Documentation
¶
Overview ¶
Package osvmatcher implements two vulnerability matcher using osv.dev's API.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CachedOSVMatcher ¶
type CachedOSVMatcher struct {
Client osvdev.OSVClient
// InitialQueryTimeout allows you to set a timeout specifically for the initial paging query
// If timeout runs out, whatever pages that has been successfully queried within the timeout will
// still return fully hydrated.
InitialQueryTimeout time.Duration
// contains filtered or unexported fields
}
CachedOSVMatcher implements the VulnerabilityMatcher interface with a osv.dev client. It sends out requests for every vulnerability of each package, which get cached. Checking if a specific version matches an OSV record is done locally. This should be used when we know the same packages are going to be repeatedly queried multiple times, as in guided remediation. TODO: This does not support commit-based queries.
func (*CachedOSVMatcher) MatchVulnerabilities ¶
func (matcher *CachedOSVMatcher) MatchVulnerabilities(ctx context.Context, pkgs []*extractor.Package) ([][]*osvschema.Vulnerability, error)
type OSVMatcher ¶
type OSVMatcher struct {
Client osvdev.OSVClient
// InitialQueryTimeout allows you to set a timeout specifically for the initial paging query
// If timeout runs out, whatever pages that has been successfully queried within the timeout will
// still return fully hydrated.
InitialQueryTimeout time.Duration
}
OSVMatcher implements the VulnerabilityMatcher interface with an osv.dev client. It sends out requests for every package version and does not perform caching.
func (*OSVMatcher) MatchVulnerabilities ¶
func (matcher *OSVMatcher) MatchVulnerabilities(ctx context.Context, pkgs []*extractor.Package) ([][]*osvschema.Vulnerability, error)
MatchVulnerabilities matches vulnerabilities for a list of packages.
Source Files