database

package
v0.15.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 27, 2026 License: MIT Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DefaultBatchSize        = 500
	DefaultSnapshotInterval = 100
	MaxSQLVariables         = 999 // SQLite default limit
)
View Source 
const SchemaVersion = 8

Variables

This section is empty.

Functions

func Exists 

func Exists(path string) bool

Types

type AuthorStats 

type AuthorStats struct {
	Name    string         `json:"name"`
	Email   string         `json:"email"`
	Commits int            `json:"commits"`
	Changes int            `json:"changes"`
	ByType  map[string]int `json:"by_type"`
}

type BatchWriter 

type BatchWriter struct {
	// contains filtered or unexported fields
}

func NewBatchWriter 

func NewBatchWriter(db *DB) *BatchWriter

func (*BatchWriter) AddChange 

func (w *BatchWriter) AddChange(sha string, manifest ManifestInfo, change ChangeInfo)

func (*BatchWriter) AddCommit 

func (w *BatchWriter) AddCommit(info CommitInfo, hasChanges bool)

func (*BatchWriter) AddEmptySnapshot added in v0.11.2 

func (w *BatchWriter) AddEmptySnapshot(sha string)

AddEmptySnapshot stores a marker to indicate this commit has no dependencies. This allows GetDependenciesAtRef to distinguish "no snapshot taken" from "empty snapshot".

func (*BatchWriter) AddSnapshot 

func (w *BatchWriter) AddSnapshot(sha string, manifest ManifestInfo, snapshot SnapshotInfo)

func (*BatchWriter) CreateBranch 

func (w *BatchWriter) CreateBranch(name string) error

func (*BatchWriter) Flush 

func (w *BatchWriter) Flush() error

func (*BatchWriter) FlushAsync added in v0.14.0 

func (w *BatchWriter) FlushAsync()

FlushAsync swaps the pending slices into a background goroutine that performs the DB transaction. The caller gets fresh empty slices immediately. Call WaitForFlush before the next FlushAsync or Flush to collect the result.

func (*BatchWriter) HasPendingSnapshots 

func (w *BatchWriter) HasPendingSnapshots(sha string) bool

func (*BatchWriter) IncrementDepCommitCount 

func (w *BatchWriter) IncrementDepCommitCount()

func (*BatchWriter) LastSHA 

func (w *BatchWriter) LastSHA() string

func (*BatchWriter) SetBatchSize 

func (w *BatchWriter) SetBatchSize(size int)

func (*BatchWriter) SetSnapshotInterval 

func (w *BatchWriter) SetSnapshotInterval(interval int)

func (*BatchWriter) ShouldFlush 

func (w *BatchWriter) ShouldFlush() bool

func (*BatchWriter) ShouldStoreSnapshot 

func (w *BatchWriter) ShouldStoreSnapshot() bool

ShouldStoreSnapshot returns true if a snapshot should be stored at this commit. Call this after incrementing the dependency commit count.

func (*BatchWriter) UpdateBranchLastSHA 

func (w *BatchWriter) UpdateBranchLastSHA(sha string) error

func (*BatchWriter) UseBranch 

func (w *BatchWriter) UseBranch(branchID int64) error

func (*BatchWriter) WaitForFlush added in v0.14.0 

func (w *BatchWriter) WaitForFlush() error

WaitForFlush blocks until a previous FlushAsync completes and returns its error. Safe to call when no async flush is in flight (returns nil).

type BisectCandidate added in v0.10.0 

type BisectCandidate struct {
	SHA      string `json:"sha"`
	Message  string `json:"message"`
	Position int    `json:"position"`
}

BisectCandidate represents a commit that changed dependencies, for use in bisect.

type BisectOptions added in v0.10.0 

type BisectOptions struct {
	BranchID     int64
	StartSHA     string // good commit (older)
	EndSHA       string // bad commit (newer)
	Ecosystem    string
	PackageName  string
	ManifestPath string
}

BisectOptions specifies filters for finding bisect candidates.

type BlameEntry 

type BlameEntry struct {
	Name         string `json:"name"`
	Ecosystem    string `json:"ecosystem"`
	Requirement  string `json:"requirement"`
	ManifestPath string `json:"manifest_path"`
	SHA          string `json:"sha"`
	AuthorName   string `json:"author_name"`
	AuthorEmail  string `json:"author_email"`
	CommittedAt  string `json:"committed_at"`
}

type BranchInfo 

type BranchInfo struct {
	ID              int64  `json:"id"`
	Name            string `json:"name"`
	LastAnalyzedSHA string `json:"last_analyzed_sha"`
	LastSHA         string `json:"last_sha,omitempty"` // Alias for LastAnalyzedSHA
	CommitCount     int    `json:"commit_count"`
}

type CachedPackage 

type CachedPackage struct {
	PURL          string    `json:"purl"`
	Ecosystem     string    `json:"ecosystem"`
	Name          string    `json:"name"`
	LatestVersion string    `json:"latest_version"`
	License       string    `json:"license"`
	EnrichedAt    time.Time `json:"enriched_at"`
}

CachedPackage represents cached enrichment data for a package.

type CachedVersion 

type CachedVersion struct {
	PURL        string    `json:"purl"`
	PackagePURL string    `json:"package_purl"`
	License     string    `json:"license"`
	PublishedAt time.Time `json:"published_at"`
}

CachedVersion represents cached version data for a package.

type Change 

type Change struct {
	Name                string `json:"name"`
	Ecosystem           string `json:"ecosystem"`
	PURL                string `json:"purl"`
	ChangeType          string `json:"change_type"`
	Requirement         string `json:"requirement"`
	PreviousRequirement string `json:"previous_requirement,omitempty"`
	DependencyType      string `json:"dependency_type"`
	ManifestPath        string `json:"manifest_path"`
}

type ChangeInfo 

type ChangeInfo struct {
	ManifestPath        string
	Name                string
	Ecosystem           string
	PURL                string
	ChangeType          string
	Requirement         string
	PreviousRequirement string
	DependencyType      string
}

type CommitInfo 

type CommitInfo struct {
	SHA         string
	Message     string
	AuthorName  string
	AuthorEmail string
	CommittedAt time.Time
}

type CommitWithChanges 

type CommitWithChanges struct {
	SHA         string   `json:"sha"`
	Message     string   `json:"message"`
	AuthorName  string   `json:"author_name"`
	AuthorEmail string   `json:"author_email"`
	CommittedAt string   `json:"committed_at"`
	Changes     []Change `json:"changes"`
}

type DB 

type DB struct {
	*sql.DB
	// contains filtered or unexported fields
}

func Create 

func Create(path string) (*DB, error)

func Open 

func Open(path string) (*DB, error)

func OpenOrCreate added in v0.11.2 

func OpenOrCreate(path string) (*DB, bool, error)

OpenOrCreate opens an existing database or creates a new one if it doesn't exist.

func (*DB) AppendNote added in v0.13.0 

func (db *DB) AppendNote(purl, namespace, origin, message string, metadata map[string]string) error

func (*DB) CreateSchema 

func (db *DB) CreateSchema() error

func (*DB) DeleteNote added in v0.13.0 

func (db *DB) DeleteNote(purl, namespace string) error

func (*DB) DeleteVulnerabilitiesForPackage 

func (db *DB) DeleteVulnerabilitiesForPackage(ecosystem, packageName string) error

DeleteVulnerabilitiesForPackage removes all vulnerability mappings for a package. This is used before re-syncing to handle withdrawn vulnerabilities.

func (*DB) GetAuthorStats 

func (db *DB) GetAuthorStats(opts StatsOptions) ([]AuthorStats, error)

func (*DB) GetBisectCandidates added in v0.10.0 

func (db *DB) GetBisectCandidates(opts BisectOptions) ([]BisectCandidate, error)

GetBisectCandidates returns commits with dependency changes between two commits. The results are ordered from oldest to newest (good -> bad direction).

func (*DB) GetBlame 

func (db *DB) GetBlame(branchID int64, ecosystem string) ([]BlameEntry, error)

func (*DB) GetBranch 

func (db *DB) GetBranch(name string) (*BranchInfo, error)

func (*DB) GetBranches 

func (db *DB) GetBranches() ([]BranchInfo, error)

func (*DB) GetCachedPackages 

func (db *DB) GetCachedPackages(purls []string, staleDuration time.Duration) (map[string]*CachedPackage, error)

GetCachedPackages returns cached package data for the given PURLs that aren't stale.

func (*DB) GetCachedVersions 

func (db *DB) GetCachedVersions(packagePurl string, staleDuration time.Duration) ([]CachedVersion, error)

GetCachedVersions returns cached version data for a package that isn't stale.

func (*DB) GetChangesForCommit 

func (db *DB) GetChangesForCommit(sha string) ([]Change, error)

func (*DB) GetChangesForCommits 

func (db *DB) GetChangesForCommits(shas []string) (map[string][]Change, error)

GetChangesForCommits fetches changes for multiple commits in one query (eager loading).

func (*DB) GetCommitAtPosition added in v0.10.0 

func (db *DB) GetCommitAtPosition(position int, branchID int64) (string, error)

GetCommitAtPosition returns the SHA of the commit at a given position.

func (*DB) GetCommitID 

func (db *DB) GetCommitID(sha string) (int64, error)

func (*DB) GetCommitPosition added in v0.10.0 

func (db *DB) GetCommitPosition(sha string, branchID int64) (int, error)

GetCommitPosition returns the position of a commit in a branch.

func (*DB) GetCommitsWithChanges 

func (db *DB) GetCommitsWithChanges(opts LogOptions) ([]CommitWithChanges, error)

func (*DB) GetDatabaseInfo 

func (db *DB) GetDatabaseInfo() (*DatabaseInfo, error)

func (*DB) GetDefaultBranch 

func (db *DB) GetDefaultBranch() (*BranchInfo, error)

func (*DB) GetDependenciesAtCommit 

func (db *DB) GetDependenciesAtCommit(sha string) ([]Dependency, error)

func (*DB) GetDependenciesAtRef 

func (db *DB) GetDependenciesAtRef(ref string, branchID int64) ([]Dependency, error)

func (*DB) GetLastSnapshot 

func (db *DB) GetLastSnapshot(branchID int64) (map[string]SnapshotInfo, error)

func (*DB) GetLatestDependencies 

func (db *DB) GetLatestDependencies(branchID int64) ([]Dependency, error)

func (*DB) GetMaxPosition 

func (db *DB) GetMaxPosition(branchID int64) (int, error)

func (*DB) GetNote added in v0.13.0 

func (db *DB) GetNote(purl, namespace string) (*Note, error)

func (*DB) GetOrCreateBranch added in v0.11.2 

func (db *DB) GetOrCreateBranch(name string) (*BranchInfo, error)

GetOrCreateBranch returns the branch with the given name, creating it if it doesn't exist.

func (*DB) GetPackageHistory 

func (db *DB) GetPackageHistory(opts HistoryOptions) ([]HistoryEntry, error)

func (*DB) GetStaleDependencies 

func (db *DB) GetStaleDependencies(branchID int64, ecosystem string, days int) ([]StaleEntry, error)

func (*DB) GetStats 

func (db *DB) GetStats(opts StatsOptions) (*Stats, error)

func (*DB) GetStoredVulnCount 

func (db *DB) GetStoredVulnCount(ecosystem, packageName string) (int, error)

GetStoredVulnCount returns the number of vulnerabilities stored for a package.

func (*DB) GetVulnSyncStatus 

func (db *DB) GetVulnSyncStatus(branchID int64) ([]VulnSyncStatus, error)

GetVulnSyncStatus returns packages that need vulnerability syncing.

func (*DB) GetVulnerabilitiesForPackage 

func (db *DB) GetVulnerabilitiesForPackage(ecosystem, packageName string) ([]Vulnerability, error)

GetVulnerabilitiesForPackage returns all vulnerabilities affecting a specific package.

func (*DB) GetVulnerabilityPackageInfo 

func (db *DB) GetVulnerabilityPackageInfo(vulnID, ecosystem, packageName string) (*VulnerabilityPackage, error)

GetVulnerabilityPackageInfo returns the affected package info for a vulnerability.

func (*DB) GetVulnerabilityStats 

func (db *DB) GetVulnerabilityStats(branchID int64) (map[string]int, error)

GetVulnerabilityStats returns vulnerability counts by severity for current dependencies.

func (*DB) GetVulnsSyncedAt added in v0.11.0 

func (db *DB) GetVulnsSyncedAt(purlStr string) (time.Time, error)

GetVulnsSyncedAt returns when vulnerabilities were last synced for a package. Returns the zero time if never synced.

func (*DB) GetWhy 

func (db *DB) GetWhy(branchID int64, packageName, ecosystem string) (*WhyResult, error)

func (*DB) HasSnapshotForCommit added in v0.11.2 

func (db *DB) HasSnapshotForCommit(sha string) (bool, error)

HasSnapshotForCommit checks if we have snapshot data stored for a specific commit.

func (*DB) InsertNote added in v0.13.0 

func (db *DB) InsertNote(note Note) error

func (*DB) InsertVulnerability 

func (db *DB) InsertVulnerability(v Vulnerability) error

InsertVulnerability inserts or updates a vulnerability record.

func (*DB) InsertVulnerabilityPackage 

func (db *DB) InsertVulnerabilityPackage(vp VulnerabilityPackage) error

InsertVulnerabilityPackage inserts or updates a vulnerability-package mapping.

func (*DB) ListNoteNamespaces added in v0.13.0 

func (db *DB) ListNoteNamespaces(purlFilter string) ([]NamespaceCount, error)

func (*DB) ListNotes added in v0.13.0 

func (db *DB) ListNotes(namespace, purlFilter string) ([]Note, error)

func (*DB) OptimizeForBulkWrites 

func (db *DB) OptimizeForBulkWrites() error

func (*DB) OptimizeForReads 

func (db *DB) OptimizeForReads() error

func (*DB) RemoveBranch 

func (db *DB) RemoveBranch(name string) error

func (*DB) SavePackageEnrichment 

func (db *DB) SavePackageEnrichment(purl, ecosystem, name, latestVersion, license, registryURL, source string) error

SavePackageEnrichment saves or updates enrichment data for a package.

func (*DB) SavePackageEnrichmentBatch added in v0.10.3 

func (db *DB) SavePackageEnrichmentBatch(packages []PackageEnrichmentData) error

SavePackageEnrichmentBatch saves multiple packages in a single transaction.

func (*DB) SaveVersions 

func (db *DB) SaveVersions(versions []CachedVersion) error

SaveVersions saves version history for a package.

func (*DB) SchemaVersion 

func (db *DB) SchemaVersion() (int, error)

func (*DB) SearchDependencies 

func (db *DB) SearchDependencies(branchID int64, pattern, ecosystem string, directOnly bool) ([]SearchResult, error)

func (*DB) SetVulnsSyncedAt added in v0.11.0 

func (db *DB) SetVulnsSyncedAt(purlStr, ecosystem, name string) error

SetVulnsSyncedAt records that vulnerabilities were synced for a package. Creates a basic package record if one doesn't exist.

func (*DB) StoreSnapshot added in v0.11.2 

func (db *DB) StoreSnapshot(branchID int64, commit CommitInfo, snapshots []SnapshotInfo) error

StoreSnapshot stores dependency snapshot data for a commit. Creates the commit and branch_commit records if they don't exist.

func (*DB) UpdateNote added in v0.13.0 

func (db *DB) UpdateNote(note Note) error

type DatabaseInfo 

type DatabaseInfo struct {
	Path            string           `json:"path"`
	SizeBytes       int64            `json:"size_bytes"`
	SchemaVersion   int              `json:"schema_version"`
	BranchName      string           `json:"branch_name"`
	LastAnalyzedSHA string           `json:"last_analyzed_sha"`
	RowCounts       map[string]int   `json:"row_counts"`
	Ecosystems      []EcosystemCount `json:"ecosystems"`
}

type Dependency 

type Dependency struct {
	Name           string `json:"name"`
	Ecosystem      string `json:"ecosystem"`
	PURL           string `json:"purl"`
	Requirement    string `json:"requirement"`
	DependencyType string `json:"dependency_type"`
	Integrity      string `json:"integrity,omitempty"`
	ManifestPath   string `json:"manifest_path"`
	ManifestKind   string `json:"manifest_kind"`
}

type EcosystemCount added in v0.10.7 

type EcosystemCount struct {
	Name  string `json:"name"`
	Count int    `json:"count"`
}

type HistoryEntry 

type HistoryEntry struct {
	SHA                 string `json:"sha"`
	Message             string `json:"message"`
	AuthorName          string `json:"author_name"`
	AuthorEmail         string `json:"author_email"`
	CommittedAt         string `json:"committed_at"`
	Name                string `json:"name"`
	Ecosystem           string `json:"ecosystem"`
	ChangeType          string `json:"change_type"`
	Requirement         string `json:"requirement"`
	PreviousRequirement string `json:"previous_requirement,omitempty"`
	ManifestPath        string `json:"manifest_path"`
	ManifestKind        string `json:"manifest_kind"`
}

type HistoryOptions 

type HistoryOptions struct {
	BranchID    int64
	PackageName string
	Ecosystem   string
	Author      string
	Since       string
	Until       string
}

type LogOptions 

type LogOptions struct {
	BranchID  int64
	Ecosystem string
	Author    string
	Since     string
	Until     string
	Limit     int
}

type ManifestInfo 

type ManifestInfo struct {
	Path      string
	Ecosystem string
	Kind      string
}

type NameCount 

type NameCount struct {
	Name  string `json:"name"`
	Count int    `json:"count"`
}

type NamespaceCount added in v0.13.0 

type NamespaceCount struct {
	Namespace string `json:"namespace"`
	Count     int    `json:"count"`
}

type Note added in v0.13.0 

type Note struct {
	ID        int64             `json:"id"`
	PURL      string            `json:"purl"`
	Namespace string            `json:"namespace"`
	Origin    string            `json:"origin"`
	Message   string            `json:"message,omitempty"`
	Metadata  map[string]string `json:"metadata,omitempty"`
	CreatedAt string            `json:"created_at"`
	UpdatedAt string            `json:"updated_at"`
}

Note represents a user-attached note on a PURL.

type PackageEnrichmentData added in v0.10.3 

type PackageEnrichmentData struct {
	PURL          string
	Ecosystem     string
	Name          string
	LatestVersion string
	License       string
	RegistryURL   string
	Source        string
}

PackageEnrichmentData holds data for batch saving.

type SearchResult 

type SearchResult struct {
	Name         string `json:"name"`
	Ecosystem    string `json:"ecosystem"`
	Requirement  string `json:"requirement"`
	FirstSeen    string `json:"first_seen"`
	LastChanged  string `json:"last_changed"`
	AddedIn      string `json:"added_in"`
	ManifestKind string `json:"manifest_kind"`
}

type SnapshotInfo 

type SnapshotInfo struct {
	ManifestPath   string
	Name           string
	Ecosystem      string
	PURL           string
	Requirement    string
	DependencyType string
	Integrity      string
}

type StaleEntry 

type StaleEntry struct {
	Name         string `json:"name"`
	Ecosystem    string `json:"ecosystem"`
	Requirement  string `json:"requirement"`
	ManifestPath string `json:"manifest_path"`
	LastChanged  string `json:"last_changed"`
	DaysSince    int    `json:"days_since"`
}

type Stats 

type Stats struct {
	Branch             string         `json:"branch"`
	CommitsAnalyzed    int            `json:"commits_analyzed"`
	CommitsWithChanges int            `json:"commits_with_changes"`
	CurrentDeps        int            `json:"current_deps"`
	DepsByEcosystem    map[string]int `json:"deps_by_ecosystem"`
	TotalChanges       int            `json:"total_changes"`
	ChangesByType      map[string]int `json:"changes_by_type"`
	TopChanged         []NameCount    `json:"top_changed"`
	TopAuthors         []NameCount    `json:"top_authors"`
}

type StatsOptions 

type StatsOptions struct {
	BranchID  int64
	Ecosystem string
	Since     string
	Until     string
	Limit     int
}

type VulnSyncStatus 

type VulnSyncStatus struct {
	Ecosystem   string `json:"ecosystem"`
	PackageName string `json:"package_name"`
	SyncedAt    string `json:"synced_at"`
	VulnCount   int    `json:"vuln_count"`
}

VulnSyncStatus tracks when vulnerabilities were last synced for a package.

type Vulnerability 

type Vulnerability struct {
	ID          string   `json:"id"`
	Aliases     []string `json:"aliases,omitempty"`
	Severity    string   `json:"severity"`
	CVSSScore   float64  `json:"cvss_score"`
	CVSSVector  string   `json:"cvss_vector,omitempty"`
	References  []string `json:"references,omitempty"`
	Summary     string   `json:"summary"`
	Details     string   `json:"details,omitempty"`
	PublishedAt string   `json:"published_at"`
	WithdrawnAt string   `json:"withdrawn_at,omitempty"`
	ModifiedAt  string   `json:"modified_at"`
	FetchedAt   string   `json:"fetched_at"`
}

Vulnerability represents a stored vulnerability record.

type VulnerabilityPackage 

type VulnerabilityPackage struct {
	VulnerabilityID  string `json:"vulnerability_id"`
	Ecosystem        string `json:"ecosystem"`
	PackageName      string `json:"package_name"`
	AffectedVersions string `json:"affected_versions"` // vers range string
	FixedVersions    string `json:"fixed_versions"`    // comma-separated list
}

VulnerabilityPackage represents a package affected by a vulnerability.

type WhyResult 

type WhyResult struct {
	Name         string `json:"name"`
	Ecosystem    string `json:"ecosystem"`
	ManifestPath string `json:"manifest_path"`
	SHA          string `json:"sha"`
	Message      string `json:"message"`
	AuthorName   string `json:"author_name"`
	AuthorEmail  string `json:"author_email"`
	CommittedAt  string `json:"committed_at"`
}

type Writer 

type Writer struct {
	// contains filtered or unexported fields
}

func NewWriter 

func NewWriter(db *DB) (*Writer, error)

func (*Writer) BeginTransaction 

func (w *Writer) BeginTransaction() (*sql.Tx, error)

func (*Writer) Close 

func (w *Writer) Close() error

func (*Writer) CreateBranch 

func (w *Writer) CreateBranch(name string) error

func (*Writer) InsertChange 

func (w *Writer) InsertChange(commitID int64, manifest ManifestInfo, change ChangeInfo) error

func (*Writer) InsertCommit 

func (w *Writer) InsertCommit(info CommitInfo, hasChanges bool) (int64, bool, error)

InsertCommit inserts a commit and links it to the current branch. Returns (commitID, wasNew, error) where wasNew indicates if this was a newly inserted commit. If the commit already exists (from another branch), it returns wasNew=false.

func (*Writer) InsertSnapshot 

func (w *Writer) InsertSnapshot(commitID int64, manifest ManifestInfo, snapshot SnapshotInfo) error

func (*Writer) UpdateBranchLastSHA 

func (w *Writer) UpdateBranchLastSHA(sha string) error

func (*Writer) UseBranch 

func (w *Writer) UseBranch(branchID int64) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.