utils

package
v2.29.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 4, 2026 License: Apache-2.0 Imports: 64 Imported by: 0

Documentation

Index

Constants

View Source 
const (

	// MaxConcurrentScanners represents the maximum number of threads for running JFrog CLI scanners concurrently
	MaxConcurrentScanners = 5

	// VCS providers params
	GitHub          vcsProvider = "github"
	GitLab          vcsProvider = "gitlab"
	BitbucketServer vcsProvider = "bitbucketServer"
	AzureRepos      vcsProvider = "azureRepos"

	// JFrog platform environment variables
	JFrogUserEnv = "JF_USER"
	JFrogUrlEnv  = "JF_URL"

	JFrogPasswordEnv         = "JF_PASSWORD"
	JFrogTokenEnv            = "JF_ACCESS_TOKEN"
	JfrogUseConfigProfileEnv = "JF_USE_CONFIG_PROFILE"
	JfrogConfigProfileEnv    = "JF_CONFIG_PROFILE"

	// Git environment variables
	GitProvider                      = "JF_GIT_PROVIDER"
	GitRepoOwnerEnv                  = "JF_GIT_OWNER"
	GitRepoEnv                       = "JF_GIT_REPO"
	GitProjectEnv                    = "JF_GIT_PROJECT"
	GitUsernameEnv                   = "JF_GIT_USERNAME"
	GitUseLocalRepositoryEnv         = "JF_USE_LOCAL_REPOSITORY"
	UseMostCommonAncestorAsTargetEnv = "JF_USE_MOST_COMMON_ANCESTOR_AS_TARGET"
	GitDependencyGraphSubmissionEnv  = "JF_UPLOAD_SBOM_TO_VCS"

	// Git naming template environment variables
	BranchNameTemplateEnv       = "JF_BRANCH_NAME_TEMPLATE"
	CommitMessageTemplateEnv    = "JF_COMMIT_MESSAGE_TEMPLATE"
	PullRequestTitleTemplateEnv = "JF_PULL_REQUEST_TITLE_TEMPLATE"
	PullRequestCommentTitleEnv  = "JF_PR_COMMENT_TITLE"
	//#nosec G101 -- not a secret
	PullRequestSecretCommentsEnv = "JF_PR_SHOW_SECRETS_COMMENTS"

	// Repository environment variables - Ignored if the frogbot-config.yml file is used
	InstallCommandEnv   = "JF_INSTALL_DEPS_CMD"
	MaxPnpmTreeDepthEnv = "JF_PNPM_MAX_TREE_DEPTH"
	RequirementsFileEnv = "JF_REQUIREMENTS_FILE"
	WorkingDirectoryEnv = "JF_WORKING_DIR"
	PathExclusionsEnv   = "JF_PATH_EXCLUSIONS"

	// To include vulnerabilities and violations
	IncludeVulnerabilitiesEnv = "JF_INCLUDE_VULNERABILITIES"
	// To include all the vulnerabilities in the source branch at PR scan
	IncludeAllVulnerabilitiesEnv       = "JF_INCLUDE_ALL_VULNERABILITIES"
	AvoidPreviousPrCommentsDeletionEnv = "JF_AVOID_PREVIOUS_PR_COMMENTS_DELETION"
	AddPrCommentOnSuccessEnv           = "JF_PR_ADD_SUCCESS_COMMENT"
	FailOnSecurityIssuesEnv            = "JF_FAIL"
	UseWrapperEnv                      = "JF_USE_WRAPPER"
	DepsRepoEnv                        = "JF_DEPS_REPO"
	MinSeverityEnv                     = "JF_MIN_SEVERITY"
	FixableOnlyEnv                     = "JF_FIXABLE_ONLY"
	DisableJasEnv                      = "JF_DISABLE_ADVANCED_SECURITY"
	DetectionOnlyEnv                   = "JF_SKIP_AUTOFIX"
	AllowedLicensesEnv                 = "JF_ALLOWED_LICENSES"
	SkipAutoInstallEnv                 = "JF_SKIP_AUTO_INSTALL"
	AllowPartialResultsEnv             = "JF_ALLOW_PARTIAL_RESULTS"
	WatchesDelimiter                   = ","

	// Email related environment variables
	//#nosec G101 -- False positive - no hardcoded credentials.
	SmtpPasswordEnv   = "JF_SMTP_PASSWORD"
	SmtpUserEnv       = "JF_SMTP_USER"
	SmtpServerEnv     = "JF_SMTP_SERVER"
	EmailReceiversEnv = "JF_EMAIL_RECEIVERS"

	//#nosec G101 -- False positive - no hardcoded credentials.
	GitTokenEnv          = "JF_GIT_TOKEN"
	GitBaseBranchEnv     = "JF_GIT_BASE_BRANCH"
	GitPullRequestIDEnv  = "JF_GIT_PULL_REQUEST_ID"
	GitApiEndpointEnv    = "JF_GIT_API_ENDPOINT"
	GitAggregateFixesEnv = "JF_GIT_AGGREGATE_FIXES"
	GitEmailAuthorEnv    = "JF_GIT_EMAIL_AUTHOR"

	// The 'GITHUB_ACTIONS' environment variable exists when the CI is GitHub Actions
	GitHubActionsEnv = "GITHUB_ACTIONS"

	// Placeholders for templates
	PackagePlaceHolder    = "{IMPACTED_PACKAGE}"
	FixVersionPlaceHolder = "{FIX_VERSION}"
	BranchHashPlaceHolder = "{BRANCH_NAME_HASH}"

	// General flags
	AvoidExtraMessages = "JF_AVOID_EXTRA_MESSAGES"

	// Default naming templates
	BranchNameTemplate                       = "frogbot-" + PackagePlaceHolder + "-" + BranchHashPlaceHolder
	AggregatedBranchNameTemplate             = "frogbot-update-" + BranchHashPlaceHolder + "-dependencies"
	CommitMessageTemplate                    = "Upgrade " + PackagePlaceHolder + " to " + FixVersionPlaceHolder
	PullRequestTitleTemplate                 = outputwriter.FrogbotTitlePrefix + " Update version of " + PackagePlaceHolder + " to " + FixVersionPlaceHolder
	AggregatePullRequestTitleDefaultTemplate = outputwriter.FrogbotTitlePrefix + " Update %s dependencies"
)
View Source 
const (
	ValidConfigProfile          = "default-profile"
	InvalidPathConfigProfile    = "invalid-path-from-root-profile"
	InvalidModulesConfigProfile = "invalid-modules-profile"
	NonExistingProfile          = "non-existing-profile"
)
View Source 
const (
	ScanPullRequest          = "scan-pull-request"
	ScanAllPullRequests      = "scan-all-pull-requests"
	ScanRepository           = "scan-repository"
	ScanMultipleRepositories = "scan-multiple-repositories"
	RootDir                  = "."

	JfrogHomeDirEnv = "JFROG_CLI_HOME_DIR"
)
View Source 
const (
	FrogbotConfigFile = "frogbot-config.yml"
)

Variables

View Source 
var (
	TrueVal        = true
	FrogbotVersion = "0.0.0"
)
View Source 
var BuildToolsDependenciesMap = map[techutils.Technology][]string{
	techutils.Go:  {"github.com/golang/go"},
	techutils.Pip: {"pip", "setuptools", "wheel"},
}

Functions

func AlertSecretsExposed 

func AlertSecretsExposed(secretsDetails *SecretsEmailDetails) (err error)

func AssertSanitizedEnv 

func AssertSanitizedEnv(t *testing.T)

Make sure the environment variables does not contain any Frogbot variables

func BuildServerConfigFile 

func BuildServerConfigFile(server *config.ServerDetails) (previousJFrogHomeDir, currentJFrogHomeDir string, err error)

func ChangeToTempDirWithCallback 

func ChangeToTempDirWithCallback(t *testing.T) (string, func() error)

func Chdir 

func Chdir(dir string) (cbk func() error, err error)

func ConvertSarifPathsToRelative 

func ConvertSarifPathsToRelative(issues *issues.ScansIssuesCollection, workingDirs ...string)

func CopyTestdataProjectsToTemp 

func CopyTestdataProjectsToTemp(t *testing.T, testDir string) (tmpDir string, restoreFunc func())

Create a temporary directory and copy the content of "testdata/testDir" into it

func CreateDotGitWithCommit 

func CreateDotGitWithCommit(t *testing.T, wd, port string, repositoriesPath ...string)

func CreateErrorIfPartialResultsDisabled added in v2.22.0 

func CreateErrorIfPartialResultsDisabled(allowPartial bool, messageForLog string, err error) error

This function checks if partial results are allowed by the user. If so instead of returning an error we log the error and continue as if we didn't have an error

func CreateMockServerForDependencySubmission added in v2.27.2 

func CreateMockServerForDependencySubmission(t *testing.T, owner, repo string) *httptest.Server

CreateMockServerForDependencySubmission creates a mock GitHub server for testing dependency submission

func CreateMockServerForDependencySubmissionError added in v2.27.2 

func CreateMockServerForDependencySubmissionError(t *testing.T, owner, repo string) *httptest.Server

CreateMockServerForDependencySubmissionError creates a mock GitHub server that returns an error

func CreateScanEvent added in v2.23.5 

func CreateScanEvent(serviceDetails *config.ServerDetails, gitInfo *xscservices.XscGitInfoContext, scanType string) *xscservices.XscAnalyticsGeneralEvent

func CreateTempJfrogHomeWithCallback added in v2.21.1 

func CreateTempJfrogHomeWithCallback(t *testing.T) (string, func())

func CreateXscMockServerForConfigProfile added in v2.21.9 

func CreateXscMockServerForConfigProfile(t *testing.T, xrayVersion string) (mockServer *httptest.Server, serverDetails *config.ServerDetails)

func DeleteExistingPullRequestComments 

func DeleteExistingPullRequestComments(repository *Repository, client vcsclient.VcsClient) error

Delete existing pull request regular comments (Summary, Fallback review comments)

func DeleteExistingPullRequestReviewComments 

func DeleteExistingPullRequestReviewComments(repo *Repository, pullRequestID int, client vcsclient.VcsClient) (err error)

Delete existing pull request review comments (Applicable, Sast, Iac)

func DeletePullRequestComments added in v2.20.0 

func DeletePullRequestComments(repo *Repository, client vcsclient.VcsClient, pullRequestID int) (err error)

func DownloadRepoToTempDir 

func DownloadRepoToTempDir(client vcsclient.VcsClient, repoOwner, repoName, branch string) (wd string, cleanup func() error, err error)

func ExtractVulnerabilitiesDetailsToRows 

func ExtractVulnerabilitiesDetailsToRows(vulnDetails []*VulnerabilityDetails) []formats.VulnerabilityOrViolationRow

func GenerateFixPullRequestDetails 

func GenerateFixPullRequestDetails(vulnerabilities []formats.VulnerabilityOrViolationRow, writer outputwriter.OutputWriter) (description string, extraComments []string)

func GenerateFrogbotSarifReport 

func GenerateFrogbotSarifReport(extendedResults *results.SecurityCommandResults) (string, error)

func GetFullBranchName 

func GetFullBranchName(branchName string) plumbing.ReferenceName

GetFullBranchName returns the full branch name (for example: refs/heads/master) The input branchName can be a short name (master) or a full name (refs/heads/master)

func GetFullPathWorkingDirs 

func GetFullPathWorkingDirs(workingDirs []string, baseWd string) []string

func GetRelativeWd 

func GetRelativeWd(fullPathWd, baseWd string) string

GetRelativeWd receive a base working directory along with a full path containing the base working directory, and the relative part is returned without the base prefix.

func GetSortedPullRequestComments 

func GetSortedPullRequestComments(client vcsclient.VcsClient, repoOwner, repoName string, prID int) ([]vcsclient.CommentInfo, error)

func GetVulnerabiltiesUniqueID 

func GetVulnerabiltiesUniqueID(vulnerability formats.VulnerabilityOrViolationRow) string

func HandlePullRequestCommentsAfterScan 

func HandlePullRequestCommentsAfterScan(issues *issues.ScansIssuesCollection, resultContext results.ResultContext, repo *Repository, client vcsclient.VcsClient, pullRequestID int) (err error)

In Scan PR, if there are no issues, comments will be added to the PR with a message that there are no issues.

func IsDirectDependency 

func IsDirectDependency(impactPath [][]formats.ComponentRow) (bool, error)

The impact graph of direct dependencies consists of only two elements.

func IsFrogbotRescanComment 

func IsFrogbotRescanComment(comment string) bool

func Md5Hash 

func Md5Hash(values ...string) (string, error)

func ReadConfigFromFileSystem 

func ReadConfigFromFileSystem(configRelativePath string) (configFileContent []byte, err error)

Looks for .frogbot/frogbot-config.yml from the given path and return its content. The path is relative and starts from the root of the project. If the config file is not found in the relative path, it will search in parent dirs.

func ReportUsageOnCommand 

func ReportUsageOnCommand(commandName string, serverDetails *config.ServerDetails, repositories RepoAggregator) func()

func SanitizeEnv 

func SanitizeEnv() error

func SetEnvAndAssert 

func SetEnvAndAssert(t *testing.T, env map[string]string)

Receive an environment variables key-values map, set and assert the environment variables. Return a callback that sets the previous values.

func SetEnvsAndAssertWithCallback 

func SetEnvsAndAssertWithCallback(t *testing.T, envs map[string]string) func()

This function takes a map of environment variables and sets them, and returns a callback to UNSET them all

func UploadSarifResultsToGithubSecurityTab 

func UploadSarifResultsToGithubSecurityTab(scanResults *results.SecurityCommandResults, repo *Repository, branch string, client vcsclient.VcsClient) error

func UploadSbomSnapshotToGithubDependencyGraph added in v2.27.2 

func UploadSbomSnapshotToGithubDependencyGraph(owner, repo string, serverDetails *config.ServerDetails, xrayVersion string, scanResults *results.SecurityCommandResults, client vcsclient.VcsClient, branch string, projectKey string) error

func ValidateSingleRepoConfiguration 

func ValidateSingleRepoConfiguration(configAggregator *RepoAggregator) error

func VerifyEnv 

func VerifyEnv(t *testing.T) (server config.ServerDetails, restoreFunc func())

Check connection details with JFrog instance. Return a callback method that restores the credentials after the test is done.

func VulnerabilityDetailsToMD5Hash 

func VulnerabilityDetailsToMD5Hash(vulnerabilities ...formats.VulnerabilityOrViolationRow) (string, error)

Generates MD5Hash from a VulnerabilityOrViolationRow The map can be returned in different order from Xray, so we need to sort the strings before hashing.

Types

type CustomTemplates 

type CustomTemplates struct {
	// contains filtered or unexported fields
}

type EmailDetails 

type EmailDetails struct {
	SmtpServer     string
	SmtpPort       string
	SmtpUser       string
	SmtpPassword   string
	EmailReceivers []string `yaml:"emailReceivers,omitempty"`
}

type ErrMissingConfig 

type ErrMissingConfig struct {
	// contains filtered or unexported fields
}

func (*ErrMissingConfig) Error 

func (e *ErrMissingConfig) Error() string

type ErrMissingEnv 

type ErrMissingEnv struct {
	VariableName string
}

func (*ErrMissingEnv) Error 

func (e *ErrMissingEnv) Error() string

func (*ErrMissingEnv) IsMissingEnvErr 

func (e *ErrMissingEnv) IsMissingEnvErr(err error) bool

IsMissingEnvErr returns true if err is a type of ErrMissingEnv, otherwise false

type ErrNothingToCommit added in v2.19.10 

type ErrNothingToCommit struct {
	PackageName string
}

func (*ErrNothingToCommit) Error added in v2.19.10 

func (err *ErrNothingToCommit) Error() string

type ErrUnsupportedFix 

type ErrUnsupportedFix struct {
	PackageName  string
	FixedVersion string
	ErrorType    UnsupportedErrorType
}

func (*ErrUnsupportedFix) Error 

func (err *ErrUnsupportedFix) Error() string

Custom error for unsupported fixes Currently we hold two unsupported reasons, indirect and build tools dependencies.

type FrogbotDetails 

type FrogbotDetails struct {
	XrayVersion   string
	XscVersion    string
	Repositories  RepoAggregator
	ServerDetails *coreconfig.ServerDetails
	GitClient     vcsclient.VcsClient
	ReleasesRepo  string
}

func GetFrogbotDetails 

func GetFrogbotDetails(commandName string) (frogbotDetails *FrogbotDetails, err error)

type Git 

type Git struct {
	GitProvider vcsutils.VcsProvider
	vcsclient.VcsInfo
	UseMostCommonAncestorAsTarget *bool `yaml:"useMostCommonAncestorAsTarget,omitempty"`
	RepoOwner                     string
	RepoName                      string   `yaml:"repoName,omitempty"`
	Branches                      []string `yaml:"branches,omitempty"`
	BranchNameTemplate            string   `yaml:"branchNameTemplate,omitempty"`
	CommitMessageTemplate         string   `yaml:"commitMessageTemplate,omitempty"`
	PullRequestTitleTemplate      string   `yaml:"pullRequestTitleTemplate,omitempty"`
	PullRequestCommentTitle       string   `yaml:"pullRequestCommentTitle,omitempty"`
	PullRequestSecretComments     bool     `yaml:"pullRequestSecretComments,omitempty"`
	AvoidExtraMessages            bool     `yaml:"avoidExtraMessages,omitempty"`
	EmailAuthor                   string   `yaml:"emailAuthor,omitempty"`
	AggregateFixes                bool     `yaml:"aggregateFixes,omitempty"`
	PullRequestDetails            vcsclient.PullRequestInfo
	RepositoryCloneUrl            string
	UseLocalRepository            bool
	UploadSbomToVcs               *bool `yaml:"uploadSbomToVcs,omitempty"`
}

func (*Git) GetRepositoryHttpsCloneUrl added in v2.24.0 

func (g *Git) GetRepositoryHttpsCloneUrl(gitClient vcsclient.VcsClient) (string, error)

type GitManager 

type GitManager struct {

	// When dryRun is enabled, skipClone allows skipping the cloning of a repository for testing purposes
	SkipClone bool
	// contains filtered or unexported fields
}

func NewGitManager 

func NewGitManager() *GitManager

func (*GitManager) AddAllAndCommit 

func (gm *GitManager) AddAllAndCommit(commitMessage string, impactedDependencyName string) error

AddAllAndCommit impactedDependencyName is being passed as a parameter to the function to provide a more meaningful error message.

func (*GitManager) BranchExistsInRemote 

func (gm *GitManager) BranchExistsInRemote(branchName string) (bool, error)

func (*GitManager) Checkout 

func (gm *GitManager) Checkout(branchName string) error

func (*GitManager) CheckoutToHash added in v2.23.2 

func (gm *GitManager) CheckoutToHash(hash string) error

func (*GitManager) Clone 

func (gm *GitManager) Clone(destinationPath, branchName string) error

func (*GitManager) CreateBranchAndCheckout 

func (gm *GitManager) CreateBranchAndCheckout(branchName string, keepLocalChanges bool) error

Creates a new branch and switches to it. If keepLocalChanges is set to true, all changes made on the current branch before switching to the new one will be transferred to the new branch.

func (*GitManager) Fetch added in v2.23.2 

func (gm *GitManager) Fetch() error

func (*GitManager) GenerateAggregatedCommitMessage 

func (gm *GitManager) GenerateAggregatedCommitMessage(tech []techutils.Technology) string

func (*GitManager) GenerateAggregatedFixBranchName 

func (gm *GitManager) GenerateAggregatedFixBranchName(baseBranch string, tech []techutils.Technology) (fixBranchName string, err error)

GenerateAggregatedFixBranchName Generating a consistent branch name to enable branch updates and to ensure that there is only one Frogbot aggregate pull request from each base branch scanned.

func (*GitManager) GenerateAggregatedPullRequestTitle 

func (gm *GitManager) GenerateAggregatedPullRequestTitle(tech []techutils.Technology) string

func (*GitManager) GenerateCommitMessage 

func (gm *GitManager) GenerateCommitMessage(impactedPackage string, fixVersion string) string

func (*GitManager) GenerateFixBranchName 

func (gm *GitManager) GenerateFixBranchName(branch string, impactedPackage string, fixVersion string) (string, error)

func (*GitManager) GeneratePullRequestTitle 

func (gm *GitManager) GeneratePullRequestTitle(impactedPackage string, version string) string

func (*GitManager) GetAuth added in v2.23.0 

func (gm *GitManager) GetAuth() *githttp.BasicAuth

func (*GitManager) GetMostCommonAncestorHash added in v2.23.2 

func (gm *GitManager) GetMostCommonAncestorHash(baseBranch, targetBranch string) (string, error)

func (*GitManager) GetRemoteGitUrl added in v2.23.0 

func (gm *GitManager) GetRemoteGitUrl() string

func (*GitManager) GetRemoteName added in v2.23.0 

func (gm *GitManager) GetRemoteName() string

func (*GitManager) IsClean 

func (gm *GitManager) IsClean() (bool, error)

IsClean returns true if all the files are in Unmodified status.

func (*GitManager) Push 

func (gm *GitManager) Push(force bool, branchName string) error

func (*GitManager) RemoveRemoteBranch 

func (gm *GitManager) RemoveRemoteBranch(branchName string) error

func (*GitManager) SetAuth 

func (gm *GitManager) SetAuth(username, token string) *GitManager

func (*GitManager) SetDryRun 

func (gm *GitManager) SetDryRun(dryRun bool, dryRunRepoPath string) *GitManager

func (*GitManager) SetEmailAuthor 

func (gm *GitManager) SetEmailAuthor(emailAuthor string) *GitManager

func (*GitManager) SetGitParams 

func (gm *GitManager) SetGitParams(gitParams *Git) (*GitManager, error)

func (*GitManager) SetLocalRepository 

func (gm *GitManager) SetLocalRepository() error

func (*GitManager) SetLocalRepositoryAndRemoteName added in v2.23.0 

func (gm *GitManager) SetLocalRepositoryAndRemoteName() (*GitManager, error)

func (*GitManager) SetRemoteGitUrl 

func (gm *GitManager) SetRemoteGitUrl(remoteHttpsGitUrl string) (*GitManager, error)

type JFrogPlatform 

type JFrogPlatform struct {
	XrayVersion            string
	XscVersion             string
	Watches                []string `yaml:"watches,omitempty"`
	IncludeVulnerabilities bool     `yaml:"includeVulnerabilities,omitempty"`
	JFrogProjectKey        string   `yaml:"jfrogProjectKey,omitempty"`
}

type Params 

type Params struct {
	Scan          `yaml:"scan,omitempty"`
	Git           `yaml:"git,omitempty"`
	JFrogPlatform `yaml:"jfrogPlatform,omitempty"`
}

type Project 

type Project struct {
	InstallCommand      string   `yaml:"installCommand,omitempty"`
	PipRequirementsFile string   `yaml:"pipRequirementsFile,omitempty"`
	WorkingDirs         []string `yaml:"workingDirs,omitempty"`
	PathExclusions      []string `yaml:"pathExclusions,omitempty"`
	UseWrapper          *bool    `yaml:"useWrapper,omitempty"`
	MaxPnpmTreeDepth    string   `yaml:"maxPnpmTreeDepth,omitempty"`
	DepsRepo            string   `yaml:"repository,omitempty"`
	InstallCommandName  string
	InstallCommandArgs  []string
	IsRecursiveScan     bool
}

func (*Project) GetTechFromInstallCmdIfExists added in v2.21.11 

func (p *Project) GetTechFromInstallCmdIfExists() []string

type RepoAggregator 

type RepoAggregator []Repository

func BuildRepoAggregator 

func BuildRepoAggregator(xrayVersion, xscVersion string, gitClient vcsclient.VcsClient, configFileContent []byte, gitParamsFromEnv *Git, server *coreconfig.ServerDetails, commandName string) (resultAggregator RepoAggregator, err error)

Receives the content of a frogbot-config.yml file, along with the Git (built from environment variables) and ServerDetails parameters. Returns a RepoAggregator instance with all the defaults and necessary fields.

type Repository 

type Repository struct {
	Params       `yaml:"params,omitempty"`
	OutputWriter outputwriter.OutputWriter
	Server       coreconfig.ServerDetails
}

type ReviewComment 

type ReviewComment struct {
	Location    formats.Location
	Type        ReviewCommentType
	CommentInfo vcsclient.PullRequestComment
}

type ReviewCommentType 

type ReviewCommentType string
const (
	ApplicableComment ReviewCommentType = "Applicable"
	IacComment        ReviewCommentType = "Iac"
	SastComment       ReviewCommentType = "Sast"
	SecretComment     ReviewCommentType = "Secrets"

	RescanRequestComment = "rescan"
)

type Scan 

type Scan struct {
	IncludeAllVulnerabilities       bool      `yaml:"includeAllVulnerabilities,omitempty"`
	FixableOnly                     bool      `yaml:"fixableOnly,omitempty"`
	DetectionOnly                   bool      `yaml:"skipAutoFix,omitempty"`
	FailOnSecurityIssues            *bool     `yaml:"failOnSecurityIssues,omitempty"`
	AvoidPreviousPrCommentsDeletion bool      `yaml:"avoidPreviousPrCommentsDeletion,omitempty"`
	MinSeverity                     string    `yaml:"minSeverity,omitempty"`
	DisableJas                      bool      `yaml:"disableJas,omitempty"`
	AddPrCommentOnSuccess           bool      `yaml:"addPrCommentOnSuccess,omitempty"`
	AllowedLicenses                 []string  `yaml:"allowedLicenses,omitempty"`
	Projects                        []Project `yaml:"projects,omitempty"`
	EmailDetails                    `yaml:",inline"`
	ConfigProfile                   *services.ConfigProfile
	SkipAutoInstall                 bool
	AllowPartialResults             bool
}

func (*Scan) SetEmailDetails 

func (s *Scan) SetEmailDetails() error

type ScanDetails 

type ScanDetails struct {
	*Project
	*Git

	*xscservices.XscGitInfoContext
	*config.ServerDetails

	ResultsToCompare *results.SecurityCommandResults

	results.ResultContext
	MultiScanId string
	XrayVersion string
	XscVersion  string
	StartTime   time.Time
	// contains filtered or unexported fields
}

func NewScanDetails 

func NewScanDetails(client vcsclient.VcsClient, server *config.ServerDetails, git *Git) *ScanDetails

func (*ScanDetails) AllowPartialResults added in v2.22.0 

func (sc *ScanDetails) AllowPartialResults() bool

func (*ScanDetails) BaseBranch 

func (sc *ScanDetails) BaseBranch() string

func (*ScanDetails) Client 

func (sc *ScanDetails) Client() vcsclient.VcsClient

func (*ScanDetails) DisableJas added in v2.23.1 

func (sc *ScanDetails) DisableJas() bool

func (*ScanDetails) FixableOnly 

func (sc *ScanDetails) FixableOnly() bool

func (*ScanDetails) MinSeverityFilter 

func (sc *ScanDetails) MinSeverityFilter() severityutils.Severity

func (*ScanDetails) RunInstallAndAudit 

func (sc *ScanDetails) RunInstallAndAudit(workDirs ...string) (auditResults *results.SecurityCommandResults)

func (*ScanDetails) SetAllowPartialResults added in v2.22.0 

func (sc *ScanDetails) SetAllowPartialResults(allowPartialResults bool) *ScanDetails

func (*ScanDetails) SetBaseBranch 

func (sc *ScanDetails) SetBaseBranch(branch string) *ScanDetails

func (*ScanDetails) SetConfigProfile added in v2.21.9 

func (sc *ScanDetails) SetConfigProfile(configProfile *xscservices.ConfigProfile) *ScanDetails

func (*ScanDetails) SetDiffScan added in v2.26.2 

func (sc *ScanDetails) SetDiffScan(diffScan bool) *ScanDetails

func (*ScanDetails) SetDisableJas added in v2.23.1 

func (sc *ScanDetails) SetDisableJas(disable bool) *ScanDetails

func (*ScanDetails) SetFixableOnly 

func (sc *ScanDetails) SetFixableOnly(fixable bool) *ScanDetails

func (*ScanDetails) SetJfrogVersions added in v2.24.0 

func (sc *ScanDetails) SetJfrogVersions(xrayVersion, xscVersion string) *ScanDetails

func (*ScanDetails) SetMinSeverity 

func (sc *ScanDetails) SetMinSeverity(minSeverity string) (*ScanDetails, error)

func (*ScanDetails) SetProject 

func (sc *ScanDetails) SetProject(project *Project) *ScanDetails

func (*ScanDetails) SetRepoName 

func (sc *ScanDetails) SetRepoName(repoName string) *ScanDetails

func (*ScanDetails) SetRepoOwner 

func (sc *ScanDetails) SetRepoOwner(owner string) *ScanDetails

func (*ScanDetails) SetResultsContext added in v2.24.0 

func (sc *ScanDetails) SetResultsContext(httpCloneUrl string, watches []string, jfrogProjectKey string, includeVulnerabilities, includeLicenses bool) *ScanDetails

func (*ScanDetails) SetResultsToCompare added in v2.26.2 

func (sc *ScanDetails) SetResultsToCompare(results *results.SecurityCommandResults) *ScanDetails

func (*ScanDetails) SetSkipAutoInstall added in v2.22.0 

func (sc *ScanDetails) SetSkipAutoInstall(skipAutoInstall bool) *ScanDetails

func (*ScanDetails) SetXscGitInfoContext 

func (sc *ScanDetails) SetXscGitInfoContext(scannedBranch, gitProject string, client vcsclient.VcsClient) *ScanDetails

For Repo-Scan

func (*ScanDetails) SetXscPRGitInfoContext added in v2.26.2 

func (sc *ScanDetails) SetXscPRGitInfoContext(gitProject string, client vcsclient.VcsClient, prDetails vcsclient.PullRequestInfo) *ScanDetails

For PR-Scan

type SecretsEmailDetails 

type SecretsEmailDetails struct {
	EmailDetails
	// contains filtered or unexported fields
}

func NewSecretsEmailDetails 

func NewSecretsEmailDetails(gitClient vcsclient.VcsClient, repoConfig *Repository, secrets []formats.SourceCodeRow) *SecretsEmailDetails

type UnsupportedErrorType 

type UnsupportedErrorType string
const (
	IndirectDependencyFixNotSupported   UnsupportedErrorType = "IndirectDependencyFixNotSupported"
	BuildToolsDependencyFixNotSupported UnsupportedErrorType = "BuildToolsDependencyFixNotSupported"
	UnsupportedForFixVulnerableVersion  UnsupportedErrorType = "UnsupportedForFixVulnerableVersion"
)

type UrlAccessChecker 

type UrlAccessChecker struct {
	// contains filtered or unexported fields
}

func CheckConnection 

func CheckConnection(url string) *UrlAccessChecker

CheckConnection checks if the url is accessible in a separate goroutine not to block the main thread

func MockHasConnection 

func MockHasConnection() *UrlAccessChecker

func (*UrlAccessChecker) IsConnected 

func (ic *UrlAccessChecker) IsConnected() bool

IsConnected checks if the URL is accessible, waits for the connection check goroutine to finish

type VulnerabilityDetails 

type VulnerabilityDetails struct {
	formats.VulnerabilityOrViolationRow
	// Suggested fix version
	SuggestedFixedVersion string
	// States whether the dependency is direct or transitive
	IsDirectDependency bool
	// Cves as a list of string
	Cves []string
}

VulnerabilityDetails serves as a container for essential information regarding a vulnerability that is going to be addressed and resolved

func NewVulnerabilityDetails 

func NewVulnerabilityDetails(vulnerability formats.VulnerabilityOrViolationRow, fixVersion string) *VulnerabilityDetails

func (*VulnerabilityDetails) AddMissingCves added in v2.29.3 

func (vd *VulnerabilityDetails) AddMissingCves(cves []formats.CveRow)

Used in addVulnerabilityToFixVersionsMap for Violations. In the new Violation parsing each violation appears with a single CVE. If more than a single CVE exists for the same violation, we get it as a different Violation entry in the simpleJson result. To align Violations processing with vulnerabilities processing we add the missing CVEs to the single violation entry in the map.

func (*VulnerabilityDetails) SetCves 

func (vd *VulnerabilityDetails) SetCves(cves []formats.CveRow)

func (*VulnerabilityDetails) SetIsDirectDependency 

func (vd *VulnerabilityDetails) SetIsDirectDependency(isDirectDependency bool)

func (*VulnerabilityDetails) UpdateFixVersionIfMax 

func (vd *VulnerabilityDetails) UpdateFixVersionIfMax(fixVersion string)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.