Documentation
¶
Overview ¶
Package auditcache stores per-package raw violations from the local audit pipeline on disk so repeat audits over the same SBOM are fast. Each entry is keyed by a sha256 of the analysis identifier alone and stored as a single JSON file under the configured cache dir.
The cache holds raw violations (pre-grading), not graded SARIF, so editing .risk-guard.yml does not invalidate any entry. The rulebook is applied once at merge time, against the union of all cached violations. Cross- project sharing is therefore safe: the same package@version cached by one project is reused by every other project pinning the same version.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Get ¶
func Get(dir, key string, maxAge time.Duration) (*violations.AnalysisViolations, time.Time, bool, error)
Get loads cached violations for key if present and not older than maxAge. Returns (analysis, savedAt, true) on hit, (nil, zero, false) on miss or expiry. A read error other than not-found is returned to the caller — the cache is expected to be writable by the same user so corruption is a real signal.
func Key ¶
Key produces the on-disk filename component for an analysisID. The identifier already encodes ecosystem, name, version, and overrides, so no other input is needed to disambiguate two entries.
func ParseMaxAge ¶
ParseMaxAge accepts time.ParseDuration syntax plus "Nd" (days). Returns 0 for empty/zero (caller should treat 0 as "no caching").
func Put ¶
func Put(dir, key string, analysis *violations.AnalysisViolations) error
Put writes a violations result to the cache. Creates the directory if needed.
Types ¶
type Entry ¶
type Entry struct {
Key string `json:"key"`
SavedAt time.Time `json:"saved_at"`
Analysis *violations.AnalysisViolations `json:"analysis"`
}
Entry is the on-disk representation of one cached audit result.