Documentation
¶
Index ¶
- func MarshalIndent(v interface{}, prefix, indent string) ([]byte, error)
- func MaskSecrets(evidence string) string
- func SortFindingsBySeverity(findings []rules.Finding) []rules.Finding
- type ComplianceInfo
- type Generator
- type IntelligenceGenerator
- type IntelligenceReport
- type IntelligenceSummary
- type PolicyAwareReport
- type PolicyAwareReportGenerator
- func (parg *PolicyAwareReportGenerator) GenerateReport(findings []rules.Finding, context config.PolicyContext, outputFormat string) (*PolicyAwareReport, error)
- func (parg *PolicyAwareReportGenerator) PolicyAwareCLIReport(findings []rules.Finding, context config.PolicyContext) string
- func (parg *PolicyAwareReportGenerator) PolicyAwareJSONReport(findings []rules.Finding, context config.PolicyContext) (string, error)
- type PolicyEnhancedFinding
- type PolicyEvaluationSummary
- type PolicyRecommendation
- type PolicyStats
- type ResultSummary
- type SARIF
- type SARIFArtifact
- type SARIFArtifactContent
- type SARIFArtifactLocation
- type SARIFDriver
- type SARIFInvocation
- type SARIFLocation
- type SARIFLogicalLocation
- type SARIFMessage
- type SARIFMultiformatMessage
- type SARIFPhysicalLocation
- type SARIFRegion
- type SARIFResult
- type SARIFRule
- type SARIFRuleConfiguration
- type SARIFRun
- type SARIFTool
- type ScanResult
- type VulnerabilityIntelligence
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MarshalIndent ¶ added in v0.0.4
MarshalIndent is a placeholder for json.MarshalIndent to avoid import conflicts
func MaskSecrets ¶
MaskSecrets masks sensitive information in the evidence field of a finding
Types ¶
type ComplianceInfo ¶ added in v0.0.4
type ComplianceInfo struct {
Frameworks []string `json:"frameworks"`
Controls []string `json:"controls"`
Requirements []string `json:"requirements"`
Violations map[string]string `json:"violations"`
}
ComplianceInfo provides compliance framework information
type Generator ¶
type Generator struct {
Result ScanResult
Format string
Verbose bool
FilePath string
}
Generator creates a formatted report from scan results
func NewGenerator ¶
func NewGenerator(result ScanResult, format string, verbose bool, filePath string) *Generator
NewGenerator creates a new report generator
type IntelligenceGenerator ¶ added in v0.0.4
type IntelligenceGenerator struct {
*Generator
// contains filtered or unexported fields
}
IntelligenceGenerator creates intelligence-enhanced reports
func NewIntelligenceGenerator ¶ added in v0.0.4
func NewIntelligenceGenerator(result ScanResult, format string, verbose bool, filePath string, enableIntel bool) *IntelligenceGenerator
NewIntelligenceGenerator creates a new intelligence-enhanced report generator
func (*IntelligenceGenerator) GenerateWithIntelligence ¶ added in v0.0.4
func (ig *IntelligenceGenerator) GenerateWithIntelligence() error
GenerateWithIntelligence creates a report enhanced with vulnerability intelligence
type IntelligenceReport ¶ added in v0.0.4
type IntelligenceReport struct {
ScanResult
VulnerabilityIntelligence VulnerabilityIntelligence `json:"vulnerability_intelligence"`
EnhancedFindings []osv.EnhancedFinding `json:"enhanced_findings"`
IntelligenceSummary IntelligenceSummary `json:"intelligence_summary"`
}
IntelligenceReport represents a scan result enhanced with vulnerability intelligence
type IntelligenceSummary ¶ added in v0.0.4
type IntelligenceSummary struct {
ResultSummary
IntelligenceLevels map[string]int `json:"intelligence_levels"`
RiskScoreDistribution map[string]int `json:"risk_score_distribution"`
VulnerabilityCategories map[string]int `json:"vulnerability_categories"`
RecentVulnerabilities int `json:"recent_vulnerabilities"`
KnownExploits int `json:"known_exploits"`
}
IntelligenceSummary provides intelligence-enhanced summary statistics
type PolicyAwareReport ¶ added in v0.0.4
type PolicyAwareReport struct {
Standard interface{} `json:"standard_report"`
PolicyEvaluation PolicyEvaluationSummary `json:"policy_evaluation"`
ComplianceReport config.ComplianceReport `json:"compliance_report"`
EnhancedFindings []PolicyEnhancedFinding `json:"enhanced_findings"`
Recommendations []PolicyRecommendation `json:"recommendations"`
GeneratedAt time.Time `json:"generated_at"`
}
PolicyAwareReport extends standard reports with policy information
type PolicyAwareReportGenerator ¶ added in v0.0.4
type PolicyAwareReportGenerator struct {
// contains filtered or unexported fields
}
PolicyAwareReportGenerator generates reports with policy evaluation
func NewPolicyAwareReportGenerator ¶ added in v0.0.4
func NewPolicyAwareReportGenerator(cfg *config.Config) *PolicyAwareReportGenerator
NewPolicyAwareReportGenerator creates a new policy-aware report generator
func (*PolicyAwareReportGenerator) GenerateReport ¶ added in v0.0.4
func (parg *PolicyAwareReportGenerator) GenerateReport(findings []rules.Finding, context config.PolicyContext, outputFormat string) (*PolicyAwareReport, error)
GenerateReport generates a policy-aware report
func (*PolicyAwareReportGenerator) PolicyAwareCLIReport ¶ added in v0.0.4
func (parg *PolicyAwareReportGenerator) PolicyAwareCLIReport(findings []rules.Finding, context config.PolicyContext) string
PolicyAwareCLIReport generates enhanced CLI output with policy information
func (*PolicyAwareReportGenerator) PolicyAwareJSONReport ¶ added in v0.0.4
func (parg *PolicyAwareReportGenerator) PolicyAwareJSONReport(findings []rules.Finding, context config.PolicyContext) (string, error)
PolicyAwareJSONReport generates enhanced JSON output with policy information
type PolicyEnhancedFinding ¶ added in v0.0.4
type PolicyEnhancedFinding struct {
rules.Finding
PolicyViolations []config.PolicyViolation `json:"policy_violations,omitempty"`
PolicyExceptions []config.PolicyException `json:"policy_exceptions,omitempty"`
ComplianceInfo *ComplianceInfo `json:"compliance_info,omitempty"`
RiskScore int `json:"risk_score"`
EnforcementLevel string `json:"enforcement_level,omitempty"`
}
PolicyEnhancedFinding extends Finding with policy information
type PolicyEvaluationSummary ¶ added in v0.0.4
type PolicyEvaluationSummary struct {
TotalPolicies int `json:"total_policies"`
PoliciesEvaluated int `json:"policies_evaluated"`
PolicyViolations int `json:"policy_violations"`
BlockingViolations int `json:"blocking_violations"`
ErrorViolations int `json:"error_violations"`
WarningViolations int `json:"warning_violations"`
ExceptionsApplied int `json:"exceptions_applied"`
ComplianceStatus map[string]bool `json:"compliance_status"`
PolicyBreakdown map[string]PolicyStats `json:"policy_breakdown"`
}
PolicyEvaluationSummary summarizes policy evaluation results
type PolicyRecommendation ¶ added in v0.0.4
type PolicyRecommendation struct {
ID string `json:"id"`
Title string `json:"title"`
Description string `json:"description"`
Priority string `json:"priority"`
Actions []string `json:"actions"`
Resources []string `json:"resources"`
}
PolicyRecommendation provides actionable recommendations
type PolicyStats ¶ added in v0.0.4
type PolicyStats struct {
PolicyID string `json:"policy_id"`
PolicyName string `json:"policy_name"`
Violations int `json:"violations"`
Exceptions int `json:"exceptions"`
Compliant bool `json:"compliant"`
Enforcement string `json:"enforcement"`
}
PolicyStats provides statistics for individual policies
type ResultSummary ¶
type ResultSummary struct {
Critical int `json:"critical"`
High int `json:"high"`
Medium int `json:"medium"`
Low int `json:"low"`
Info int `json:"info"`
Total int `json:"total"`
}
ResultSummary provides a summary of the scan findings by severity
func CalculateSummary ¶
func CalculateSummary(findings []rules.Finding) ResultSummary
CalculateSummary computes the summary statistics for scan findings
type SARIF ¶ added in v0.0.4
type SARIF struct {
Version string `json:"version"`
Schema string `json:"$schema"`
Runs []SARIFRun `json:"runs"`
}
SARIF represents a Static Analysis Results Interchange Format report Based on SARIF v2.1.0 specification: https://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html
type SARIFArtifact ¶ added in v0.0.4
type SARIFArtifact struct {
Location SARIFArtifactLocation `json:"location"`
Length int64 `json:"length,omitempty"`
MimeType string `json:"mimeType,omitempty"`
Contents SARIFArtifactContent `json:"contents,omitempty"`
Encoding string `json:"encoding,omitempty"`
SourceLanguage string `json:"sourceLanguage,omitempty"`
Hashes map[string]string `json:"hashes,omitempty"`
LastModifiedTimeUtc time.Time `json:"lastModifiedTimeUtc,omitempty"`
Description SARIFMessage `json:"description,omitempty"`
Properties map[string]interface{} `json:"properties,omitempty"`
}
SARIFArtifact represents a file or other artifact
type SARIFArtifactContent ¶ added in v0.0.4
type SARIFArtifactContent struct {
Text string `json:"text,omitempty"`
Binary string `json:"binary,omitempty"`
Rendered SARIFMultiformatMessage `json:"rendered,omitempty"`
Properties map[string]interface{} `json:"properties,omitempty"`
}
SARIFArtifactContent represents content of an artifact
type SARIFArtifactLocation ¶ added in v0.0.4
type SARIFArtifactLocation struct {
URI string `json:"uri"`
URIBaseId string `json:"uriBaseId,omitempty"`
Index int `json:"index,omitempty"`
Description SARIFMessage `json:"description,omitempty"`
Properties map[string]interface{} `json:"properties,omitempty"`
}
SARIFArtifactLocation represents a reference to an artifact
type SARIFDriver ¶ added in v0.0.4
type SARIFDriver struct {
Name string `json:"name"`
Version string `json:"version,omitempty"`
InformationUri string `json:"informationUri,omitempty"`
FullName string `json:"fullName,omitempty"`
SemanticVersion string `json:"semanticVersion,omitempty"`
Rules []SARIFRule `json:"rules,omitempty"`
}
SARIFDriver represents the tool driver
type SARIFInvocation ¶ added in v0.0.4
type SARIFInvocation struct {
CommandLine string `json:"commandLine,omitempty"`
StartTimeUtc time.Time `json:"startTimeUtc"`
EndTimeUtc time.Time `json:"endTimeUtc"`
ExecutionSuccessful bool `json:"executionSuccessful"`
}
SARIFInvocation represents tool invocation details
type SARIFLocation ¶ added in v0.0.4
type SARIFLocation struct {
PhysicalLocation SARIFPhysicalLocation `json:"physicalLocation"`
LogicalLocations []SARIFLogicalLocation `json:"logicalLocations,omitempty"`
Message SARIFMessage `json:"message,omitempty"`
Properties map[string]interface{} `json:"properties,omitempty"`
}
SARIFLocation represents a location where an issue was found
type SARIFLogicalLocation ¶ added in v0.0.4
type SARIFLogicalLocation struct {
Name string `json:"name,omitempty"`
Index int `json:"index,omitempty"`
FullyQualifiedName string `json:"fullyQualifiedName,omitempty"`
DecoratedName string `json:"decoratedName,omitempty"`
Kind string `json:"kind,omitempty"`
Properties map[string]interface{} `json:"properties,omitempty"`
}
SARIFLogicalLocation represents a logical location (job, step, etc.)
type SARIFMessage ¶ added in v0.0.4
type SARIFMessage struct {
Text string `json:"text"`
Markdown string `json:"markdown,omitempty"`
Arguments []string `json:"arguments,omitempty"`
ID string `json:"id,omitempty"`
Properties map[string]interface{} `json:"properties,omitempty"`
}
SARIFMessage represents a message in SARIF
type SARIFMultiformatMessage ¶ added in v0.0.4
type SARIFMultiformatMessage struct {
Text string `json:"text,omitempty"`
Markdown string `json:"markdown,omitempty"`
Properties map[string]interface{} `json:"properties,omitempty"`
}
SARIFMultiformatMessage represents a message that can be rendered in multiple formats
type SARIFPhysicalLocation ¶ added in v0.0.4
type SARIFPhysicalLocation struct {
ArtifactLocation SARIFArtifactLocation `json:"artifactLocation"`
Region SARIFRegion `json:"region,omitempty"`
ContextRegion SARIFRegion `json:"contextRegion,omitempty"`
}
SARIFPhysicalLocation represents a physical location in source code
type SARIFRegion ¶ added in v0.0.4
type SARIFRegion struct {
StartLine int `json:"startLine,omitempty"`
StartColumn int `json:"startColumn,omitempty"`
EndLine int `json:"endLine,omitempty"`
EndColumn int `json:"endColumn,omitempty"`
CharOffset int `json:"charOffset,omitempty"`
CharLength int `json:"charLength,omitempty"`
ByteOffset int `json:"byteOffset,omitempty"`
ByteLength int `json:"byteLength,omitempty"`
Snippet SARIFArtifactContent `json:"snippet,omitempty"`
Message SARIFMessage `json:"message,omitempty"`
Properties map[string]interface{} `json:"properties,omitempty"`
}
SARIFRegion represents a region in a file
type SARIFResult ¶ added in v0.0.4
type SARIFResult struct {
RuleID string `json:"ruleId"`
RuleIndex int `json:"ruleIndex,omitempty"`
Level string `json:"level"`
Message SARIFMessage `json:"message"`
Locations []SARIFLocation `json:"locations"`
PartialFingerprints map[string]string `json:"partialFingerprints,omitempty"`
Properties map[string]interface{} `json:"properties,omitempty"`
}
SARIFResult represents a single analysis result (finding)
type SARIFRule ¶ added in v0.0.4
type SARIFRule struct {
ID string `json:"id"`
Name string `json:"name,omitempty"`
ShortDescription SARIFMessage `json:"shortDescription,omitempty"`
FullDescription SARIFMessage `json:"fullDescription,omitempty"`
DefaultConfiguration SARIFRuleConfiguration `json:"defaultConfiguration,omitempty"`
Help SARIFMessage `json:"help,omitempty"`
HelpUri string `json:"helpUri,omitempty"`
Properties map[string]interface{} `json:"properties,omitempty"`
}
SARIFRule represents a rule definition
type SARIFRuleConfiguration ¶ added in v0.0.4
type SARIFRuleConfiguration struct {
Level string `json:"level"`
}
SARIFRuleConfiguration represents rule configuration
type SARIFRun ¶ added in v0.0.4
type SARIFRun struct {
Tool SARIFTool `json:"tool"`
Invocation SARIFInvocation `json:"invocation"`
Results []SARIFResult `json:"results"`
Artifacts []SARIFArtifact `json:"artifacts,omitempty"`
Rules []SARIFRule `json:"rules,omitempty"`
ColumnKind string `json:"columnKind,omitempty"`
Properties map[string]interface{} `json:"properties,omitempty"`
}
SARIFRun represents a single analysis run
type SARIFTool ¶ added in v0.0.4
type SARIFTool struct {
Driver SARIFDriver `json:"driver"`
}
SARIFTool represents the analysis tool
type ScanResult ¶
type ScanResult struct {
Repository string `json:"repository"`
ScanTime time.Time `json:"scanTime"`
Duration time.Duration `json:"duration"`
WorkflowsCount int `json:"workflowsCount"`
RulesCount int `json:"rulesCount"`
Findings []rules.Finding `json:"findings"`
Summary ResultSummary `json:"summary"`
SuppressedCount int `json:"suppressedCount"`
GeneratedByAST int `json:"astGeneratedCount"`
}
ScanResult represents the overall result of a security scan
type VulnerabilityIntelligence ¶ added in v0.0.4
type VulnerabilityIntelligence struct {
Enabled bool `json:"enabled"`
QueryTime time.Time `json:"query_time"`
QueriesPerformed int `json:"queries_performed"`
VulnerabilitiesFound int `json:"vulnerabilities_found"`
HighRiskFindings int `json:"high_risk_findings"`
CVEsFound []string `json:"cves_found"`
DataSource string `json:"data_source"`
}
VulnerabilityIntelligence provides metadata about vulnerability correlation
Source Files
Click to show internal directories.
Click to hide internal directories.