output

package
v2.3.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 15, 2026 License: Apache-2.0 Imports: 41 Imported by: 0

Documentation

Overview

Package output provides functionality for printing scan results in various formats.

Index

Constants

View Source 
const OSVBaseVulnerabilityURL = "https://osv.dev/"

OSVBaseVulnerabilityURL is the base URL for detailed vulnerability views. Copied in from osv package to avoid referencing the osv package unnecessarily

View Source 
const SARIFTemplate = `` /* 1252-byte string literal not displayed */

SARIFTemplate is used as the help text for findings.

Note that double double-quotes are ("") are used to represent a single backtick (`)`, since backticks cannot be escaped in raw strings

View Source 
const TemplateDir = "html/*"

TemplateDir is the directory containing the HTML templates

View Source 
const UnfixedDescription = "No fix available"
View Source 
const VersionUnsupported = "N/A"

Variables

This section is empty.

Functions

func Form 

func Form(count int, singular, plural string) string

Form returns the singular or plural form that should be used based on the given count

func MaxSeverity 

func MaxSeverity(group models.GroupInfo, pkg models.PackageVulns) string

func PrintCycloneDXResults 

func PrintCycloneDXResults(vulnResult *models.VulnerabilityResults, cycloneDXVersion models.CycloneDXVersion, outputWriter io.Writer) error

PrintCycloneDXResults writes results to the provided writer in CycloneDX format

func PrintGHAnnotationReport 

func PrintGHAnnotationReport(vulnResult *models.VulnerabilityResults, outputWriter io.Writer) error

PrintGHAnnotationReport prints Github specific annotations to outputWriter

func PrintHTMLResults 

func PrintHTMLResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer) error

func PrintJSONResults 

func PrintJSONResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer) error

PrintJSONResults writes results to the provided writer in JSON format

func PrintMarkdownTableResults 

func PrintMarkdownTableResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer, showAllVulns bool)

PrintMarkdownTableResults prints the osv scan results into a human friendly Markdown table. The Markdown table uses the same format and columns as the standard table output.

func PrintResults 

func PrintResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer) error

PrintResults prints the output to the outputWriter. This function is for testing purposes only, to visualize the result format.

func PrintSARIFReport 

func PrintSARIFReport(vulnResult *models.VulnerabilityResults, outputWriter io.Writer) error

PrintSARIFReport prints SARIF output to outputWriter

func PrintSPDXResults added in v2.0.2 

func PrintSPDXResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer) error

PrintSPDXResults writes results to the provided writer in SPDX format

func PrintTableResults 

func PrintTableResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer, terminalWidth int, showAllVulns bool)

PrintTableResults prints the osv scan results into a human friendly table.

func PrintVerticalResults 

func PrintVerticalResults(vulnResult *models.VulnerabilityResults, outputWriter io.Writer, showAllVulns bool)

Types

type AnalysisCount 

type AnalysisCount struct {
	Regular int
	Hidden  int
}

AnalysisCount represents the counts of vulnerabilities by analysis type (e.g. call analysis)

func (*AnalysisCount) Add 

func (c *AnalysisCount) Add(other AnalysisCount)

Add adds the counts from another CallAnalysisCount to the receiver.

type BaseImageGroupInfo 

type BaseImageGroupInfo struct {
	Index         int
	BaseImageInfo []models.BaseImageDetails
	AllLayers     []LayerInfo
	Count         VulnCount
}

type EcosystemResult 

type EcosystemResult struct {
	Name    string
	Sources []SourceResult
	IsOS    bool
}

EcosystemResult represents the vulnerability scanning results for an ecosystem.

type FixableCount 

type FixableCount struct {
	Fixed   int
	UnFixed int
}

FixableCount represents the counts of vulnerabilities by fixable status.

func (*FixableCount) Add 

func (c *FixableCount) Add(other FixableCount)

Add adds the counts from another FixableCount to the receiver.

type FixedPkgTableData 

type FixedPkgTableData struct {
	VulnID       string
	PackageName  string
	FixedVersion string
}

type HelpTemplateData 

type HelpTemplateData struct {
	ID                    string
	AffectedPackagesTable string
	AffectedPackagePaths  []string
	AliasedVulns          []VulnDescription
	HasFixedVersion       bool
	FixedVersionTable     string
	PathSeparator         string
}

type ImageInfo 

type ImageInfo struct {
	OS            string
	AllLayers     []LayerInfo
	AllBaseImages []BaseImageGroupInfo
}

type LayerInfo 

type LayerInfo struct {
	Index         int
	LayerMetadata models.LayerMetadata
	Count         VulnCount
}

type LicenseSummary 

type LicenseSummary struct {
	Summary        bool
	ShowViolations bool
	LicenseCount   []models.LicenseCount
}

type PackageContainerInfo 

type PackageContainerInfo struct {
	LayerIndex    int
	LayerInfo     LayerInfo
	BaseImageInfo BaseImageGroupInfo
}

PackageContainerInfo represents detailed layer tracing information about a package.

type PackageResult 

type PackageResult struct {
	Name string
	// OSPackageNames represents the actual installed binary names. This is primarily used for container scanning.
	OSPackageNames   []string
	InstalledVersion string
	Commit           string
	FixedVersion     string
	// RegularVulns holds all the vulnerabilities that should be displayed to users
	RegularVulns []VulnResult
	// HiddenVulns holds all the vulnerabilities that should not be displayed to users, such as those deemed unimportant or uncalled.
	HiddenVulns       []VulnResult
	LayerDetail       PackageContainerInfo
	VulnCount         VulnCount
	Licenses          []models.License
	LicenseViolations []models.License
	DepGroups         []string `json:"-"`
	Deprecated        bool     `json:",omitempty"`
}

PackageResult represents the vulnerability scanning results for a package.

type Result 

type Result struct {
	Ecosystems []EcosystemResult
	// Container scanning related
	IsContainerScanning bool
	ImageInfo           ImageInfo
	LicenseSummary      LicenseSummary
	VulnTypeSummary     VulnTypeSummary
	PackageTypeCount    AnalysisCount
	VulnCount           VulnCount
	PkgDeprecatedCount  int `json:",omitempty"`
}

Result represents the vulnerability scanning results for output report.

func BuildResults 

func BuildResults(vulnResult *models.VulnerabilityResults) Result

BuildResults constructs the output result structure from the vulnerability results.

This function creates a hierarchical representation of the results, starting from the overall summary and drilling down to ecosystems, sources, packages, and vulnerability details. This structured format facilitates generating various output formats (e.g., table, HTML, etc.).

type SeverityCount 

type SeverityCount struct {
	Critical int
	High     int
	Medium   int
	Low      int
	Unknown  int
}

SeverityCount represents the counts of vulnerabilities by severity level.

func (*SeverityCount) Add 

func (c *SeverityCount) Add(other SeverityCount)

Add adds the counts from another SeverityCount to the receiver.

type SourceResult 

type SourceResult struct {
	Name                   string
	Type                   models.SourceType
	PackageTypeCount       AnalysisCount
	Packages               []PackageResult
	VulnCount              VulnCount
	LicenseViolationsCount int
	PkgDeprecatedCount     int `json:",omitempty"`
}

SourceResult represents the vulnerability scanning results for a source file.

type VulnAnalysisType 

type VulnAnalysisType int
const (
	VulnTypeRegular     VulnAnalysisType = iota // 0
	VulnTypeUncalled                            // 1
	VulnTypeUnimportant                         // 2
)

func (VulnAnalysisType) String 

func (vt VulnAnalysisType) String() string

type VulnCount 

type VulnCount struct {
	AnalysisCount AnalysisCount
	// Only regular vulnerabilities are included in the severity and fixable counts.
	SeverityCount SeverityCount
	FixableCount  FixableCount
}

VulnCount represents the counts of vulnerabilities by call analysis, severity and fixed/unfixed status

func (*VulnCount) Add 

func (v *VulnCount) Add(other VulnCount)

Add adds the counts from another VulnCount to the receiver.

type VulnDescription 

type VulnDescription struct {
	ID      string
	Details string
}

type VulnResult 

type VulnResult struct {
	ID       string
	GroupIDs []string
	Aliases  []string
	// Description is either the Vulnerability.Summary (default) or the Vulnerability.Details.
	Description      string
	IsFixable        bool
	FixedVersion     string
	VulnAnalysisType VulnAnalysisType
	SeverityRating   severity.Rating
	SeverityScore    string
}

VulnResult represents a single vulnerability.

type VulnTableEntryArgument 

type VulnTableEntryArgument struct {
	Element  VulnResult
	IsHidden bool
}

type VulnTypeSummary 

type VulnTypeSummary struct {
	All     int
	OS      int
	Project int
	Hidden  int
}

VulnTypeSummary represents the count of each vulnerability type at the top level of the scanning results.

Source Files

View all Source files

Directories

Path Synopsis
Package sbom provides functionality to generate SBOMs from scan results.
 Package sbom provides functionality to generate SBOMs from scan results.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.