempty"`
Repo string `json:"repo,omitempty"`
Path string `json:"path,omitempty"`
ControlID string `json:"control_id"`
BacklogItemID string `json:"backlog_item_id"`
AgentID string `json:"agent_id,omitempty"`
Status string `json:"status"`
ExistingProof []string `json:"existing_proof,omitempty"`
MissingProof []string `json:"missing_proof,omitempty"`
RecordIDs []string `json:"record_ids,omitempty"`
}
func BuildControlProofStatus ¶ added in v1.3.0
func BuildControlProofStatus(snapshot state.Snapshot, chain *proof.Chain) []ControlProofStatus
type DeltaMetric ¶
type DeltaSummary ¶
type DeltaSummary struct {
RiskScoreTrend DeltaMetric `json:"risk_score_trend"`
ProfileComplianceDelta DeltaMetric `json:"profile_compliance_delta"`
PostureScoreTrend DeltaMetric `json:"posture_score_trend_delta"`
}
type EvidenceBundle ¶ added in v1.2.0
type EvidenceBundle struct {
ReportBundleVersion string `json:"report_bundle_version"`
GeneratedAt string `json:"generated_at"`
Template string `json:"template"`
DeploymentMode string `json:"deployment_mode,omitempty"`
ArtifactMetadata *ArtifactMetadata `json:"artifact_metadata,omitempty"`
ControlBacklog *controlbacklog.Backlog `json:"control_backlog,omitempty"`
ExecutiveRollup *controlbacklog.ExecutiveRollup `json:"executive_rollup,omitempty"`
GovernedUsageMetrics *controlbacklog.GovernedUsageMetrics `json:"governed_usage_metrics,omitempty"`
ControlPathGraph *aggattack.ControlPathGraph `json:"control_path_graph,omitempty"`
WorkflowChains *agentresolver.WorkflowChainArtifact `json:"workflow_chains,omitempty"`
ActionSurfaceRegistry []ActionSurfaceRegistryEntry `json:"action_surface_registry,omitempty"`
RuntimeSessions *ingest.SessionSummary `json:"runtime_sessions,omitempty"`
RuntimeEvidence *ingest.Summary `json:"runtime_evidence,omitempty"`
EvidencePackets *ingest.EvidencePacketSummary `json:"evidence_packets,omitempty"`
AgentActionBOM *AgentActionBOM `json:"agent_action_bom,omitempty"`
ComplianceSummary any `json:"compliance_summary"`
Proof ProofReference `json:"proof"`
NextActions []ChecklistItem `json:"next_actions"`
}
func BuildEvidenceBundle ¶ added in v1.2.0
func BuildEvidenceBundle(summary Summary) EvidenceBundle
type FocusPreset ¶ added in v1.6.0
type FocusPreset string
const ( FocusPresetBOM FocusPreset = "bom" FocusPresetRelease FocusPreset = "release" FocusPresetWriteDeploy FocusPreset = "write-deploy" FocusPresetApprovalEvidenceUnknown FocusPreset = "approval-evidence-unknown" FocusPresetOwnerEvidenceUnknown FocusPreset = "owner-evidence-unknown" FocusPresetEvidenceGaps FocusPreset = "evidence-gaps" FocusPresetContradictions FocusPreset = "contradictions" FocusPresetDriftReview FocusPreset = "drift-review" FocusPresetRecommendations FocusPreset = "recommendations" )
func ParseFocusPreset ¶ added in v1.6.0
func ParseFocusPreset(raw string) (FocusPreset, bool)
type FocusView ¶ added in v1.6.0
type FocusView struct {
Preset string `json:"preset"`
Title string `json:"title"`
MatchingPaths int `json:"matching_paths"`
MatchingWorkflowChains int `json:"matching_workflow_chains"`
MatchingBacklogItems int `json:"matching_backlog_items"`
EmptyStateStatus string `json:"empty_state_status,omitempty"`
EmptyStateMessage string `json:"empty_state_message,omitempty"`
RecommendedNextActions []string `json:"recommended_next_actions,omitempty"`
PathIDs []string `json:"path_ids,omitempty"`
WorkflowChainRefs []string `json:"workflow_chain_refs,omitempty"`
ControlBacklogIDs []string `json:"control_backlog_ids,omitempty"`
Highlights []WorkflowHighlight `json:"highlights,omitempty"`
}
type LifecycleSummary ¶
type LifecycleSummary struct {
IdentityCount int `json:"identity_count"`
UnderReviewCount int `json:"under_review_count"`
RevokedCount int `json:"revoked_count"`
DeprecatedCount int `json:"deprecated_count"`
PendingActionCount int `json:"pending_action_count"`
Gaps []lifecycle.Gap `json:"gaps,omitempty"`
Queue []governancequeue.Item `json:"queue,omitempty"`
RecentTransitions []LifecycleTransition `json:"recent_transitions"`
}
type LifecycleTransition ¶
type MCPCandidate ¶ added in v1.4.0
type MCPCandidate struct {
CandidateName string `json:"candidate_name"`
Org string `json:"org"`
Repo string `json:"repo"`
Location string `json:"location"`
EvidenceType string `json:"evidence_type"`
Confidence string `json:"confidence"`
DeclarationType string `json:"declaration_type"`
TransportHint string `json:"transport_hint"`
CredentialRefs []string `json:"credential_refs,omitempty"`
UnsupportedReason string `json:"unsupported_reason,omitempty"`
}
type MCPList ¶ added in v1.0.8
type MCPList struct {
Status string `json:"status"`
GeneratedAt string `json:"generated_at"`
RepoFilter string `json:"repo_filter,omitempty"`
Rows []MCPListRow `json:"rows"`
Candidates []MCPCandidate `json:"candidates,omitempty"`
Diagnostics []MCPMissDiagnostic `json:"diagnostics,omitempty"`
Warnings []string `json:"warnings,omitempty"`
AbsenceStatus string `json:"absence_status,omitempty"`
AbsenceReasons []string `json:"absence_reasons,omitempty"`
AbsenceImpact string `json:"absence_impact,omitempty"`
}
func BuildMCPList ¶ added in v1.0.8
func BuildMCPListWithOptions ¶ added in v1.4.0
func BuildMCPListWithOptions(snapshot state.Snapshot, opts MCPListOptions) MCPList
type MCPListOptions ¶ added in v1.4.0
type MCPListRow ¶ added in v1.0.8
type MCPListRow struct {
ServerName string `json:"server_name"`
Org string `json:"org"`
Repo string `json:"repo"`
Location string `json:"location"`
Transport string `json:"transport"`
RequestedPermissions []string `json:"requested_permissions,omitempty"`
PrivilegeSurface []string `json:"privilege_surface,omitempty"`
GatewayCoverage string `json:"gateway_coverage"`
TrustDepth *agginventory.TrustDepth `json:"trust_depth,omitempty"`
TrustStatus string `json:"trust_status"`
RiskNote string `json:"risk_note"`
}
type MCPMissDiagnostic ¶ added in v1.4.0
type MCPMissDiagnostic struct {
Org string `json:"org"`
Repo string `json:"repo"`
ExpectedServer string `json:"expected_server,omitempty"`
Status string `json:"status"`
AbsenceStatus string `json:"absence_status,omitempty"`
CandidateFilesScanned []string `json:"candidate_files_scanned,omitempty"`
ParsedConfigs []string `json:"parsed_configs,omitempty"`
CandidatesFound []string `json:"candidates_found,omitempty"`
ParseFailures []string `json:"parse_failures,omitempty"`
GeneratedSuppressions []string `json:"generated_suppressions,omitempty"`
UnsupportedDeclarations []string `json:"unsupported_declarations,omitempty"`
Explanation []string `json:"explanation,omitempty"`
AbsenceImpact string `json:"absence_impact,omitempty"`
}
type Methodology ¶ added in v1.0.2
type Methodology struct {
WrkrVersion string `json:"wrkr_version"`
ScanStartedAt string `json:"scan_started_at"`
ScanCompletedAt string `json:"scan_completed_at"`
ScanDurationSeconds float64 `json:"scan_duration_seconds"`
RepoCount int `json:"repo_count"`
FileCountProcessed int `json:"file_count_processed"`
DetectorCount int `json:"detector_count"`
CommandSet []string `json:"command_set"`
SampleDefinition string `json:"sample_definition"`
ExclusionCriteria []string `json:"exclusion_criteria"`
}
type ProofReference ¶
type ProofReference struct {
ChainPath string `json:"chain_path"`
HeadHash string `json:"head_hash"`
RecordCount int `json:"record_count"`
RecordTypeCounts []RecordTypeCount `json:"record_type_counts"`
CanonicalFindingKeys []string `json:"canonical_finding_keys"`
}
type PublicSurfaceAssessment ¶ added in v1.6.0
type PublicSurfaceAssessment struct {
ManifestName string `json:"manifest_name,omitempty"`
TotalSources int `json:"total_sources"`
LabelCounts PublicSurfaceLabelCounts `json:"label_counts"`
Entries []PublicSurfaceEntry `json:"entries,omitempty"`
}
type PublicSurfaceEntry ¶ added in v1.6.0
type PublicSurfaceEntry struct {
EntryID string `json:"entry_id"`
SourceClass string `json:"source_class"`
Title string `json:"title,omitempty"`
PublicRef string `json:"public_ref"`
CapturePath string `json:"capture_path,omitempty"`
CapturedAt string `json:"captured_at,omitempty"`
EvidenceLabel string `json:"evidence_label"`
Confidence string `json:"confidence,omitempty"`
InferenceRationale string `json:"inference_rationale,omitempty"`
Claims []string `json:"claims,omitempty"`
}
type PublicSurfaceLabelCounts ¶ added in v1.6.0
type ReasonGroup ¶
type RecentPRReview ¶ added in v1.6.0
type RecentPRReview struct {
Mode string `json:"mode"`
Limit int `json:"limit"`
SelectedIDs []string `json:"selected_ids,omitempty"`
DateFrom string `json:"date_from,omitempty"`
DateTo string `json:"date_to,omitempty"`
TotalCandidates int `json:"total_candidates"`
Ranked []RecentPRReviewItem `json:"ranked,omitempty"`
}
func BuildRecentPRReview ¶ added in v1.6.0
func BuildRecentPRReview(summary Summary, opts RecentPRReviewOptions) *RecentPRReview
type RecentPRReviewItem ¶ added in v1.6.0
type RecentPRReviewItem struct {
Rank int `json:"rank"`
ReviewID string `json:"review_id"`
Reference string `json:"reference,omitempty"`
Provider string `json:"provider,omitempty"`
Repo string `json:"repo,omitempty"`
PathID string `json:"path_id,omitempty"`
Workflow string `json:"workflow,omitempty"`
AutonomyTier string `json:"autonomy_tier,omitempty"`
DelegationReadinessState string `json:"delegation_readiness_state,omitempty"`
RecommendedControl string `json:"recommended_control,omitempty"`
TargetClass string `json:"target_class,omitempty"`
EvidenceCompleteness string `json:"evidence_completeness,omitempty"`
Contradiction bool `json:"contradiction,omitempty"`
AIAssisted bool `json:"ai_assisted,omitempty"`
AutomationAssisted bool `json:"automation_assisted,omitempty"`
CheckCount int `json:"check_count,omitempty"`
ApprovalCount int `json:"approval_count,omitempty"`
DeploymentCount int `json:"deployment_count,omitempty"`
FocusBOMPathID string `json:"focus_bom_path_id,omitempty"`
Provenance *attribution.Result `json:"provenance,omitempty"`
WorkflowChainRefs []string `json:"workflow_chain_refs,omitempty"`
GraphRefs AgentActionBOMGraphRefs `json:"graph_refs,omitempty"`
ProofRefs []string `json:"proof_refs,omitempty"`
EvidencePacketRefs []string `json:"evidence_packet_refs,omitempty"`
MissingEvidence []string `json:"missing_evidence,omitempty"`
}
type RecentPRReviewOptions ¶ added in v1.6.0
type RecordTypeCount ¶
type RedactionConfig ¶ added in v1.5.0
type RedactionConfig struct {
Profile ShareProfile
DefaultFields []RedactionField
Fields []RedactionField
// contains filtered or unexported fields
}
func ResolveRedactionConfig ¶ added in v1.5.0
func ResolveRedactionConfig(profile ShareProfile, requested []RedactionField) RedactionConfig
func (RedactionConfig) Applies ¶ added in v1.5.0
func (c RedactionConfig) Applies() bool
func (RedactionConfig) Has ¶ added in v1.5.0
func (c RedactionConfig) Has(field RedactionField) bool
func (RedactionConfig) RequiresLegacySanitizer ¶ added in v1.5.0
func (c RedactionConfig) RequiresLegacySanitizer() bool
type RedactionField ¶ added in v1.5.0
type RedactionField string
const ( RedactionOwners RedactionField = "owners" RedactionRepos RedactionField = "repos" RedactionPaths RedactionField = "paths" RedactionCredentialSubjects RedactionField = "credential-subjects" // #nosec G101 -- redaction selector label, not a credential RedactionAuthors RedactionField = "authors" RedactionFilesystem RedactionField = "filesystem" RedactionProviders RedactionField = "providers" RedactionProofRefs RedactionField = "proof-refs" RedactionGraphRefs RedactionField = "graph-refs" )
func ParseRedactionFields ¶ added in v1.5.0
func ParseRedactionFields(raw string) ([]RedactionField, error)
type RegressSummary ¶
type RegressSummary struct {
BaselineProvided bool `json:"baseline_provided"`
DriftDetected bool `json:"drift_detected"`
ReasonCount int `json:"reason_count"`
ReasonGroups []ReasonGroup `json:"reason_groups"`
DriftCategoryCount int `json:"drift_category_count,omitempty"`
DriftCategories []regress.DriftCategorySummary `json:"drift_categories,omitempty"`
ComparisonStatus string `json:"comparison_status,omitempty"`
ComparisonIssues []string `json:"comparison_issues,omitempty"`
}
type RiskItem ¶
type RiskItem struct {
Rank int `json:"rank"`
CanonicalKey string `json:"canonical_key"`
Score float64 `json:"risk_score"`
FindingType string `json:"finding_type"`
Severity string `json:"severity"`
ToolType string `json:"tool_type"`
Org string `json:"org"`
Repo string `json:"repo"`
Location string `json:"location"`
PathID string `json:"path_id,omitempty"`
InventoryRisk string `json:"inventory_risk,omitempty"`
AttackPathScore float64 `json:"attack_path_score,omitempty"`
ControlPriority string `json:"control_priority,omitempty"`
RiskTier string `json:"risk_tier,omitempty"`
ControlState string `json:"control_state,omitempty"`
RiskZone string `json:"risk_zone,omitempty"`
ReviewBurden string `json:"review_burden,omitempty"`
ConfidenceLane string `json:"confidence_lane,omitempty"`
CredentialAccess bool `json:"credential_access,omitempty"`
ProductionTargetStatus string `json:"production_target_status,omitempty"`
RecommendedAction string `json:"recommended_action,omitempty"`
WriteCapable bool `json:"write_capable,omitempty"`
ProductionWrite bool `json:"production_write,omitempty"`
Rationale []string `json:"rationale"`
Remediation string `json:"remediation"`
}
type ScanScopeSummary ¶ added in v1.4.0
type SegmentMetadata ¶ added in v1.0.2
type ShareProfile ¶
type ShareProfile string
const ( )
func ParseShareProfile ¶
func ParseShareProfile(raw string) (ShareProfile, bool)
type ShareProfileMetadata ¶ added in v1.4.0
type ShareProfileMetadata struct {
}
func BuildShareProfileMetadata ¶ added in v1.5.0
func BuildShareProfileMetadata(config RedactionConfig) *ShareProfileMetadata
type Summary ¶
type Summary struct {
SummaryVersion string `json:"summary_version"`
GeneratedAt string `json:"generated_at"`
Template string `json:"template"`
DeploymentMode string `json:"deployment_mode,omitempty"`
ArtifactMetadata *ArtifactMetadata `json:"artifact_metadata,omitempty"`
SectionOrder []string `json:"section_order"`
Sections []Section `json:"sections"`
Headline Headline `json:"headline"`
ScanScope *ScanScopeSummary `json:"scan_scope,omitempty"`
OperationalExposure *scorecore.AxisSummary `json:"operational_exposure,omitempty"`
GovernanceReadiness *scorecore.AxisSummary `json:"governance_readiness,omitempty"`
EvidenceCompleteness *risk.EvidenceCompletenessSummary `json:"evidence_completeness,omitempty"`
ExecutiveRollup *controlbacklog.ExecutiveRollup `json:"executive_rollup,omitempty"`
GovernedUsageMetrics *controlbacklog.GovernedUsageMetrics `json:"governed_usage_metrics,omitempty"`
WorkflowHighlights *WorkflowHighlights `json:"workflow_highlights,omitempty"`
FocusView *FocusView `json:"focus_view,omitempty"`
AssessmentSummary *AssessmentSummary `json:"assessment_summary,omitempty"`
PublicSurfaceAssessment *PublicSurfaceAssessment `json:"public_surface_assessment,omitempty"`
Methodology Methodology `json:"methodology"`
TopRisks []RiskItem `json:"top_risks"`
PrivilegeBudget agginventory.PrivilegeBudget `json:"privilege_budget"`
SecurityVisibility agginventory.SecurityVisibilitySummary `json:"security_visibility"`
Deltas DeltaSummary `json:"deltas"`
Lifecycle LifecycleSummary `json:"lifecycle"`
RegressDrift *RegressSummary `json:"regress_drift,omitempty"`
AttackPaths AttackPathSummary `json:"attack_paths"`
ComplianceSummary compliance.RollupSummary `json:"compliance_summary"`
ControlBacklog *controlbacklog.Backlog `json:"control_backlog,omitempty"`
ScanQuality *scanquality.Report `json:"scan_quality,omitempty"`
RuntimeSessions *ingest.SessionSummary `json:"runtime_sessions,omitempty"`
RuntimeEvidence *ingest.Summary `json:"runtime_evidence,omitempty"`
EvidencePackets *ingest.EvidencePacketSummary `json:"evidence_packets,omitempty"`
AgentActionBOM *AgentActionBOM `json:"agent_action_bom,omitempty"`
RecentPRReview *RecentPRReview `json:"recent_pr_review,omitempty"`
Proof ProofReference `json:"proof"`
NextActions []ChecklistItem `json:"next_actions"`
Activation *ActivationSummary `json:"activation,omitempty"`
ActionPaths []risk.ActionPath `json:"action_paths,omitempty"`
ActionPathToControlFirst *risk.ActionPathToControlFirst `json:"action_path_to_control_first,omitempty"`
ActionSurfaceRegistry []ActionSurfaceRegistryEntry `json:"action_surface_registry,omitempty"`
ControlPathGraph *aggattack.ControlPathGraph `json:"control_path_graph,omitempty"`
WorkflowChains *agentresolver.WorkflowChainArtifact `json:"workflow_chains,omitempty"`
ExposureGroups []risk.ExposureGroup `json:"exposure_groups,omitempty"`
SourcePrivacy *sourceprivacy.Contract `json:"source_privacy,omitempty"`
// contains filtered or unexported fields
}
func BuildSummary ¶
func BuildSummary(in BuildInput) (Summary, error)
BuildSummary composes deterministic report sections from scan, risk, score, lifecycle, regress, and proof data. Non-goal guardrail: this path must remain deterministic and non-generative.
type Template ¶
type Template string
const ( TemplateExec Template = "exec" TemplateOperator Template = "operator" TemplateAudit Template = "audit" TemplatePublic Template = "public" TemplateCISO Template = "ciso" TemplateAppSec Template = "appsec" TemplatePlatform Template = "platform" TemplateCustomerDraft Template = "customer-draft" TemplateAgentActionBOM Template = "agent-action-bom" TemplateDesignPartnerSummary Template = "design-partner-summary" )
func ParseTemplate ¶
type WorkflowHighlight ¶ added in v1.6.0
type WorkflowHighlight struct {
PathID string `json:"path_id"`
WorkflowChainRefs []string `json:"workflow_chain_refs,omitempty"`
Repo string `json:"repo,omitempty"`
Workflow string `json:"workflow,omitempty"`
PathType string `json:"path_type,omitempty"`
TargetClass string `json:"target_class,omitempty"`
AutonomyTier string `json:"autonomy_tier,omitempty"`
DelegationReadiness string `json:"delegation_readiness,omitempty"`
Authority string `json:"authority,omitempty"`
BlastRadius string `json:"blast_radius,omitempty"`
EvidenceSummary string `json:"evidence_summary,omitempty"`
ApprovalPath string `json:"approval_path,omitempty"`
ProofStatus string `json:"proof_status,omitempty"`
RuntimeStatus string `json:"runtime_status,omitempty"`
RuntimeSessionStatus string `json:"runtime_session_status,omitempty"`
Recommendation string `json:"recommendation,omitempty"`
BoundaryLabel string `json:"boundary_label,omitempty"`
Explanation string `json:"explanation,omitempty"`
}
type WorkflowHighlights ¶ added in v1.6.0
type WorkflowHighlights struct {
TotalItems int `json:"total_items"`
Highlights []WorkflowHighlight `json:"highlights,omitempty"`
}
func BuildWorkflowHighlights ¶ added in v1.6.0
func BuildWorkflowHighlights(summary Summary) *WorkflowHighlights
Source Files
¶
- action_surface_registry.go
- activation.go
- agent_action_bom.go
- artifact_pairing.go
- artifacts.go
- boundary_labels.go
- build.go
- campaign.go
- control_proof.go
- executive_rollup.go
- focus.go
- gait_coverage.go
- mcp_list.go
- primary_view.go
- provenance_redaction.go
- public_surface.go
- qa.go
- recent_pr_review.go
- redaction.go
- redaction_summary.go
- render_markdown.go
- runtime_policy.go
- types.go
Directories
Click to show internal directories.
Click to hide internal directories.