v1

package
v0.0.1-pre3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 2, 2025 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CommandAffected           = "/affected"
	CommandNotAffected        = "/not_affected"
	CommandFixed              = "/fixed"
	CommandUnderInvestigation = "/under_investigation"

	JustificationComponentNotPresent                         = "component_not_present"
	JustificationVulnerableCodeNotPresent                    = "vulnerable_code_not_present"
	JustificationVulnerableCodeNotInExecutePath              = "vulnerable_code_not_in_execute_path"
	JustificationVulnerableCodeCannotBeControlledByAdversary = "vulnerable_code_cannot_be_controlled_by_adversary"
	JustificationInlineMitigationsAlreadyExist               = "inline_mitigations_already_exist"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Branch 

type Branch struct {
	// Repository URL
	Repository string `json:"repo"`

	// Name is the branch we're tracking
	Name string `json:"name"`

	// TargetCommit is the commit where we'll operate on. If blank, then the last
	// in the branch will be used.
	TargetCommit string `json:"-"`

	// LastCommit is the last commit seen in the branc
	LastCommit string `json:"-"`

	// ClonePath points to a local copy of the branch
	ClonePath string `json:"-"`
}

func (*Branch) Identifier 

func (b *Branch) Identifier() string

Identifier returns a URL that identifies the branch in the repo

func (*Branch) Purl 

func (b *Branch) Purl() string

func (*Branch) ToLocator 

func (b *Branch) ToLocator() string

ToLocator returns an SPDX CVS locator representing the branch

func (*Branch) ToResourceDescriptor 

func (b *Branch) ToResourceDescriptor() *intoto.ResourceDescriptor

ToResourceDescriptor returns a representation of the branch as an intoto ResourceDescriptor suitable to use in an attestation.

func (*Branch) ToVexComponent 

func (b *Branch) ToVexComponent() *vex.Component

ToVexComponent converts the branch data to an OpenVEX component ready to use in the product of a statement.

type Package 

type Package struct {
	Type    string `json:"type"`
	Name    string `json:"name"`
	Version string `json:"version"`
	Purl    string `json:"purl"`
}

func (*Package) SetPurl 

func (p *Package) SetPurl(purl string) error

type Repository 

type Repository struct {
	Branches []Branch
}

type Scanner 

type Scanner interface {
	GetBranchVulnerabilities(*Branch) ([]*Vulnerability, error)
}

type SlashCommand 

type SlashCommand struct {
	Command      string
	Date         time.Time
	Blurb        string
	AuthorHandle string
	Raw          string
	Notice       *StatementNotice
}

func (*SlashCommand) Subcommand 

func (sc *SlashCommand) Subcommand() string

func (*SlashCommand) VexJustification 

func (sc *SlashCommand) VexJustification() vex.Justification

func (*SlashCommand) VexStatus 

func (sc *SlashCommand) VexStatus() vex.Status

type StatementNotice 

type StatementNotice struct {
	Published   time.Time `json:"published"`
	Status      string    `json:"status"`
	StatementID string    `json:"statement_id"`
	Location    string    `json:"location"`
}

type Triage 

type Triage struct {
	BackendID     string          `json:"backend_id"`
	Vulnerability *Vulnerability  `json:"vulnerability"`
	Branch        *Branch         `json:"branch"`
	Status        TriageStatus    `json:"status"`
	SlashCommands []*SlashCommand `json:"-"`
}

func (*Triage) LastCommand 

func (t *Triage) LastCommand() *SlashCommand

type TriageBackend 

type TriageBackend interface {
	ListBranchTriages(*Branch) ([]*Triage, error)
	CreateTriage(*Branch, *Vulnerability) (*Triage, error)
	ReadTriageStatus(*Triage) error
	AppendPublishNotice(*Triage, *StatementNotice) error
	CloseTriage(*Triage) error
	CloseTriageWithMessage(*Triage, string) error
}

type TriageStatus 

type TriageStatus string
const (
	StatusClosed              TriageStatus = "CLOSED"
	StatusWaitingForAsessment TriageStatus = "WAITING_USER"
	StatusWaitingForStatement TriageStatus = "WAITING_STATEMENT"
	StatusWaitingForClose     TriageStatus = "FIN_WAIT"
)

type VexPublisher 

type VexPublisher interface {
	PublishDocument(*vex.VEX) (*StatementNotice, error)
	PublishAttestation(att ampel.Statement) (*StatementNotice, error)
	ReadBranchVEX(*Branch) ([]ampel.Envelope, error)
}

type Vulnerability 

type Vulnerability struct {
	ID        string   `json:"id"`
	Aliases   []string `json:"aliases"`
	Summary   string   `json:"-"`
	Details   string   `json:"-"`
	Component *Package `json:"component"`
}

func (*Vulnerability) ComponentPurl 

func (vuln *Vulnerability) ComponentPurl() string

func (*Vulnerability) HasId 

func (vuln *Vulnerability) HasId(id string) bool

func (*Vulnerability) ToVex 

func (vuln *Vulnerability) ToVex() *vex.Vulnerability

func (*Vulnerability) ToVexVuln 

func (vuln *Vulnerability) ToVexVuln() *vex.Vulnerability

ToVexVuln converts the vulnerability to an openvex vuln

func (*Vulnerability) VexComponent 

func (vuln *Vulnerability) VexComponent() *vex.Component

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.