Documentation
¶
Overview ¶
Package vl provides a vulnerability source backed by vulnerability-lookup.org (CIRCL).
Index ¶
- Constants
- type Option
- type Source
- func (s *Source) Get(ctx context.Context, id string) (*vulns.Vulnerability, error)
- func (s *Source) Name() string
- func (s *Source) Query(ctx context.Context, p *purl.PURL) ([]vulns.Vulnerability, error)
- func (s *Source) QueryBatch(ctx context.Context, purls []*purl.PURL) ([][]vulns.Vulnerability, error)
Constants ¶
View Source
const ( DefaultAPIURL = "https://vulnerability.circl.lu/api" DefaultTimeout = 30 * time.Second )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Option ¶
type Option func(*Source)
Option configures a Source.
func WithHTTPClient ¶
WithHTTPClient sets a custom HTTP client.
type Source ¶
type Source struct {
// contains filtered or unexported fields
}
Source implements vulns.Source using the vulnerability-lookup API.
func (*Source) Query ¶
Query returns vulnerabilities affecting the package identified by the PURL. Note: vulnerability-lookup uses vendor/product search, so this maps the PURL to vendor/product as best as possible.
func (*Source) QueryBatch ¶
func (s *Source) QueryBatch(ctx context.Context, purls []*purl.PURL) ([][]vulns.Vulnerability, error)
QueryBatch queries multiple packages. Vulnerability-lookup doesn't have a batch API, so this makes individual requests.
Source Files
Click to show internal directories.
Click to hide internal directories.