Affected by GO-2025-3767 and 1 other vulnerabilities

GO-2025-3767: OSV-SCALIBR's Container Image Unpacking Vulnerable to Arbitrary File Write via Path Traversal in github.com/google/osv-scalibr

GO-2025-4149: OSV-SCALIBR has NULL Pointer Dereference in github.com/google/osv-scalibr

javalockfile

package

v0.1.8 Latest Latest Go to latest Published: Apr 7, 2025 License: Apache-2.0 Imports: 0 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/google/osv-scalibr

Links

Documentation ¶

Overview ¶

Package javalockfile provides shared structures for Java extractors.

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Metadata ¶

type Metadata struct {
	ArtifactID   string
	GroupID      string
	Type         string
	Classifier   string
	DepGroupVals []string
	IsTransitive bool // Only set in pomxmlnet extractor
}

Metadata holds parsing information for a Java package.

func (Metadata) DepGroups ¶

func (m Metadata) DepGroups() []string

DepGroups returns the dependency groups for the package.

Source Files ¶

View all Source files

metadata.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL