Documentation
¶
Index ¶
- func ConvertOutputToMap(output Output) map[string]interface{}
- type AffectedExact
- type AffectedInfo
- type AffectedRange
- type AffectedUniversal
- type AffectedVersion
- type AnalysisInfo
- type AnalysisStatVulnerabilitySeverityDist
- type AnalysisStats
- type CVSS_CLASSV3
- type Conflict
- type Dependency
- type DependencyInfo
- type DependencyInfoVuln
- type NVDVulnerability
- type NonVulnerableEvidence
- type NonVulnerableEvidenceType
- type OSVVulnerability
- type Output
- type Pairs
- type SeverityType
- type Vulnerability
- type VulnerabilityMatch
- type VulnerabilityMatchSeverity
- type VulnerabilityMatchWeakness
- type VulnerabilitySource
- type VulnerableEvidenceExact
- type VulnerableEvidenceRange
- type VulnerableEvidenceType
- type VulnerableEvidenceUniversal
- type WinningSource
- type WorkSpaceVulnerabilities
- type Workspace
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ConvertOutputToMap ¶
Types ¶
type AffectedExact ¶
type AffectedExact struct {
VersionString string
VersionSemver semverVersionTypes.Semver
CPEInfo knowledge.Sources
}
type AffectedInfo ¶
type AffectedInfo struct {
Exact []string
Ranges []AffectedRange
Universal bool
}
type AffectedRange ¶
type AffectedRange struct {
IntroducedSemver semverVersionTypes.Semver
FixedSemver semverVersionTypes.Semver
CPEInfo knowledge.Sources
}
AffectedRange represents a vulnerable range of a library, denoting at which version the vulnerability was introduced and when (if at all) it was fixed
type AffectedUniversal ¶
type AffectedVersion ¶
type AffectedVersion struct {
Exact []AffectedExact
Ranges []AffectedRange
Universal AffectedUniversal
}
AffectedVersion encapsulates information on affected vulnerability ranges, exact vulnerable versions, and whether the "whole" of the library is affected
type AnalysisInfo ¶
type AnalysisInfo struct {
Status codeclarity.AnalysisStatus `json:"status"`
Errors []exceptions.Error `json:"errors"`
AnalysisStartTime string `json:"analysis_start_time"`
AnalysisEndTime string `json:"analysis_end_time"`
AnalysisDeltaTime float64 `json:"analysis_delta_time"`
VersionSeperator string `json:"version_seperator"`
ImportPathSeperator string `json:"import_path_seperator"`
DefaultWorkspaceName string `json:"default_workspace_name"`
SelfManagedWorkspaceName string `json:"self_managed_workspace_name"`
}
type AnalysisStats ¶
type AnalysisStats struct {
NumberOfVulnerableDependencies int `json:"number_of_vulnerable_dependencies"`
NumberOfVulnerabilities int `json:"number_of_vulnerabilities"`
NumberOfTransitiveVulnerabilites int `json:"number_of_transitive_vulnerabilites"`
NumberOfDirectVulnerabilities int `json:"number_of_direct_vulnerabilities"`
MeanSeverity float64 `json:"mean_severity"`
MaxSeverity float64 `json:"max_severity"`
SeverityDist AnalysisStatVulnerabilitySeverityDist `json:"severity_dist"`
}
type CVSS_CLASSV3 ¶
type CVSS_CLASSV3 string
const ( CRITICAL CVSS_CLASSV3 = "CRITICAL" HIGH CVSS_CLASSV3 = "HIGH" MEDIUM CVSS_CLASSV3 = "MEDIUM" LOW CVSS_CLASSV3 = "LOW" NONE CVSS_CLASSV3 = "NONE" )
type Conflict ¶
type Conflict struct {
ConflictWinner conflict.ResolveWinner
ConflictFlag conflict.ConflictFlag
}
type Dependency ¶
type Dependency struct {
Name string
VersionInfo sbom.Versions
Semver semverVersionTypes.Semver
}
type DependencyInfo ¶
type DependencyInfo struct {
SeverityDist sbom.SeverityDist
Vulnerable bool
Vulnerabilities []DependencyInfoVuln
}
type DependencyInfoVuln ¶
type DependencyInfoVuln struct {
Vulnerability string
Severity VulnerabilityMatchSeverity
Weaknesses []VulnerabilityMatchWeakness
}
type NVDVulnerability ¶
type NVDVulnerability struct {
Vulnerability knowledge.NVDItem
Dependency Dependency
AffectedInfo []AffectedVersion
VulnerableEvidenceRange VulnerableEvidenceRange
VulnerableEvidenceExact VulnerableEvidenceExact
VulnerableEvidenceUniversal VulnerableEvidenceUniversal
VulnerableEvidenceType VulnerableEvidenceType
Vulnerable bool
ConflictFlag conflict.ConflictFlag
Severity float64
SeverityType SeverityType
}
type NonVulnerableEvidence ¶
type NonVulnerableEvidence struct {
ClosestKnownUnpatchedIntroduction semverVersionTypes.Semver
ClosestKnownPatchedVersion semverVersionTypes.Semver
NextKnownUnpatchedVersion semverVersionTypes.Semver
Installed semverVersionTypes.Semver
Type NonVulnerableEvidenceType
}
A non-vulnerable evidence clase for maintaining evidence data that a dependency is not vulnerable to a specific vulnerability.
- Type: `NONE_MATCHING_LESS_THAN_FIRST_VULNERABLE`
```
"ClosestKnownUnpatchedIntroduction": "4.0.0", "ClosestKnownPatchedVersion": "4.1.2", "NextKnownUnpatchedVersion": "4.0.0", "Installed": "3.3.6", "Type": "NONE_MATCHING_LESS_THAN_FIRST_VULNERABLE"
```
- Type: `NONE_MATCHING_GREATER_THAN_LAST_VULNERABLE`
```
"ClosestKnownUnpatchedIntroduction": "4.0.0", "ClosestKnownPatchedVersion": "4.1.2", "NextKnownUnpatchedVersion": nil, "Installed": "4.3.6", "Type": "NONE_MATCHING_GREATER_THAN_LAST_VULNERABLE"
```
- Type: `NONE_MATCHING_IN_BETWEEN_VULNERABLE_RANGES`
```
"ClosestKnownUnpatchedIntroduction": "4.0.0", "ClosestKnownPatchedVersion": "4.1.2", "NextKnownUnpatchedVersion": "4.7.5", "Installed": "4.3.6", "Type": "NONE_MATCHING_IN_BETWEEN_VULNERABLE_RANGES"
```
type NonVulnerableEvidenceType ¶
type NonVulnerableEvidenceType string
const ( NONE_MATCHING_LESS_THAN_FIRST_VULNERABLE NonVulnerableEvidenceType = "NONE_MATCHING_LESS_THAN_FIRST_VULNERABLE" NONE_MATCHING_GREATER_THAN_LAST_VULNERABLE NonVulnerableEvidenceType = "NONE_MATCHING_GREATER_THAN_LAST_VULNERABLE" NONE_MATCHING_IN_BETWEEN_VULNERABLE_RANGES NonVulnerableEvidenceType = "NONE_MATCHING_IN_BETWEEN_VULNERABLE_RANGES" )
type OSVVulnerability ¶
type OSVVulnerability struct {
Vulnerability knowledge.OSVItem
Dependency Dependency
AffectedInfo []AffectedVersion
VulnerableEvidenceRange VulnerableEvidenceRange
VulnerableEvidenceExact VulnerableEvidenceExact
VulnerableEvidenceUniversal VulnerableEvidenceUniversal
VulnerableEvidenceType VulnerableEvidenceType
Vulnerable bool
ConflictFlag conflict.ConflictFlag
Severity float64
SeverityType SeverityType
}
type Output ¶
type Output struct {
WorkSpaces map[string]Workspace `json:"workspaces"`
AnalysisInfo AnalysisInfo `json:"analysis_info"`
}
type Pairs ¶
type Pairs struct {
NVD NVDVulnerability
OSV OSVVulnerability
ConflictWinner conflict.ResolveWinner
ConflictFlag conflict.ConflictFlag
}
type SeverityType ¶
type SeverityType string
const ( CVSS_V2 SeverityType = "CVSS_V2" CVSS_V3 SeverityType = "CVSS_V3" CVSS_V31 SeverityType = "CVSS_V31" )
type Vulnerability ¶
type Vulnerability struct {
Sources []VulnerabilitySource
AffectedDependency string
AffectedVersion string
VulnerabilityId string
OSVMatch *OSVVulnerability `json:"OSVMatch,omitempty"`
NVDMatch *NVDVulnerability `json:"NVDMatch,omitempty"`
Severity VulnerabilityMatchSeverity
Weaknesses []VulnerabilityMatchWeakness
Conflict Conflict
// Extension-related fields for PHP extension vulnerabilities
PackageName string `json:"package_name,omitempty"`
CurrentVersion string `json:"current_version,omitempty"`
Constraint string `json:"constraint,omitempty"`
DirectDependency bool `json:"direct_dependency,omitempty"`
Source string `json:"source,omitempty"`
CVSS float64 `json:"cvss,omitempty"`
Summary string `json:"summary,omitempty"`
Details string `json:"details,omitempty"`
References []string `json:"references,omitempty"`
PublishedDate string `json:"published_date,omitempty"`
ModifiedDate string `json:"modified_date,omitempty"`
WithdrawnDate string `json:"withdrawn_date,omitempty"`
ExtensionType string `json:"extension_type,omitempty"` // "php-extension" for PHP extensions
}
type VulnerabilityMatch ¶
type VulnerabilityMatch struct {
Affected map[string]AffectedInfo
WinningSource WinningSource
Id uint64
Sources []VulnerabilitySource
AffectedDependency string
Vulnerability string
Severity VulnerabilityMatchSeverity
Weaknesses []VulnerabilityMatchWeakness
}
type VulnerabilityMatchSeverity ¶
type VulnerabilityMatchSeverity struct {
SeverityClass CVSS_CLASSV3
Severity float64
SeverityType SeverityType
Vector string
Impact float64
Exploitability float64
ConfidentialityImpact string
IntegrityImpact string
AvailabilityImpact string
ConfidentialityImpactNumerical float32
IntegrityImpactNumerical float32
AvailabilityImpactNumerical float32
}
type VulnerabilitySource ¶
type VulnerabilitySource string
const ( NVD VulnerabilitySource = "NVD" OSV VulnerabilitySource = "OSV" FriendsOfPHP VulnerabilitySource = "FriendsOfPHP" PRIVATE_ANALYSIS VulnerabilitySource = "PRIVATE_ANALYSIS" )
type VulnerableEvidenceExact ¶
type VulnerableEvidenceExact struct {
Vulnerable AffectedExact
Installed semverVersionTypes.Semver
}
VulnerableEvidenceExact encapsulates information "prooving" that a dependency is affected by an affected product version
type VulnerableEvidenceRange ¶
type VulnerableEvidenceRange struct {
Vulnerable AffectedRange
Installed semverVersionTypes.Semver
OpenEnd bool
}
VulnerableEvidenceRange encapsulates information "prooving" that a dependency is affected by an affected product range
type VulnerableEvidenceType ¶
type VulnerableEvidenceType string
const ( VULNERABLE_EVIDENCE_EXACT VulnerableEvidenceType = "VULNERABLE_EVIDENCE_EXACT" VULNERABLE_EVIDENCE_UNIVERSAL VulnerableEvidenceType = "VULNERABLE_EVIDENCE_UNIVERSAL" VULNERABLE_EVIDENCE_RANGE VulnerableEvidenceType = "VULNERABLE_EVIDENCE_RANGE" )
type VulnerableEvidenceUniversal ¶
type VulnerableEvidenceUniversal struct {
Vulnerable AffectedUniversal
Installed semverVersionTypes.Semver
}
VulnerableEvidenceUniversal encapsulates information "prooving" that a dependency is affected by an affected product version
type WinningSource ¶
type WinningSource string
const ( WINNER_NVD WinningSource = "NVD" WINNER_OSV WinningSource = "OSV" WINNER_NEITHER WinningSource = "NEITHER" )
type WorkSpaceVulnerabilities ¶
type WorkSpaceVulnerabilities []VulnerabilityMatch
type Workspace ¶
type Workspace struct {
Vulnerabilities []Vulnerability
}
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.