Documentation
¶
Index ¶
- Variables
- func ExpandLanguagesAndPackageManagersToExtractors(parsers []string) []string
- func IsSupportedExtractor(lockfile string) bool
- func ListExtractorNames() []string
- func ListSupportedExtractors() map[string]Extractor
- func RegisterExtractor(name models.ParsedFilePath, extractor Extractor)
- type ArtifactExtractor
- type CSVExtractor
- type DepFile
- type Ecosystem
- type Extractor
- type ExtractorWithMatcher
- type LocalFile
- type Lockfile
- type MatchResult
- type Matcher
- type MatcherDependencyMap
- type Node
- type OSVScannerResultsExtractor
- func (e OSVScannerResultsExtractor) Extract(f DepFile, context ScanContext) ([]PackageDetails, error)
- func (e OSVScannerResultsExtractor) IsOfficiallySupported() bool
- func (e OSVScannerResultsExtractor) PackageManager() models.PackageManager
- func (e OSVScannerResultsExtractor) ShouldExtract(path string) bool
- type PackageDetails
- type PackageDetailsParser
- type Packages
- type ParseResult
- type ScanContext
- type SourceContext
- type WithMatcher
Constants ¶
This section is empty.
Variables ¶
var ErrExtractorNotFound = errors.New("could not determine extractor")
var ErrIncompatibleFileFormat = errors.New("file format is incompatible, but this is expected")
var Ruby = treesitter.NewLanguage(ruby.Language())
Functions ¶
func ExpandLanguagesAndPackageManagersToExtractors ¶ added in v1.2.3
ExpandLanguagesAndPackageManagersToExtractors converts a list of language names, package manager names, and extractor names to extractor names only If a language name is provided, it expands to all parsers in that language based on known mappings If a package manager name is provided, it expands to all parsers for that package manager If it's anything else, it's included as-is
func IsSupportedExtractor ¶ added in v1.2.3
func ListExtractorNames ¶ added in v0.0.5
func ListExtractorNames() []string
func ListSupportedExtractors ¶ added in v0.0.5
func RegisterExtractor ¶ added in v1.3.1
func RegisterExtractor(name models.ParsedFilePath, extractor Extractor)
RegisterExtractor registers an extractor for a specific lockfile type. This is called by language-specific packages during initialization.
Types ¶
type ArtifactExtractor ¶
type ArtifactExtractor interface {
GetArtifact(f DepFile, context ScanContext) (*models.ScannedArtifact, error)
}
type CSVExtractor ¶
type CSVExtractor struct{}
func (CSVExtractor) Extract ¶
func (e CSVExtractor) Extract(f DepFile, context ScanContext) ([]PackageDetails, error)
func (CSVExtractor) IsOfficiallySupported ¶ added in v0.0.5
func (e CSVExtractor) IsOfficiallySupported() bool
func (CSVExtractor) PackageManager ¶ added in v0.0.5
func (e CSVExtractor) PackageManager() models.PackageManager
func (CSVExtractor) ShouldExtract ¶
func (e CSVExtractor) ShouldExtract(_ string) bool
type DepFile ¶
type DepFile interface {
io.Reader
io.Closer
// Open opens an DepFile based on the path of the
// current DepFile if the provided path is relative.
//
// If the path is an absolute path, then it is opened absolutely.
Open(path string) (DepFile, error)
Path() string
}
DepFile is an abstraction for a file that has been opened for extraction, and that knows how to open other DepFiles relative to itself.
func OpenLocalDepFile ¶
type Extractor ¶
type Extractor interface {
// ShouldExtract checks if the Extractor should be used for the given path.
ShouldExtract(path string) bool
Extract(f DepFile, context ScanContext) ([]PackageDetails, error)
// IsOfficiallySupported returns true if the extractor is officially supported by Datadog SCA E2E
IsOfficiallySupported() bool
PackageManager() models.PackageManager
}
type ExtractorWithMatcher ¶
type Lockfile ¶
type Lockfile struct {
FilePath string `json:"filePath"`
ParsedAs string `json:"parsedAs"`
Packages Packages `json:"packages"`
Artifact *models.ScannedArtifact `json:"artifact,omitempty"`
}
func ExtractDeps ¶
func ExtractDeps(f DepFile, context ScanContext) (Lockfile, error)
type MatchResult ¶
type MatchResult struct {
Ctx *SourceContext
// contains filtered or unexported fields
}
func (MatchResult) FindByName ¶
func (m MatchResult) FindByName(captureName string) []*Node
func (MatchResult) FindFirstByName ¶
func (m MatchResult) FindFirstByName(captureName string) *Node
type Matcher ¶
type Matcher interface {
GetSourceFile(lockfile DepFile) (DepFile, error)
Match(sourceFile DepFile, packages []PackageDetails, context ScanContext) error
}
type MatcherDependencyMap ¶
type MatcherDependencyMap struct {
RootType int
FilePath string
LineOffset int
Packages []*PackageDetails
}
MatcherDependencyMap is a helper structure meant to represent metadata needed in order to extract data during a custom json Unmarshal process Typical usage will be in a structure representing the file to deserialize a specific section from it (package.json dependencies section for example). It helps us to pass data from the context and have a specific type to create a custom UnmarshalJson method.
rootType defines what section we are currently deserializing (as all section will go through the same unmarshal method) filePath defines which file we are parsing, it is used to define the location of a package lineOffset defines the character offset between the start of the file and the start of the section packages is the array of packages we extracted from the parser we need to update with matcher information
For an example, you can check out match-composer.go or match-package-json.go
func (*MatcherDependencyMap) UpdatePackageDetails ¶
func (depMap *MatcherDependencyMap) UpdatePackageDetails(pkg *PackageDetails, content string, indexes []int, depGroup string)
UpdatePackageDetails updates the PackageDetails structure with the following information :
- Is the package direct (if we find it in a matcher, it is always direct) - Package location in the matched file (block, name and version) - new dependency group (when not empty)
pkg is the PackageDetails structure to update content is the full file content as string indexes is a [6]int array representing block, name and version location offsets (as defined by ExtractPackageIndexes) depGroup represent the new dependency group to add
type Node ¶
type Node struct {
Ctx *SourceContext
TSNode *treesitter.Node
}
type OSVScannerResultsExtractor ¶
type OSVScannerResultsExtractor struct{}
func (OSVScannerResultsExtractor) Extract ¶
func (e OSVScannerResultsExtractor) Extract(f DepFile, context ScanContext) ([]PackageDetails, error)
func (OSVScannerResultsExtractor) IsOfficiallySupported ¶ added in v0.0.5
func (e OSVScannerResultsExtractor) IsOfficiallySupported() bool
func (OSVScannerResultsExtractor) PackageManager ¶ added in v0.0.5
func (e OSVScannerResultsExtractor) PackageManager() models.PackageManager
func (OSVScannerResultsExtractor) ShouldExtract ¶
func (e OSVScannerResultsExtractor) ShouldExtract(path string) bool
type PackageDetails ¶
type PackageDetails struct {
Source models.SourceInfo
Name string `json:"name"`
Version string `json:"version"`
TargetVersions []string `json:"targetVersions,omitempty"`
Commit string `json:"commit,omitempty"`
PURL string `json:"purl,omitempty"`
Ecosystem models.Ecosystem `json:"ecosystem,omitempty"`
DepGroups []string `json:"depGroups,omitempty"`
BlockLocation models.FilePosition `json:"blockLocation,omitempty"`
VersionLocation *models.FilePosition `json:"versionLocation,omitempty"`
NameLocation *models.FilePosition `json:"nameLocation,omitempty"`
PackageManager models.PackageManager `json:"packageManager,omitempty"`
IsDirect bool `json:"isDirect,omitempty"`
Dependencies []*PackageDetails `json:"dependencies,omitempty"`
Exclusions []string `json:"exclusions,omitempty"`
}
func ExtractFromFile ¶
func ExtractFromFile(pathToLockfile string, extractor Extractor) ([]PackageDetails, error)
func ExtractFromFileWithContext ¶ added in v1.4.0
func ExtractFromFileWithContext(pathToLockfile string, extractor Extractor, context ScanContext) ([]PackageDetails, error)
func ParseOSVScannerResults ¶
func ParseOSVScannerResults(pathToLockfile string) ([]PackageDetails, error)
func (PackageDetails) IsVersionEmpty ¶
func (pkg PackageDetails) IsVersionEmpty() bool
type PackageDetailsParser ¶
type PackageDetailsParser = func(pathToLockfile string) ([]PackageDetails, error)
type Packages ¶
type Packages []PackageDetails
type ParseResult ¶
type ParseResult struct {
Ctx *SourceContext
Node *Node
// contains filtered or unexported fields
}
func ParseFile ¶
func ParseFile(sourceFile DepFile, language *treesitter.Language) (*ParseResult, error)
func (ParseResult) Close ¶
func (p ParseResult) Close()
type ScanContext ¶ added in v1.4.0
type ScanContext struct {
EnabledParsers map[string]bool
RootDir string
Reporter reporter.Reporter
}
ScanContext is used to pass context to extractors It is passed to extractors to allow them to access the root directory of the scan as well as the reporter
type SourceContext ¶
type SourceContext struct {
// contains filtered or unexported fields
}
func (SourceContext) ExtractTextValue ¶
func (sc SourceContext) ExtractTextValue(node *treesitter.Node) (string, error)
func (SourceContext) ExtractTextValues ¶
func (sc SourceContext) ExtractTextValues(node *treesitter.Node) ([]string, error)
type WithMatcher ¶
type WithMatcher struct {
Matchers []Matcher
}
func (WithMatcher) GetMatchers ¶
func (e WithMatcher) GetMatchers() []Matcher
Source Files
Directories