enricher

package

v0.4.0 Latest Latest Go to latest Published: Nov 18, 2025 License: Apache-2.0, BSD-3-Clause Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/google/osv-scalibr

Links

Open Source Insights

Documentation ¶

Overview ¶

Package enricher provides the interface for enrichment plugins.

Index ¶

Variables
func Run(ctx context.Context, config *Config, inventory *inventory.Inventory) ([]*plugin.Status, error)
type Config
type Enricher
type ScanInput

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrNoDirectFS is returned when an enricher requires direct filesystem access but the scan root is nil.
	ErrNoDirectFS = errors.New("enrichment requires direct filesystem access but scan root is nil")

	// EnricherOrder describes the order in which specific enrichers need to run in.
	// TODO(b/416106602): Use required enrichers instead of a global ordering list.
	EnricherOrder = []string{
		"reachability/java",
		"vulnmatch/osvdev",
		"vex/filter",
	}
)

Functions ¶

func Run ¶

func Run(ctx context.Context, config *Config, inventory *inventory.Inventory) ([]*plugin.Status, error)

Run runs the specified enrichers and returns their statuses.

Types ¶

type Config ¶

type Config struct {
	Enrichers []Enricher
	ScanRoot  *scalibrfs.ScanRoot
}

Config for running enrichers.

type Enricher ¶

type Enricher interface {
	plugin.Plugin
	// RequiredPlugins returns a list of Plugins that need to be enabled for this Enricher to run.
	RequiredPlugins() []string
	// Enrich enriches the scan results with additional information.
	Enrich(ctx context.Context, input *ScanInput, inv *inventory.Inventory) error
}

Enricher is the interface for an enrichment plugin, used to enrich scan results with additional information through APIs or other sources.

type ScanInput ¶

type ScanInput struct {
	// The root of the artifact being scanned.
	ScanRoot *scalibrfs.ScanRoot
}

ScanInput provides information for the enricher about the scan.

Source Files ¶

View all Source files

enricher.go

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
baseimage Package baseimage enriches inventory layer details with potential base images from deps.dev.	Package baseimage enriches inventory layer details with potential base images from deps.dev.
enricherlist Package enricherlist provides methods to initialize enrichers from attributes like names or capabilities.	Package enricherlist provides methods to initialize enrichers from attributes like names or capabilities.
hcpidentity Package hcpidentity contains an Enricher that augments HCP access tokens with identity metadata from the caller-identity endpoint.	Package hcpidentity contains an Enricher that augments HCP access tokens with identity metadata from the caller-identity endpoint.
huggingfacemeta Package huggingfacemeta contains an Enricher that adds additional metadata to each Huggingface keys based on the API response	Package huggingfacemeta contains an Enricher that adds additional metadata to each Huggingface keys based on the API response
license Package license contains an Enricher that adds license data to software packages by querying deps.dev	Package license contains an Enricher that adds license data to software packages by querying deps.dev
fakeclient Package fakeclient contains a fake implementation of the deps.dev client for testing purposes.	Package fakeclient contains a fake implementation of the deps.dev client for testing purposes.
packagedeprecation Package packagedeprecation enriches inventory details with package version deprecation status from deps.dev	Package packagedeprecation enriches inventory details with package version deprecation status from deps.dev
reachability
java Package java provides an Enricher to add reachability annotations for Java Packages.	Package java provides an Enricher to add reachability annotations for Java Packages.
secrets Package secrets contains an Enricher that uses Veles Validators to validate Secrets found by the Veles Extractor.	Package secrets contains an Enricher that uses Veles Validators to validate Secrets found by the Veles Extractor.
convert Package convert provides a utility function for converting Veles plugins (Detectors and Validators) to SCALIBR core plugins (FilesystemExtractors and Enrichers)	Package convert provides a utility function for converting Veles plugins (Detectors and Validators) to SCALIBR core plugins (FilesystemExtractors and Enrichers)
transitivedependency
requirements Package requirements implements an enricher to perform dependency resolution for Python requirements.txt.	Package requirements implements an enricher to perform dependency resolution for Python requirements.txt.
vex
filter Package filter defines an enricher that filters out vulns with VEX signals.	Package filter defines an enricher that filters out vulns with VEX signals.
vulnmatch
osvdev Package osvdev queries the OSV.dev API to find vulnerabilities in the inventory packages	Package osvdev queries the OSV.dev API to find vulnerabilities in the inventory packages
osvdev/fakeclient Package fakeclient contains a mock implementation of the OSV.dev client for testing purposes.	Package fakeclient contains a mock implementation of the OSV.dev client for testing purposes.