Documentation
¶
Overview ¶
Package vulns provides utility functions for working with vulnerabilities.
Index ¶
- func AffectsEcosystem(v *osvschema.Vulnerability, ecosystemAffected osvecosystem.Parsed) bool
- func GetFixedVersions(v *osvschema.Vulnerability) map[PackageKey][]string
- func Include(vs []*osvschema.Vulnerability, vulnerability *osvschema.Vulnerability) bool
- func IsAffected(v *osvschema.Vulnerability, pkg *extractor.Package) bool
- func NormalizeRepo(repo string) string
- type PackageKey
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AffectsEcosystem ¶
func AffectsEcosystem(v *osvschema.Vulnerability, ecosystemAffected osvecosystem.Parsed) bool
func GetFixedVersions ¶
func GetFixedVersions(v *osvschema.Vulnerability) map[PackageKey][]string
GetFixedVersions returns a map of fixed versions for each package, or a map of empty slices if no fixed versions are available
func Include ¶
func Include(vs []*osvschema.Vulnerability, vulnerability *osvschema.Vulnerability) bool
func IsAffected ¶
func IsAffected(v *osvschema.Vulnerability, pkg *extractor.Package) bool
func NormalizeRepo ¶ added in v2.2.4
NormalizeRepo applies some reasonable transformations to repository urls to ensure accurate results when determining if two repository urls are referencing the same repository.
Specifically, common protocols are removed from the start of the url and the ".git" suffix if present
Types ¶
type PackageKey ¶ added in v2.3.0
PackageKey uniquely identifies a package in a vulnerability.
func NewPackageKey ¶ added in v2.3.0
func NewPackageKey(pkg *osvschema.Package) PackageKey
NewPackageKey creates a PackageKey from osvschema.Package.
Source Files
Click to show internal directories.
Click to hide internal directories.