Documentation
¶
Overview ¶
Package config manages the configuration for osv-scanner.
Index ¶
- Variables
- type Config
- func (c *Config) ShouldIgnore(vulnID string) (bool, *IgnoreEntry)
- func (c *Config) ShouldIgnorePackage(pkg imodels.PackageInfo) (bool, PackageOverrideEntry)
- func (c *Config) ShouldIgnorePackageVulnerabilities(pkg imodels.PackageInfo) bool
- func (c *Config) ShouldOverridePackageLicense(pkg imodels.PackageInfo) (bool, PackageOverrideEntry)
- func (c *Config) UnusedIgnoredVulns() []*IgnoreEntry
- type IgnoreEntry
- type License
- type Manager
- type PackageOverrideEntry
- type Vulnerability
Constants ¶
This section is empty.
Variables ¶
View Source
var OSVScannerConfigName = "osv-scanner.toml"
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
IgnoredVulns []*IgnoreEntry `toml:"IgnoredVulns"`
PackageOverrides []PackageOverrideEntry `toml:"PackageOverrides"`
GoVersionOverride string `toml:"GoVersionOverride"`
// The path to config file that this config was loaded from,
// set by the scanner after having successfully parsed the file
LoadPath string `toml:"-"`
}
func (*Config) ShouldIgnore ¶
func (c *Config) ShouldIgnore(vulnID string) (bool, *IgnoreEntry)
func (*Config) ShouldIgnorePackage ¶
func (c *Config) ShouldIgnorePackage(pkg imodels.PackageInfo) (bool, PackageOverrideEntry)
ShouldIgnorePackage determines if the given package should be ignored based on override entries in the config
func (*Config) ShouldIgnorePackageVulnerabilities ¶
func (c *Config) ShouldIgnorePackageVulnerabilities(pkg imodels.PackageInfo) bool
ShouldIgnorePackageVulnerabilities determines if the given package should have its vulnerabilities ignored based on override entries in the config
func (*Config) ShouldOverridePackageLicense ¶
func (c *Config) ShouldOverridePackageLicense(pkg imodels.PackageInfo) (bool, PackageOverrideEntry)
ShouldOverridePackageLicense determines if the given package should have its license ignored or changed based on override entries in the config
func (*Config) UnusedIgnoredVulns ¶ added in v2.2.4
func (c *Config) UnusedIgnoredVulns() []*IgnoreEntry
type IgnoreEntry ¶
type IgnoreEntry struct {
ID string `toml:"id"`
IgnoreUntil time.Time `toml:"ignoreUntil"`
Reason string `toml:"reason"`
Used bool `toml:"-"`
}
func (*IgnoreEntry) MarkAsUsed ¶ added in v2.2.4
func (ie *IgnoreEntry) MarkAsUsed()
type Manager ¶
type Manager struct {
// Override to replace all other configs
OverrideConfig *Config
// Config to use if no config file is found alongside manifests
DefaultConfig Config
// Cache to store loaded configs
ConfigMap map[string]Config
}
func (*Manager) GetUnusedIgnoreEntries ¶ added in v2.2.4
func (c *Manager) GetUnusedIgnoreEntries() map[string][]*IgnoreEntry
func (*Manager) UseOverride ¶
UseOverride updates the Manager to use the config at the given path in place of any other config files that would be loaded when calling Get
type PackageOverrideEntry ¶
type PackageOverrideEntry struct {
Name string `toml:"name"`
// If the version is empty, the entry applies to all versions.
Version string `toml:"version"`
Ecosystem string `toml:"ecosystem"`
Group string `toml:"group"`
Ignore bool `toml:"ignore"`
Vulnerability Vulnerability `toml:"vulnerability"`
License License `toml:"license"`
EffectiveUntil time.Time `toml:"effectiveUntil"`
Reason string `toml:"reason"`
}
type Vulnerability ¶
type Vulnerability struct {
Ignore bool `toml:"ignore"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.