osv

package
v1.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 25, 2025 License: MIT Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AffectedPackage 

type AffectedPackage struct {
	Package           Package                `json:"package"`
	Ranges            []Range                `json:"ranges"`
	Versions          []string               `json:"versions,omitempty"`
	EcosystemSpecific map[string]interface{} `json:"ecosystem_specific,omitempty"`
}

AffectedPackage represents an affected package or ecosystem

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client represents an OSV.dev API client for vulnerability queries

func NewClient 

func NewClient() *Client

NewClient creates a new OSV.dev API client

func (*Client) EnhanceFindings 

func (c *Client) EnhanceFindings(ctx context.Context, findings []rules.Finding) ([]EnhancedFinding, error)

EnhanceFindings adds vulnerability intelligence to security findings

func (*Client) GetVulnerabilityByID 

func (c *Client) GetVulnerabilityByID(ctx context.Context, vulnID string) (*Vulnerability, error)

GetVulnerabilityByID retrieves a specific vulnerability by ID

func (*Client) QueryVulnerability 

func (c *Client) QueryVulnerability(ctx context.Context, ecosystem, packageName, version string) ([]Vulnerability, error)

QueryVulnerability queries OSV.dev for vulnerability information

type EnhancedFinding 

type EnhancedFinding struct {
	rules.Finding
	VulnerabilityInfo *VulnerabilityInfo `json:"vulnerability_info,omitempty"`
	RiskScore         int                `json:"risk_score"`
	IntelligenceLevel string             `json:"intelligence_level"` // "HIGH", "MEDIUM", "LOW", "NONE"
}

EnhancedFinding represents a finding with vulnerability intelligence

type Event 

type Event struct {
	Introduced string `json:"introduced,omitempty"`
	Fixed      string `json:"fixed,omitempty"`
	Limit      string `json:"limit,omitempty"`
}

Event represents a version event

type Package 

type Package struct {
	Ecosystem string `json:"ecosystem"`
	Name      string `json:"name"`
	Purl      string `json:"purl,omitempty"`
}

Package represents a package identifier

type QueryRequest 

type QueryRequest struct {
	Version string  `json:"version,omitempty"`
	Package Package `json:"package"`
}

QueryRequest represents a vulnerability query request

type QueryResponse 

type QueryResponse struct {
	Vulns []Vulnerability `json:"vulns"`
}

QueryResponse represents the response from OSV query

type Range 

type Range struct {
	Type   string  `json:"type"`
	Events []Event `json:"events"`
}

Range represents a version range

type Reference 

type Reference struct {
	Type string `json:"type"`
	URL  string `json:"url"`
}

Reference represents a vulnerability reference

type SeverityRating 

type SeverityRating struct {
	Type  string `json:"type"`
	Score string `json:"score"`
}

SeverityRating represents a severity score

type Vulnerability 

type Vulnerability struct {
	ID               string                 `json:"id"`
	Summary          string                 `json:"summary"`
	Details          string                 `json:"details"`
	Aliases          []string               `json:"aliases"`
	Modified         time.Time              `json:"modified"`
	Published        time.Time              `json:"published"`
	References       []Reference            `json:"references"`
	Affected         []AffectedPackage      `json:"affected"`
	Severity         []SeverityRating       `json:"severity"`
	DatabaseSpecific map[string]interface{} `json:"database_specific,omitempty"`
	SchemaVersion    string                 `json:"schema_version"`
}

Vulnerability represents an OSV vulnerability record

type VulnerabilityInfo 

type VulnerabilityInfo struct {
	CVEID       string    `json:"cve_id,omitempty"`
	GHSAID      string    `json:"ghsa_id,omitempty"`
	Summary     string    `json:"summary"`
	Severity    string    `json:"severity"`
	Score       string    `json:"score,omitempty"`
	Published   time.Time `json:"published"`
	References  []string  `json:"references"`
	Ecosystem   string    `json:"ecosystem"`
	PackageName string    `json:"package_name,omitempty"`
}

VulnerabilityInfo represents enhanced vulnerability information

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.