formats

package
v1.25.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 31, 2025 License: Apache-2.0 Imports: 7 Imported by: 5

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ConvertLicenseTableRowToScanTableRow 

func ConvertLicenseTableRowToScanTableRow(tableRows []licenseTableRow) (scanTableRows []licenseScanTableRow)

func ConvertLicenseViolationTableRowToScanTableRow 

func ConvertLicenseViolationTableRowToScanTableRow(tableRows []licenseViolationTableRow) (scanTableRows []licenseViolationScanTableRow)

For binary scans

func ConvertOperationalRiskTableRowToScanTableRow 

func ConvertOperationalRiskTableRowToScanTableRow(tableRows []operationalRiskViolationTableRow) (scanTableRows []operationalRiskViolationScanTableRow)

func ConvertSecurityTableRowToScanTableRow 

func ConvertSecurityTableRowToScanTableRow(tableRows []scaVulnerabilityOrViolationTableRow) (scanTableRows []vulnerabilityScanTableRow)

For binary scans

func ConvertToIacOrSastTableRow 

func ConvertToIacOrSastTableRow(rows []SourceCodeRow) (tableRows []iacOrSastTableRow)

func ConvertToLicenseTableRow 

func ConvertToLicenseTableRow(rows []LicenseRow) (tableRows []licenseTableRow)

func ConvertToLicenseViolationTableRow 

func ConvertToLicenseViolationTableRow(rows []LicenseViolationRow) (tableRows []licenseViolationTableRow)

func ConvertToMaliciousTableRow added in v1.25.0 

func ConvertToMaliciousTableRow(rows []SourceCodeRow) (tableRows []maliciousTableRow)

func ConvertToOperationalRiskViolationTableRow 

func ConvertToOperationalRiskViolationTableRow(rows []OperationalRiskViolationRow) (tableRows []operationalRiskViolationTableRow)

func ConvertToScaVulnerabilityOrViolationTableRow added in v1.14.0 

func ConvertToScaVulnerabilityOrViolationTableRow(rows []VulnerabilityOrViolationRow) (tableRows []scaVulnerabilityOrViolationTableRow)

func ConvertToSecretsTableRow 

func ConvertToSecretsTableRow(rows []SourceCodeRow) (tableRows []secretsTableRow)

Types

type Applicability 

type Applicability struct {
	Status             string     `json:"status"`
	ScannerDescription string     `json:"scannerDescription,omitempty"`
	UndeterminedReason string     `json:"undeterminedReason,omitempty"`
	Evidence           []Evidence `json:"evidence,omitempty"`
}

type BlockedPackages 

type BlockedPackages struct {
	Policy    string         `json:"policy,omitempty"`
	Condition string         `json:"condition,omitempty"`
	Packages  map[string]int `json:"packages"`
}

type Bom 

type Bom struct {
	Vulnerabilities struct {
		Vulnerability []struct {
			BomRef string `xml:"bom-ref,attr"`
			Id     string `xml:"id"`
		} `xml:"vulnerability"`
	} `xml:"vulnerabilities"`
}

type ComponentRow 

type ComponentRow struct {
	Name     string    `json:"name"`
	Version  string    `json:"version"`
	Location *Location `json:"location,omitempty"`
}

type CuratedPackages 

type CuratedPackages struct {
	Blocked      []BlockedPackages `json:"blocked,omitempty"`
	PackageCount int               `json:"num_packages,omitempty"`
}

func (*CuratedPackages) GetApprovedCount 

func (cp *CuratedPackages) GetApprovedCount() int

func (*CuratedPackages) GetBlockedCount 

func (cp *CuratedPackages) GetBlockedCount() int

type CveRow 

type CveRow struct {
	Id            string         `json:"id"`
	CvssV2        string         `json:"cvssV2,omitempty"`
	CvssV2Vector  string         `json:"cvssV2Vector,omitempty"`
	CvssV3        string         `json:"cvssV3,omitempty"`
	CvssV3Vector  string         `json:"cvssV3Vector,omitempty"`
	Cwe           []string       `json:"cwe,omitempty"`
	Applicability *Applicability `json:"applicability,omitempty"`
}

type EnrichJson 

type EnrichJson struct {
	Vulnerability []struct {
		BomRef string `json:"bom-ref,"`
		Id     string `json:"id"`
	} `json:"vulnerabilities"`
}

type Evidence 

type Evidence struct {
	Location
	Reason string `json:"reason,omitempty"`
}

type ImpactedDependencyDetails 

type ImpactedDependencyDetails struct {
	SeverityDetails
	ImpactedDependencyName    string         `json:"impactedPackageName"`
	ImpactedDependencyVersion string         `json:"impactedPackageVersion"`
	ImpactedDependencyType    string         `json:"impactedPackageType"`
	Components                []ComponentRow `json:"components"`
}

type JfrogResearchInformation 

type JfrogResearchInformation struct {
	SeverityDetails
	Summary         string                        `json:"summary,omitempty"`
	Details         string                        `json:"details,omitempty"`
	SeverityReasons []JfrogResearchSeverityReason `json:"severityReasons,omitempty"`
	Remediation     string                        `json:"remediation,omitempty"`
}

type JfrogResearchSeverityReason 

type JfrogResearchSeverityReason struct {
	Name        string `json:"name,omitempty"`
	Description string `json:"description,omitempty"`
	IsPositive  bool   `json:"isPositive,omitempty"`
}

type LicenseRow 

type LicenseRow struct {
	ImpactedDependencyDetails
	LicenseKey  string           `json:"licenseKey"`
	LicenseName string           `json:"licenseName,omitempty"`
	ImpactPaths [][]ComponentRow `json:"impactPaths"`
}

type LicenseViolationRow added in v1.14.0 

type LicenseViolationRow struct {
	LicenseRow
	ViolationContext
}

type Location 

type Location struct {
	File        string `json:"file"`
	StartLine   int    `json:"startLine,omitempty"`
	StartColumn int    `json:"startColumn,omitempty"`
	EndLine     int    `json:"endLine,omitempty"`
	EndColumn   int    `json:"endColumn,omitempty"`
	Snippet     string `json:"snippet,omitempty"`
}

func (Location) ToString added in v1.14.0 

func (l Location) ToString() string

String Representation of the location (can be used as unique ID of the location)

type OperationalRiskViolationRow 

type OperationalRiskViolationRow struct {
	ImpactedDependencyDetails
	ViolationContext
	RiskReason    string `json:"riskReason"`
	IsEol         string `json:"isEndOfLife"`
	EolMessage    string `json:"endOfLifeMessage"`
	Cadence       string `json:"cadence"`
	Commits       string `json:"commits"`
	Committers    string `json:"committers"`
	NewerVersions string `json:"newerVersions"`
	LatestVersion string `json:"latestVersion"`
}

type ResultSummary 

type ResultSummary map[string]map[string]int

Severity -> status -> Count

func MergeResultSummaries 

func MergeResultSummaries(summaries ...ResultSummary) (merged ResultSummary)

func (ResultSummary) GetTotal 

func (rs ResultSummary) GetTotal(filterSeverities ...string) (total int)

type ResultsSummary 

type ResultsSummary struct {
	Scans []ScanSummary `json:"scans"`
}

func (*ResultsSummary) GetTotalViolations 

func (rs *ResultsSummary) GetTotalViolations(filterTypes ...SummaryResultType) (total int)

func (*ResultsSummary) GetTotalVulnerabilities 

func (rs *ResultsSummary) GetTotalVulnerabilities(filterTypes ...SummaryResultType) (total int)

func (*ResultsSummary) HasViolations 

func (rs *ResultsSummary) HasViolations() bool

type ResultsTables 

type ResultsTables struct {
	// Licenses
	LicensesTable []licenseTableRow
	// SBOM (Software Bill of Materials)
	SbomTable []SbomTableRow
	// Sca tables
	SecurityVulnerabilitiesTable   []scaVulnerabilityOrViolationTableRow
	SecurityViolationsTable        []scaVulnerabilityOrViolationTableRow
	LicenseViolationsTable         []licenseViolationTableRow
	OperationalRiskViolationsTable []operationalRiskViolationTableRow
	// Iac tables
	IacVulnerabilitiesTable []iacOrSastTableRow
	IacViolationsTable      []iacOrSastTableRow
	// Sast tables
	SastVulnerabilitiesTable []iacOrSastTableRow
	SastViolationsTable      []iacOrSastTableRow
	// Secrets
	SecretsVulnerabilitiesTable []secretsTableRow
	SecretsViolationsTable      []secretsTableRow
	// Malicious Code
	MaliciousVulnerabilitiesTable []maliciousTableRow
}

type SbomTableRow added in v1.16.0 

type SbomTableRow struct {
	Component   string `col-name:"Component"`
	Version     string `col-name:"Version"`
	PackageType string `col-name:"Type"`
	Relation    string `col-name:"Relation"`
	// For sorting
	RelationPriority int
}

type ScaScanResultSummary 

type ScaScanResultSummary struct {
	ScanIds         []string      `json:"scan_ids,omitempty"`
	MoreInfoUrls    []string      `json:"more_info_urls,omitempty"`
	Security        ResultSummary `json:"security,omitempty"`
	License         ResultSummary `json:"license,omitempty"`
	OperationalRisk ResultSummary `json:"operational_risk,omitempty"`
}

type ScanResultSummary 

type ScanResultSummary struct {
	ScaResults       *ScaScanResultSummary `json:"sca,omitempty"`
	IacResults       *ResultSummary        `json:"iac,omitempty"`
	SecretsResults   *ResultSummary        `json:"secrets,omitempty"`
	SastResults      *ResultSummary        `json:"sast,omitempty"`
	MaliciousResults *ResultSummary        `json:"maliciousCode,omitempty"`
}

func GetVulnerabilitiesSummaries 

func GetVulnerabilitiesSummaries(summaries ...ResultsSummary) *ScanResultSummary

func (*ScanResultSummary) GetMoreInfoUrls 

func (srs *ScanResultSummary) GetMoreInfoUrls() (urls []string)

func (*ScanResultSummary) GetScanIds 

func (srs *ScanResultSummary) GetScanIds() (scanIds []string)

func (*ScanResultSummary) GetSummaryBySeverity 

func (ss *ScanResultSummary) GetSummaryBySeverity() (summary ResultSummary)

Returns a ResultSummary with the counts described in the summary Severity -> status -> Count

func (*ScanResultSummary) GetTotal 

func (srs *ScanResultSummary) GetTotal(filterTypes ...SummaryResultType) (total int)

func (*ScanResultSummary) HasIssues 

func (srs *ScanResultSummary) HasIssues() bool

type ScanStatus added in v1.14.0 

type ScanStatus struct {
	// If not nil, the scan was performed. The value is the status code of the scans. if not 0, the scan failed.
	ScaStatusCode           *int `json:"scaScanStatusCode,omitempty"`
	SastStatusCode          *int `json:"sastScanStatusCode,omitempty"`
	IacStatusCode           *int `json:"iacScanStatusCode,omitempty"`
	SecretsStatusCode       *int `json:"secretsScanStatusCode,omitempty"`
	ApplicabilityStatusCode *int `json:"ContextualAnalysisScanStatusCode,omitempty"`
	MaliciousStatusCode     *int `json:"MaliciousStatusCode,omitempty"`
}

type ScanSummary 

type ScanSummary struct {
	Target          string                 `json:"target"`
	Name            string                 `json:"name,omitempty"`
	Vulnerabilities *ScanResultSummary     `json:"vulnerabilities,omitempty"`
	Violations      *ScanViolationsSummary `json:"violations,omitempty"`
	CuratedPackages *CuratedPackages       `json:"curated,omitempty"`
}

func (*ScanSummary) GetScanIds 

func (sc *ScanSummary) GetScanIds() (scanIds []string)

func (*ScanSummary) HasBlockedPackages 

func (sc *ScanSummary) HasBlockedPackages() bool

func (*ScanSummary) HasCuratedPackages 

func (sc *ScanSummary) HasCuratedPackages() bool

func (*ScanSummary) HasViolations 

func (sc *ScanSummary) HasViolations() bool

func (*ScanSummary) HasVulnerabilities 

func (sc *ScanSummary) HasVulnerabilities() bool

type ScanViolationsSummary 

type ScanViolationsSummary struct {
	Watches   []string `json:"watches,omitempty"`
	FailBuild bool     `json:"fail_build,omitempty"`
	ScanResultSummary
}

func GetViolationSummaries 

func GetViolationSummaries(summaries ...ResultsSummary) *ScanViolationsSummary

type ScannerInfo added in v1.14.0 

type ScannerInfo struct {
	RuleId                  string   `json:"ruleId"`
	Origin                  string   `json:"origin,omitempty"`
	Cwe                     []string `json:"cwe,omitempty"`
	ScannerShortDescription string   `json:"scannerShortDescription,omitempty"`
	ScannerDescription      string   `json:"scannerDescription,omitempty"`
}

type SeverityDetails 

type SeverityDetails struct {
	Severity         string `json:"severity"`
	SeverityNumValue int    `json:"-"` // For sorting
}

type SimpleJsonError 

type SimpleJsonError struct {
	FilePath     string `json:"filePath"`
	ErrorMessage string `json:"errorMessage"`
}

type SimpleJsonResults 

type SimpleJsonResults struct {
	Vulnerabilities           []VulnerabilityOrViolationRow `json:"vulnerabilities"`
	SecurityViolations        []VulnerabilityOrViolationRow `json:"securityViolations"`
	LicensesViolations        []LicenseViolationRow         `json:"licensesViolations"`
	Licenses                  []LicenseRow                  `json:"licenses"`
	OperationalRiskViolations []OperationalRiskViolationRow `json:"operationalRiskViolations"`
	SecretsVulnerabilities    []SourceCodeRow               `json:"secrets"`
	IacsVulnerabilities       []SourceCodeRow               `json:"iac"`
	SastVulnerabilities       []SourceCodeRow               `json:"sast"`
	SecretsViolations         []SourceCodeRow               `json:"secretsViolations"`
	IacsViolations            []SourceCodeRow               `json:"iacViolations"`
	SastViolations            []SourceCodeRow               `json:"sastViolations"`
	MaliciousVulnerabilities  []SourceCodeRow               `json:"maliciousCode"`
	Errors                    []SimpleJsonError             `json:"errors"`
	Statuses                  ScanStatus                    `json:"scansStatus"`
	MultiScanId               string                        `json:"multiScanId,omitempty"`
}

This struct holds the sorted results of the simple-json output.

type SourceCodeRow 

type SourceCodeRow struct {
	SeverityDetails
	ViolationContext
	ScannerInfo
	Location
	Finding       string         `json:"finding,omitempty"`
	Fingerprint   string         `json:"fingerprint,omitempty"`
	Applicability *Applicability `json:"applicability,omitempty"`
	CodeFlow      [][]Location   `json:"codeFlow,omitempty"`
}

type SummaryResultType 

type SummaryResultType string
const (
	IacResult            SummaryResultType = "IAC"
	SecretsResult        SummaryResultType = "Secrets"
	SastResult           SummaryResultType = "SAST"
	ScaResult            SummaryResultType = "SCA"
	ScaSecurityResult    SummaryResultType = "Security"
	ScaLicenseResult     SummaryResultType = "License"
	ScaOperationalResult SummaryResultType = "Operational"

	NoStatus = ""
)

func (SummaryResultType) String 

func (srt SummaryResultType) String() string

type ViolationContext added in v1.14.0 

type ViolationContext struct {
	// The watch name that generated the violation
	Watch string `json:"watch,omitempty"`
	// Unique id of the violation if exists
	IssueId string `json:"issueId,omitempty"`
	// The related policy names
	Policies []string `json:"policies,omitempty"`
	// Value of fail_pr rule that can be applied to a policy. Indicates if the violation should fail the PR
	FailPr bool `json:"fail_pull_request,omitempty"`
	// Value of fail_build rule that can be applied to a policy. Indicates if the violation should fail the build
	FailBuild bool `json:"fail_build,omitempty"`
}

type Vulnerabilities 

type Vulnerabilities struct {
	Vulnerabilities XMLVulnerability `xml:"vulnerabilities"`
}

type Vulnerability 

type Vulnerability struct {
	BomRef string `json:"bom-ref" xml:"bom-ref,attr"`
	ID     string `json:"id" xml:"id"`
}

type VulnerabilityOrViolationRow 

type VulnerabilityOrViolationRow struct {
	ImpactedDependencyDetails
	ViolationContext
	Summary                  string                    `json:"summary"`
	Applicable               string                    `json:"applicable"`
	FixedVersions            []string                  `json:"fixedVersions"`
	Cves                     []CveRow                  `json:"cves"`
	IssueId                  string                    `json:"issueId"`
	References               []string                  `json:"references"`
	ImpactPaths              [][]ComponentRow          `json:"impactPaths"`
	JfrogResearchInformation *JfrogResearchInformation `json:"jfrogResearchInformation"`
	Technology               techutils.Technology      `json:"-"`
}

Used for vulnerabilities and security violations

type XMLVulnerability 

type XMLVulnerability struct {
	Vulnerability []Vulnerability `xml:"vulnerability"`
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.