output

package
v1.9.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 19, 2024 License: Apache-2.0 Imports: 31 Imported by: 0

Documentation

Index

Constants

View Source 
const OSVBaseVulnerabilityURL = "https://osv.dev/"

OSVBaseVulnerabilityURL is the base URL for detailed vulnerability views. Copied in from osv package to avoid referencing the osv package unnecessarily

View Source 
const SARIFTemplate = `` /* 1287-byte string literal not displayed */

Two double-quotes ("") is replaced with a single backtick (`), since we can't embed backticks in raw strings

View Source 
const TemplateDir = "html/*"

HTML templates directory

View Source 
const UnfixedDescription = "No fix available"
View Source 
const UnknownRating = "UNKNOWN"
View Source 
const VersionUnsupported = "N/A"

Variables

This section is empty.

Functions

func Form added in v1.4.0 

func Form(count int, singular, plural string) string

Form returns the singular or plural form that should be used based on the given count

func GroupFixedVersions added in v1.4.0 

func GroupFixedVersions(flattened []models.VulnerabilityFlattened) map[string][]string

GroupFixedVersions builds the fixed versions for each ID Group, with keys formatted like so: `Source:ID`

func MaxSeverity added in v1.4.0 

func MaxSeverity(group models.GroupInfo, pkg models.PackageVulns) string

func PrintCycloneDXResults added in v1.8.2 

func PrintCycloneDXResults(vulnResult *models.VulnerabilityResults, cycloneDXVersion models.CycloneDXVersion, outputWriter io.Writer) error

PrintCycloneDXResults writes results to the provided writer in CycloneDX format

func PrintGHAnnotationReport added in v1.4.0 

func PrintGHAnnotationReport(vulnResult *models.VulnerabilityResults, outputWriter io.Writer) error

PrintGHAnnotationReport prints Github specific annotations to outputWriter

func PrintHTMLResults added in v1.9.1 

func PrintHTMLResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer) error

func PrintJSONResults 

func PrintJSONResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer) error

PrintJSONResults writes results to the provided writer in JSON format

func PrintMarkdownTableResults added in v1.2.0 

func PrintMarkdownTableResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer)

PrintTableResults prints the osv scan results into a human friendly table.

func PrintResults added in v1.9.2 

func PrintResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer) error

PrintResults prints the output to the outputWriter. This function is for testing purposes only, to visualize the result format.

func PrintSARIFReport added in v1.4.0 

func PrintSARIFReport(vulnResult *models.VulnerabilityResults, outputWriter io.Writer) error

PrintSARIFReport prints SARIF output to outputWriter

func PrintTableResults 

func PrintTableResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer, terminalWidth int)

PrintTableResults prints the osv scan results into a human friendly table.

func PrintVerticalResults added in v1.8.3 

func PrintVerticalResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer)

Types

type CallAnalysisCount added in v1.9.2 

type CallAnalysisCount struct {
	Called   int
	Uncalled int
}

func (*CallAnalysisCount) Add added in v1.9.2 

func (c *CallAnalysisCount) Add(other CallAnalysisCount)

Add adds the counts from another CallAnalysisCount to the receiver.

type EcosystemResult added in v1.9.2 

type EcosystemResult struct {
	Name    string
	Sources []SourceResult
	IsOS    bool
}

EcosystemResult represents the vulnerability scanning results for an ecosystem.

type FixableCount added in v1.9.2 

type FixableCount struct {
	Fixed   int
	UnFixed int
}

func (*FixableCount) Add added in v1.9.2 

func (c *FixableCount) Add(other FixableCount)

Add adds the counts from another FixableCount to the receiver.

type FixedPkgTableData added in v1.4.1 

type FixedPkgTableData struct {
	VulnID       string
	PackageName  string
	FixedVersion string
}

type HTMLEcosystemResult added in v1.9.1 

type HTMLEcosystemResult struct {
	Ecosystem string
	Sources   []HTMLSourceResult
	IsOS      bool
}

HTMLEcosystemResult represents the vulnerability scanning results for an ecosystem.

type HTMLLayerInfo added in v1.9.2 

type HTMLLayerInfo struct {
	Index        int
	LayerCommand string
	LayerID      string
	Count        HTMLVulnCount
}

type HTMLPackageLayerDetail added in v1.9.2 

type HTMLPackageLayerDetail struct {
	LayerCommand        string
	LayerCommandTooltip string
	LayerID             string
	InBaseImage         bool
}

HTMLPackageLayerDetail represents detailed layer tracing information about a package.

type HTMLPackageResult added in v1.9.1 

type HTMLPackageResult struct {
	Name                   string
	Ecosystem              string
	Source                 string
	CalledVulns            []HTMLVulnResult
	UncalledVulns          []HTMLVulnResult
	InstalledVersion       string
	FixedVersion           string
	HTMLVulnCount          HTMLVulnCount
	HTMLPackageLayerDetail HTMLPackageLayerDetail
}

HTMLPackageResult represents the vulnerability scanning results for a package.

type HTMLResult added in v1.9.1 

type HTMLResult struct {
	EcosystemResults    []HTMLEcosystemResult
	IsContainerScanning bool
	AllLayers           []HTMLLayerInfo
	HTMLVulnTypeCount   HTMLVulnTypeCount
	HTMLVulnCount       HTMLVulnCount
}

HTMLResult represents the vulnerability scanning results for HTML report.

func BuildHTMLResults added in v1.9.1 

func BuildHTMLResults(vulnResult *models.VulnerabilityResults) HTMLResult

BuildHTMLResults builds HTML results from vulnerability results.

type HTMLSourceResult added in v1.9.1 

type HTMLSourceResult struct {
	Source               string
	Ecosystem            string
	PackageResults       []HTMLPackageResult
	CalledPackageCount   int
	UncalledPackageCount int
	HTMLVulnCount        HTMLVulnCount
}

HTMLSourceResult represents the vulnerability scanning results for a source file.

type HTMLVulnCount added in v1.9.1 

type HTMLVulnCount struct {
	Critical int
	High     int
	Medium   int
	Low      int
	Unknown  int
	Called   int
	Uncalled int
	Fixed    int
	UnFixed  int
}

HTMLVulnCount represents the counts of vulnerabilities by severity and fixed/unfixed status

type HTMLVulnResult added in v1.9.1 

type HTMLVulnResult struct {
	Summary HTMLVulnResultSummary
	Detail  HTMLVulnResultDetail
}

HTMLVulnResult represents a single vulnerability.

type HTMLVulnResultDetail added in v1.9.1 

type HTMLVulnResultDetail struct {
	GroupIDs            []string
	CVE                 string
	Aliases             []string
	LayerCommand        string
	LayerCommandTooltip string
	LayerID             string
	InBaseImage         bool
}

HTMLVulnResultDetail represents detailed information about a vulnerability.

type HTMLVulnResultSummary added in v1.9.1 

type HTMLVulnResultSummary struct {
	ID               string
	PackageName      string
	InstalledVersion string
	FixedVersion     string
	SeverityRating   string
	SeverityScore    string
}

HTMLVulnResultSummary represents summary information about a vulnerability.

type HTMLVulnTypeCount added in v1.9.2 

type HTMLVulnTypeCount struct {
	All      int
	OS       int
	Project  int
	Uncalled int
}

type HelpTemplateData added in v1.4.1 

type HelpTemplateData struct {
	ID                    string
	AffectedPackagesTable string
	AffectedPackagePaths  []string
	AliasedVulns          []VulnDescription
	HasFixedVersion       bool
	FixedVersionTable     string
	PathSeparator         string
}

type LayerInfo added in v1.9.2 

type LayerInfo struct {
	Index        int
	LayerCommand string
	LayerID      string
	Count        VulnCount
}

type PackageLayerDetail added in v1.9.2 

type PackageLayerDetail struct {
	LayerCommand         string
	LayerCommandDetailed string
	LayerID              string
	InBaseImage          bool
}

PackageLayerDetail represents detailed layer tracing information about a package.

type PackageResult added in v1.9.2 

type PackageResult struct {
	Name             string
	InstalledVersion string
	FixedVersion     string
	CalledVulns      []VulnResult
	UncalledVulns    []VulnResult
	LayerDetail      PackageLayerDetail
	VulnCount        VulnCount
}

PackageResult represents the vulnerability scanning results for a package.

type Result added in v1.9.2 

type Result struct {
	Ecosystems []EcosystemResult
	// Container scanning related
	IsContainerScanning bool
	AllLayers           []LayerInfo
	VulnTypeCount       VulnTypeCount
	PackageTypeCount    CallAnalysisCount
	VulnCount           VulnCount
}

Result represents the vulnerability scanning results for output report.

func BuildResults added in v1.9.2 

func BuildResults(vulnResult *models.VulnerabilityResults) Result

BuildResults constructs the output result structure from the vulnerability results.

This function creates a hierarchical representation of the results, starting from the overall summary and drilling down to ecosystems, sources, packages, and vulnerability details. This structured format facilitates generating various output formats (e.g., table, HTML, etc.).

type SeverityCount added in v1.9.2 

type SeverityCount struct {
	Critical int
	High     int
	Medium   int
	Low      int
	Unknown  int
}

func (*SeverityCount) Add added in v1.9.2 

func (c *SeverityCount) Add(other SeverityCount)

Add adds the counts from another SeverityCount to the receiver.

type SourceResult added in v1.9.2 

type SourceResult struct {
	Name             string
	Ecosystem        string
	PackageTypeCount CallAnalysisCount
	Packages         []PackageResult
	VulnCount        VulnCount
}

SourceResult represents the vulnerability scanning results for a source file.

type VulnCount added in v1.9.2 

type VulnCount struct {
	CallAnalysisCount CallAnalysisCount
	// Only called vulnerabilities are included in the severity and fixable counts.
	SeverityCount SeverityCount
	FixableCount  FixableCount
}

VulnCount represents the counts of vulnerabilities by severity and fixed/unfixed status

func (*VulnCount) Add added in v1.9.2 

func (v *VulnCount) Add(other VulnCount)

Add adds the counts from another VulnCount to the receiver.

type VulnDescription added in v1.4.1 

type VulnDescription struct {
	ID      string
	Details string
}

type VulnResult added in v1.9.2 

type VulnResult struct {
	ID             string
	GroupIDs       []string
	Aliases        []string
	IsFixable      bool
	FixedVersion   string
	SeverityRating severity.Rating
	SeverityScore  string
}

VulnResult represents a single vulnerability.

type VulnTypeCount added in v1.9.2 

type VulnTypeCount struct {
	All      int
	OS       int
	Project  int
	Uncalled int
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.