Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DeregisterVendor ¶ added in v0.71.0
func DeregisterVendor(name string)
DeregisterVendor removes a registered vendor by name. Use it to opt out of a vendor that was registered via pkg/detector/library/all (e.g., DeregisterVendor("seal")).
func Detect ¶ added in v0.17.0
func Detect(ctx context.Context, libType ftypes.LangType, pkgs []ftypes.Package) ([]types.DetectedVulnerability, error)
Detect scans language-specific packages and returns vulnerabilities.
func RegisterVendor ¶ added in v0.71.0
func RegisterVendor(v Vendor)
RegisterVendor registers a new vendor for library vulnerability detection. It should be called from an init() function in the vendor's package.
Types ¶
type Driver ¶
type Driver struct {
// contains filtered or unexported fields
}
Driver represents security advisories for each programming language
func (*Driver) DetectVulnerabilities ¶ added in v0.23.0
func (d *Driver) DetectVulnerabilities(pkgID, pkgName, pkgVer string) ([]types.DetectedVulnerability, error)
DetectVulnerabilities scans buckets with the prefix according to the ecosystem. If "ecosystem" is pip, it looks for buckets with "pip::" and gets security advisories from those buckets. It allows us to add a new data source with the ecosystem prefix (e.g. pip::new-data-source) and detect vulnerabilities without specifying a specific bucket name.
type Vendor ¶ added in v0.71.0
type Vendor interface {
// Name returns the vendor identifier used in the advisory bucket prefix.
// For example, "seal" results in advisory queries to "seal pip::", "seal npm::", etc.
Name() string
// Match determines whether a package is provided by this vendor.
// It receives the ecosystem type, a normalized package name
// (see vulnerability.NormalizePkgName), and version to make the determination.
Match(eco ecosystem.Type, pkgName, pkgVer string) bool
// BucketPrefix returns the advisory bucket prefix for the given ecosystem.
// For example, "seal pip::" for Seal Security pip packages.
BucketPrefix(eco ecosystem.Type) string
// Comparer returns a version comparer for the given ecosystem.
// The defaultComparer is provided so the vendor can return it unchanged
// when no custom comparison logic is needed.
Comparer(eco ecosystem.Type, defaultComparer compare.Comparer) compare.Comparer
}
Vendor represents a third-party security vendor that provides patched packages with their own vulnerability advisories. These vendors (e.g., Seal Security) offer patched versions of open source packages and maintain separate advisory databases that should be used instead of the standard ecosystem advisories.
When a package is identified as coming from a vendor, Trivy queries the vendor-specific advisory bucket (e.g., "seal pip::") rather than the standard ecosystem bucket (e.g., "pip::").