Documentation
¶
Index ¶
- func UploadFindings(findings []Finding, uploadURL, method string, headers map[string]string) error
- type Finding
- type GateResult
- type OutputWriter
- func (self *OutputWriter) Error(format string, args ...any)
- func (self *OutputWriter) Info(format string, args ...any)
- func (self *OutputWriter) PrintClassificationSummary(classified []spec.ClassifiedEndpoint)
- func (self *OutputWriter) PrintFinding(f Finding)
- func (self *OutputWriter) PrintFindingsSummary(findings []Finding)
- func (self *OutputWriter) Success(format string, args ...any)
- func (self *OutputWriter) WriteFindings(findings []Finding, cfg types.OutputConfig, target string) error
- func (self *OutputWriter) WriteJSONL(findings []Finding, path string) error
- func (self *OutputWriter) WriteMarkdown(findings []Finding, path string, target string) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func UploadFindings ¶
UploadFindings serializes findings to JSONL and uploads them to a remote URL. Supports POST and PUT methods with custom headers. Returns an error if the upload fails or the server responds with a non-2xx status.
Types ¶
type Finding ¶
type Finding struct {
// identification
TemplateID string `json:"template_id"`
Name string `json:"name"`
Severity string `json:"severity"`
Description string `json:"description"`
// match details
MatchedURL string `json:"matched_url"`
Host string `json:"host"`
IP string `json:"ip,omitempty"`
MatcherName string `json:"matcher_name,omitempty"`
ExtractedResults []string `json:"extracted_results,omitempty"`
Tags []string `json:"tags,omitempty"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
MatcherStatus bool `json:"matcher_status"`
// request/response
CURLCommand string `json:"curl_command,omitempty"`
Request string `json:"request,omitempty"`
Response string `json:"response,omitempty"`
// fuzzing details
IsFuzzingResult bool `json:"is_fuzzing_result,omitempty"`
FuzzingParameter string `json:"fuzzing_parameter,omitempty"`
FuzzingMethod string `json:"fuzzing_method,omitempty"`
FuzzingPosition string `json:"fuzzing_position,omitempty"`
Timestamp time.Time `json:"timestamp"`
}
Finding represents a single vulnerability finding enriched from scan results.
func (*Finding) IsCritical ¶
IsCritical returns true for critical severity findings.
func (*Finding) IsHighOrAbove ¶
IsHighOrAbove returns true for high or critical findings.
func (*Finding) ShouldFail ¶
ShouldFail returns true if this finding should cause CI gate failure.
type GateResult ¶
type GateResult struct {
ShouldExit bool // true if pipeline should fail
ExitCode int // exit code to use (default 1)
Reason string // human-readable explanation
Counts map[string]int // severity → finding count
}
GateResult holds the CI gate evaluation outcome.
func EvaluateCIGate ¶
func EvaluateCIGate(findings []Finding, cfg types.OutputConfig) GateResult
EvaluateCIGate evaluates findings against the configured CI gate policy.
Priority: FailThreshold > FailOn > no gate (exit 0).
When FailThreshold is set, each severity's count is checked against its threshold. When only FailOn is set (legacy), any finding matching a listed severity triggers failure. When neither is set, the gate never triggers — safe default for CI.
Exit code resolution: ExitCodes[highest_breached_severity] > ExitCode > 1.
type OutputWriter ¶
type OutputWriter struct {
// contains filtered or unexported fields
}
OutputWriter handles all output formatting — terminal, file, and report generation.
func (*OutputWriter) Error ¶
func (self *OutputWriter) Error(format string, args ...any)
Error prints an error message to stderr (always, regardless of pretty mode).
func (*OutputWriter) Info ¶
func (self *OutputWriter) Info(format string, args ...any)
Info prints an informational message to stdout (pretty mode only).
func (*OutputWriter) PrintClassificationSummary ¶
func (self *OutputWriter) PrintClassificationSummary(classified []spec.ClassifiedEndpoint)
PrintClassificationSummary shows OWASP category breakdown (pretty mode only).
func (*OutputWriter) PrintFinding ¶
func (self *OutputWriter) PrintFinding(f Finding)
PrintFinding prints a single finding to terminal (pretty mode only).
func (*OutputWriter) PrintFindingsSummary ¶
func (self *OutputWriter) PrintFindingsSummary(findings []Finding)
PrintFindingsSummary prints final findings table (pretty mode only).
func (*OutputWriter) Success ¶
func (self *OutputWriter) Success(format string, args ...any)
Success prints a success message to stdout (pretty mode only).
func (*OutputWriter) WriteFindings ¶
func (self *OutputWriter) WriteFindings(findings []Finding, cfg types.OutputConfig, target string) error
WriteFindings writes findings to all configured output formats (JSONL, Markdown).
func (*OutputWriter) WriteJSONL ¶
func (self *OutputWriter) WriteJSONL(findings []Finding, path string) error
WriteJSONL writes findings as newline-delimited JSON to the given path.
func (*OutputWriter) WriteMarkdown ¶
func (self *OutputWriter) WriteMarkdown(findings []Finding, path string, target string) error
WriteMarkdown writes a rich markdown security report with executive summary, curl commands, request/response details, and fuzzing information.
Source Files