The highest tagged major version is
Documentation
¶
Index ¶
- type Config
- func (c *Config) ShouldIgnore(vulnID string) (bool, IgnoreEntry)
- func (c *Config) ShouldIgnorePackage(pkg models.PackageVulns) (bool, PackageOverrideEntry)
- func (c *Config) ShouldIgnorePackageVersion(name, version, ecosystem string) (bool, PackageOverrideEntry)deprecated
- func (c *Config) ShouldIgnorePackageVulnerabilities(pkg models.PackageVulns) bool
- func (c *Config) ShouldOverridePackageLicense(pkg models.PackageVulns) (bool, PackageOverrideEntry)
- func (c *Config) ShouldOverridePackageVersionLicense(name, version, ecosystem string) (bool, PackageOverrideEntry)deprecated
- type ConfigManager
- type IgnoreEntry
- type License
- type PackageOverrideEntry
- type Vulnerability
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
IgnoredVulns []IgnoreEntry `toml:"IgnoredVulns"`
PackageOverrides []PackageOverrideEntry `toml:"PackageOverrides"`
GoVersionOverride string `toml:"GoVersionOverride"`
// The path to config file that this config was loaded from,
// set by the scanner after having successfully parsed the file
LoadPath string `toml:"-"`
}
func (*Config) ShouldIgnore ¶
func (c *Config) ShouldIgnore(vulnID string) (bool, IgnoreEntry)
func (*Config) ShouldIgnorePackage ¶
func (c *Config) ShouldIgnorePackage(pkg models.PackageVulns) (bool, PackageOverrideEntry)
ShouldIgnorePackage determines if the given package should be ignored based on override entries in the config
func (*Config) ShouldIgnorePackageVersion
deprecated
func (c *Config) ShouldIgnorePackageVersion(name, version, ecosystem string) (bool, PackageOverrideEntry)
Deprecated: Use ShouldIgnorePackage instead
func (*Config) ShouldIgnorePackageVulnerabilities ¶
func (c *Config) ShouldIgnorePackageVulnerabilities(pkg models.PackageVulns) bool
ShouldIgnorePackageVulnerabilities determines if the given package should have its vulnerabilities ignored based on override entries in the config
func (*Config) ShouldOverridePackageLicense ¶
func (c *Config) ShouldOverridePackageLicense(pkg models.PackageVulns) (bool, PackageOverrideEntry)
ShouldOverridePackageLicense determines if the given package should have its license ignored or changed based on override entries in the config
func (*Config) ShouldOverridePackageVersionLicense
deprecated
func (c *Config) ShouldOverridePackageVersionLicense(name, version, ecosystem string) (bool, PackageOverrideEntry)
Deprecated: Use ShouldOverridePackageLicense instead
type ConfigManager ¶
type ConfigManager struct {
// Override to replace all other configs
OverrideConfig *Config
// Config to use if no config file is found alongside manifests
DefaultConfig Config
// Cache to store loaded configs
ConfigMap map[string]Config
}
Ignore stuttering as that would be a breaking change TODO: V2 rename?
func (*ConfigManager) Get ¶
func (c *ConfigManager) Get(r reporter.Reporter, targetPath string) Config
Attempts to get the config
func (*ConfigManager) UseOverride ¶
func (c *ConfigManager) UseOverride(configPath string) error
Sets the override config by reading the config file at configPath. Will return an error if loading the config file fails
type IgnoreEntry ¶
type PackageOverrideEntry ¶
type PackageOverrideEntry struct {
Name string `toml:"name"`
// If the version is empty, the entry applies to all versions.
Version string `toml:"version"`
Ecosystem string `toml:"ecosystem"`
Group string `toml:"group"`
Ignore bool `toml:"ignore"`
Vulnerability Vulnerability `toml:"vulnerability"`
License License `toml:"license"`
EffectiveUntil time.Time `toml:"effectiveUntil"`
Reason string `toml:"reason"`
}
type Vulnerability ¶
type Vulnerability struct {
Ignore bool `toml:"ignore"`
}
Source Files