Documentation
¶
Index ¶
- Variables
- func Blue(text string) string
- func Bold(text string) string
- func BuildCommands(managerName, operation string, input managers.CommandInput) ([][]string, error)
- func CleanupOutput()
- func Colorize(text, color string) string
- func Cyan(text string) string
- func Dim(text string) string
- func Execute() error
- func GetPager() string
- func Green(text string) string
- func IsColorEnabled() bool
- func IsPURL(s string) bool
- func NeedsUpgrade(dbPath string) (bool, int, error)
- func NewRootCmd() *cobra.Command
- func ParsePackageArg(arg, ecosystemFlag string) (ecosystem, name, version string, err error)
- func Red(text string) string
- func RunManagerCommand(ctx context.Context, dir, managerName, operation string, ...) error
- func RunManagerCommands(ctx context.Context, dir, managerName, operation string, ...) error
- func SetupOutput(cmd *cobra.Command)
- func SetupPager(cmd *cobra.Command) func()
- func Yellow(text string) string
- type ColorOutput
- type ColumnSchema
- type CycloneDXBOM
- type CycloneDXComponent
- type CycloneDXDependency
- type CycloneDXLicense
- type CycloneDXMetadata
- type CycloneDXTool
- type DetectedManager
- func DetectManager(dir string) (*DetectedManager, error)
- func DetectManagers(dir string) ([]DetectedManager, error)
- func FilterByEcosystem(detected []DetectedManager, ecosystem string) []DetectedManager
- func PromptForManager(detected []DetectedManager, out io.Writer, in io.Reader) (*DetectedManager, error)
- type DiffEntry
- type DiffResult
- type EcosystemDetail
- type ExposureSummary
- type IntegrityDrift
- type IntegrityEntry
- type LicenseInfo
- type OutdatedPackage
- type PathNotSupportedError
- type PraiseAuthorSummary
- type PraiseSummary
- type RegistryCheckResult
- type RegistryMismatch
- type SARIFArtifactLocation
- type SARIFDriver
- type SARIFLocation
- type SARIFMessage
- type SARIFPhysicalLocation
- type SARIFReport
- type SARIFResult
- type SARIFRule
- type SARIFRun
- type SARIFTool
- type SPDXCreationInfo
- type SPDXExternalRef
- type SPDXPackage
- type SPDXRelationship
- type SPDXSBOM
- type TableSchema
- type TreeNode
- type VulnBlameEntry
- type VulnExposureEntry
- type VulnHistoryEntry
- type VulnLogEntry
- type VulnPraiseEntry
- type VulnResult
- type VulnShowExposure
- type VulnShowResult
- type VulnsDiffResult
- type WhereMatch
Constants ¶
This section is empty.
Variables ¶
View Source
var ( Color ColorOutput // UsePager enables pager for long output UsePager bool )
View Source
var NewEnrichmentClient = func(opts ...enrichment.Option) (enrichment.Client, error) { return enrichment.NewClient(opts...) }
NewEnrichmentClient is the constructor for the enrichment client. Tests can replace this to avoid external API calls.
Functions ¶
func BuildCommands ¶ added in v0.9.1
func BuildCommands(managerName, operation string, input managers.CommandInput) ([][]string, error)
BuildCommands builds package manager commands without executing them
func CleanupOutput ¶ added in v0.10.7
func CleanupOutput()
CleanupOutput tears down the pager if one is active
func IsColorEnabled ¶
func IsColorEnabled() bool
IsColorEnabled returns true if color output should be used
precedence: - current command config `--color=always` / `--color=never` - `$NO_COLOR` https://no-color.org/ - `$FORCE_COLOR` https://force-color.org/ - `$TERM` / stdout detection
func NeedsUpgrade ¶
NeedsUpgrade checks if the database needs to be upgraded
func NewRootCmd ¶
func ParsePackageArg ¶ added in v0.14.0
func RunManagerCommand ¶ added in v0.9.1
func RunManagerCommand(ctx context.Context, dir, managerName, operation string, input managers.CommandInput, stdout, stderr io.Writer) error
RunManagerCommand builds and executes a package manager command
func RunManagerCommands ¶ added in v0.9.1
func RunManagerCommands(ctx context.Context, dir, managerName, operation string, input managers.CommandInput, stdout, stderr io.Writer) error
RunManagerCommands builds and executes multiple package manager commands (for chained operations)
func SetupOutput ¶ added in v0.10.7
SetupOutput configures colour and pager for a command
func SetupPager ¶
SetupPager configures output to go through a pager if available
Types ¶
type ColorOutput ¶ added in v0.10.6
type ColorOutput int
const ( Auto ColorOutput = iota Always Never )
type ColumnSchema ¶
type CycloneDXBOM ¶
type CycloneDXBOM struct {
XMLName xml.Name `xml:"bom" json:"-"`
XMLNS string `xml:"xmlns,attr" json:"-"`
Version int `xml:"version,attr" json:"version"`
BOMFormat string `xml:"-" json:"bomFormat"`
SpecVersion string `xml:"-" json:"specVersion"`
SerialNumber string `xml:"serialNumber,attr,omitempty" json:"serialNumber,omitempty"`
Metadata *CycloneDXMetadata `xml:"metadata,omitempty" json:"metadata,omitempty"`
Components []CycloneDXComponent `xml:"components>component" json:"components"`
Dependencies []CycloneDXDependency `xml:"dependencies>dependency,omitempty" json:"dependencies,omitempty"`
}
CycloneDX BOM structure
type CycloneDXComponent ¶
type CycloneDXComponent struct {
Type string `xml:"type,attr" json:"type"`
BOMRef string `xml:"bom-ref,attr,omitempty" json:"bom-ref,omitempty"`
Name string `xml:"name" json:"name"`
Version string `xml:"version,omitempty" json:"version,omitempty"`
PURL string `xml:"purl,omitempty" json:"purl,omitempty"`
Licenses []CycloneDXLicense `xml:"licenses>license,omitempty" json:"licenses,omitempty"`
Description string `xml:"description,omitempty" json:"description,omitempty"`
}
type CycloneDXDependency ¶
type CycloneDXLicense ¶
type CycloneDXMetadata ¶
type CycloneDXMetadata struct {
Timestamp string `xml:"timestamp" json:"timestamp"`
Tools []CycloneDXTool `xml:"tools>tool,omitempty" json:"tools,omitempty"`
Component *CycloneDXComponent `xml:"component,omitempty" json:"component,omitempty"`
}
type CycloneDXTool ¶
type DetectedManager ¶ added in v0.9.1
DetectedManager holds info about a detected package manager
func DetectManager ¶ added in v0.9.1
func DetectManager(dir string) (*DetectedManager, error)
DetectManager finds the primary package manager in the given directory
func DetectManagers ¶ added in v0.9.1
func DetectManagers(dir string) ([]DetectedManager, error)
DetectManagers finds all package managers in the given directory. For each ecosystem, checks lockfiles first (in priority order), then falls back to the default manager if only a manifest file exists.
func FilterByEcosystem ¶ added in v0.9.1
func FilterByEcosystem(detected []DetectedManager, ecosystem string) []DetectedManager
FilterByEcosystem filters detected managers to those matching the ecosystem
func PromptForManager ¶ added in v0.9.1
func PromptForManager(detected []DetectedManager, out io.Writer, in io.Reader) (*DetectedManager, error)
PromptForManager asks the user to select a package manager when multiple are detected. Returns the selected manager, or an error if not running interactively or user cancels.
type DiffEntry ¶
type DiffEntry struct {
Name string `json:"name"`
Ecosystem string `json:"ecosystem,omitempty"`
ManifestPath string `json:"manifest_path"`
DependencyType string `json:"dependency_type,omitempty"`
FromRequirement string `json:"from_requirement,omitempty"`
ToRequirement string `json:"to_requirement,omitempty"`
}
type DiffResult ¶
type EcosystemDetail ¶ added in v0.10.7
type ExposureSummary ¶
type ExposureSummary struct {
TotalVulnerabilities int `json:"total_vulnerabilities"`
TotalExposureDays int `json:"total_exposure_days"`
AverageExposureDays float64 `json:"average_exposure_days"`
MaxExposureDays int `json:"max_exposure_days"`
BySeverity map[string]int `json:"by_severity"`
OldestExposure string `json:"oldest_exposure,omitempty"`
}
type IntegrityDrift ¶
type IntegrityEntry ¶
type IntegrityEntry struct {
Name string `json:"name"`
Ecosystem string `json:"ecosystem"`
Version string `json:"version"`
Integrity string `json:"integrity"`
ManifestPath string `json:"manifest_path"`
HasDrift bool `json:"has_drift,omitempty"`
OtherHashes []string `json:"other_hashes,omitempty"`
RegistryMismatch bool `json:"registry_mismatch,omitempty"`
RegistryHash string `json:"registry_hash,omitempty"`
}
type LicenseInfo ¶
type LicenseInfo struct {
Name string `json:"name"`
Ecosystem string `json:"ecosystem"`
Version string `json:"version,omitempty"`
Licenses []string `json:"licenses"`
LicenseText string `json:"license_text,omitempty"`
ManifestPath string `json:"manifest_path"`
PURL string `json:"purl,omitempty"`
Flagged bool `json:"flagged,omitempty"`
FlagReason string `json:"flag_reason,omitempty"`
}
type OutdatedPackage ¶
type OutdatedPackage struct {
Name string `json:"name"`
Ecosystem string `json:"ecosystem"`
CurrentVersion string `json:"current_version"`
LatestVersion string `json:"latest_version"`
UpdateType string `json:"update_type"` // major, minor, patch
ManifestPath string `json:"manifest_path"`
PURL string `json:"purl,omitempty"`
}
type PathNotSupportedError ¶ added in v0.10.0
type PathNotSupportedError struct {
Manager string
}
func (*PathNotSupportedError) Error ¶ added in v0.10.0
func (e *PathNotSupportedError) Error() string
func (*PathNotSupportedError) ExitCode ¶ added in v0.10.0
func (e *PathNotSupportedError) ExitCode() int
type PraiseAuthorSummary ¶
type PraiseSummary ¶
type PraiseSummary struct {
TotalFixes int `json:"total_fixes"`
Authors []PraiseAuthorSummary `json:"authors"`
}
type RegistryCheckResult ¶
type RegistryCheckResult struct {
Mismatches []RegistryMismatch `json:"mismatches"`
Checked int `json:"checked"`
Skipped int `json:"skipped"`
}
type RegistryMismatch ¶
type SARIFArtifactLocation ¶
type SARIFArtifactLocation struct {
URI string `json:"uri"`
}
type SARIFDriver ¶
type SARIFLocation ¶
type SARIFLocation struct {
PhysicalLocation SARIFPhysicalLocation `json:"physicalLocation"`
}
type SARIFMessage ¶
type SARIFMessage struct {
Text string `json:"text"`
}
type SARIFPhysicalLocation ¶
type SARIFPhysicalLocation struct {
ArtifactLocation SARIFArtifactLocation `json:"artifactLocation"`
}
type SARIFReport ¶
type SARIFReport struct {
Schema string `json:"$schema"`
Version string `json:"version"`
Runs []SARIFRun `json:"runs"`
}
SARIF output for integration with CI/CD tools
type SARIFResult ¶
type SARIFResult struct {
RuleID string `json:"ruleId"`
Level string `json:"level"`
Message SARIFMessage `json:"message"`
Locations []SARIFLocation `json:"locations,omitempty"`
}
type SARIFRule ¶
type SARIFRule struct {
ID string `json:"id"`
ShortDescription SARIFMessage `json:"shortDescription"`
FullDescription SARIFMessage `json:"fullDescription,omitempty"`
Help SARIFMessage `json:"help,omitempty"`
Properties map[string]any `json:"properties,omitempty"`
}
type SARIFRun ¶
type SARIFRun struct {
Tool SARIFTool `json:"tool"`
Results []SARIFResult `json:"results"`
}
type SARIFTool ¶
type SARIFTool struct {
Driver SARIFDriver `json:"driver"`
}
type SPDXCreationInfo ¶
type SPDXExternalRef ¶
type SPDXPackage ¶
type SPDXPackage struct {
SPDXID string `json:"SPDXID"`
Name string `json:"name"`
VersionInfo string `json:"versionInfo,omitempty"`
DownloadLocation string `json:"downloadLocation"`
LicenseConcluded string `json:"licenseConcluded,omitempty"`
LicenseDeclared string `json:"licenseDeclared,omitempty"`
ExternalRefs []SPDXExternalRef `json:"externalRefs,omitempty"`
}
type SPDXRelationship ¶
type SPDXSBOM ¶
type SPDXSBOM struct {
SPDXVersion string `json:"spdxVersion"`
DataLicense string `json:"dataLicense"`
SPDXID string `json:"SPDXID"`
Name string `json:"name"`
DocumentNamespace string `json:"documentNamespace"`
CreationInfo SPDXCreationInfo `json:"creationInfo"`
Packages []SPDXPackage `json:"packages"`
Relationships []SPDXRelationship `json:"relationships,omitempty"`
}
SPDX structure
type TableSchema ¶
type TableSchema struct {
Name string `json:"name"`
Columns []ColumnSchema `json:"columns"`
Indexes []string `json:"indexes,omitempty"`
}
type VulnBlameEntry ¶
type VulnBlameEntry struct {
VulnID string `json:"vuln_id"`
Severity string `json:"severity"`
Package string `json:"package"`
Version string `json:"version"`
FixedIn string `json:"fixed_in,omitempty"`
AddedBy string `json:"added_by"`
AddedEmail string `json:"added_email"`
AddedCommit string `json:"added_commit"`
AddedDate string `json:"added_date"`
}
type VulnExposureEntry ¶
type VulnHistoryEntry ¶
type VulnHistoryEntry struct {
SHA string `json:"sha"`
Date string `json:"date"`
Version string `json:"version"`
Vulnerabilities []VulnResult `json:"vulnerabilities,omitempty"`
}
type VulnLogEntry ¶
type VulnLogEntry struct {
SHA string `json:"sha"`
Message string `json:"message"`
Author string `json:"author"`
Date string `json:"date"`
Introduced []VulnResult `json:"introduced,omitempty"`
Fixed []VulnResult `json:"fixed,omitempty"`
}
type VulnPraiseEntry ¶
type VulnResult ¶
type VulnResult struct {
ID string `json:"id"`
Aliases []string `json:"aliases,omitempty"`
Summary string `json:"summary"`
Severity string `json:"severity"`
Package string `json:"package"`
Ecosystem string `json:"ecosystem"`
Version string `json:"version"`
FixedVersion string `json:"fixed_version,omitempty"`
ManifestPath string `json:"manifest_path"`
References []string `json:"references,omitempty"`
}
VulnResult represents a vulnerability found in a dependency.
type VulnShowExposure ¶
type VulnShowResult ¶
type VulnShowResult struct {
Vulnerability *vulns.Vulnerability `json:"vulnerability"`
Exposure *VulnShowExposure `json:"exposure,omitempty"`
}
type VulnsDiffResult ¶
type VulnsDiffResult struct {
Added []VulnResult `json:"added"`
Fixed []VulnResult `json:"fixed"`
}
Source Files
¶
- add.go
- bisect.go
- blame.go
- branch.go
- browse.go
- changelog.go
- completions.go
- diff.go
- diff_driver.go
- diff_file.go
- ecosystems.go
- helpers.go
- history.go
- hooks.go
- info.go
- init.go
- install.go
- integrity.go
- licenses.go
- list.go
- log.go
- managers.go
- notes.go
- outdated.go
- output.go
- plugins.go
- reindex.go
- remove.go
- resolve.go
- root.go
- sbom.go
- schema.go
- search.go
- show.go
- stale.go
- stats.go
- tree.go
- update.go
- upgrade.go
- urls.go
- vendor.go
- vulns.go
- where.go
- why.go
Click to show internal directories.
Click to hide internal directories.