Documentation
¶
Index ¶
- type CommandResultsConvertor
- func (c *CommandResultsConvertor) ConvertToCycloneDx(cmdResults *results.SecurityCommandResults) (bom *cdxutils.FullBOM, err error)
- func (c *CommandResultsConvertor) ConvertToSarif(cmdResults *results.SecurityCommandResults) (sarifReport *sarif.Report, err error)
- func (c *CommandResultsConvertor) ConvertToSimpleJson(cmdResults *results.SecurityCommandResults) (simpleJsonResults formats.SimpleJsonResults, err error)
- func (c *CommandResultsConvertor) ConvertToSummary(cmdResults *results.SecurityCommandResults) (summaryResults formats.ResultsSummary, err error)
- func (c *CommandResultsConvertor) ConvertToTable(cmdResults *results.SecurityCommandResults) (tableResults formats.ResultsTables, err error)
- type ResultConvertParams
- type ResultsStreamFormatParser
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CommandResultsConvertor ¶
type CommandResultsConvertor struct {
Params ResultConvertParams
}
func NewCommandResultsConvertor ¶
func NewCommandResultsConvertor(params ResultConvertParams) *CommandResultsConvertor
func (*CommandResultsConvertor) ConvertToCycloneDx ¶ added in v1.20.0
func (c *CommandResultsConvertor) ConvertToCycloneDx(cmdResults *results.SecurityCommandResults) (bom *cdxutils.FullBOM, err error)
func (*CommandResultsConvertor) ConvertToSarif ¶
func (c *CommandResultsConvertor) ConvertToSarif(cmdResults *results.SecurityCommandResults) (sarifReport *sarif.Report, err error)
func (*CommandResultsConvertor) ConvertToSimpleJson ¶
func (c *CommandResultsConvertor) ConvertToSimpleJson(cmdResults *results.SecurityCommandResults) (simpleJsonResults formats.SimpleJsonResults, err error)
func (*CommandResultsConvertor) ConvertToSummary ¶
func (c *CommandResultsConvertor) ConvertToSummary(cmdResults *results.SecurityCommandResults) (summaryResults formats.ResultsSummary, err error)
func (*CommandResultsConvertor) ConvertToTable ¶
func (c *CommandResultsConvertor) ConvertToTable(cmdResults *results.SecurityCommandResults) (tableResults formats.ResultsTables, err error)
type ResultConvertParams ¶
type ResultConvertParams struct {
// If true, a violation context was provided and we expect violation results
HasViolationContext bool
// Control if the output should include vulnerabilities information
IncludeVulnerabilities bool
// If true and commandType.IsTargetBinary(), binary inner paths in results will be converted to the CI job file (relevant only for SARIF)
PatchBinaryPaths bool
// Control if SAST results should be parsed directly into the CycloneDX BOM, if false SARIF runs will be attached at "sast" attribute, diverting from the CDX spec (relevant only for CycloneDX)
ParseSastResultDirectlyIntoCDX bool
// Control if the output should include licenses information
IncludeLicenses bool
// Control if the output should include SBOM information (relevant only for Table)
IncludeSbom bool
// Control and override converting command results as multi target results, if nil will be determined by the results.HasMultipleTargets()
IsMultipleRoots *bool
// The requested scans to be included in the results, if empty all scans will be included
RequestedScans []utils.SubScanType
// Create local license violations if repo context was not provided and a license is not in this list
AllowedLicenses []string
// Output will contain only the unique violations determined by the GetUniqueKey function (SimpleJson only)
SimplifiedOutput bool
// Convert the results to a pretty format if supported (Table and SimpleJson only)
Pretty bool
// The JFrog platform URL to be used in the results (Sarif only - GitHub integration)
PlatformUrl string
}
type ResultsStreamFormatParser ¶
type ResultsStreamFormatParser[T interface{}] interface {
// Reset the convertor to start converting a new command results
Reset(cmdType utils.CommandType, multiScanId, xrayVersion string, entitledForJas, multipleTargets bool, gitContext *xscServices.XscGitInfoContext, generalError error) error
// Will be called for each scan target (indicating the current is done parsing and starting to parse a new scan)
ParseNewTargetResults(target results.ScanTarget, errors ...error) error
// TODO: This method is deprecated and only used for backward compatibility until the new BOM can contain all the information scanResponse contains.
// Missing attributes:
// - ExtendedInformation (JfrogResearchInformation): ShortDescription, FullDescription, frogResearchSeverityReasons, Remediation
DeprecatedParseScaIssues(target results.ScanTarget, descriptors []string, violations bool, scaResponse results.ScanResult[services.ScanResponse], applicableScan ...results.ScanResult[[]*sarif.Run]) error
DeprecatedParseLicenses(target results.ScanTarget, scaResponse results.ScanResult[services.ScanResponse]) error
// Parse SCA content to the current scan target
ParseSbom(target results.ScanTarget, sbom *cyclonedx.BOM) error
ParseSbomLicenses(target results.ScanTarget, components []cyclonedx.Component, dependencies ...cyclonedx.Dependency) error
ParseCVEs(target results.ScanTarget, enrichedSbom results.ScanResult[*cyclonedx.BOM], applicableScan ...results.ScanResult[[]*sarif.Run]) error
// Parse JAS content to the current scan target
ParseSecrets(target results.ScanTarget, violations bool, secrets []results.ScanResult[[]*sarif.Run]) error
ParseIacs(target results.ScanTarget, violations bool, iacs []results.ScanResult[[]*sarif.Run]) error
ParseSast(target results.ScanTarget, violations bool, sast []results.ScanResult[[]*sarif.Run]) error
// Parse JFrog violations to the current scan target
ParseViolations(target results.ScanTarget, descriptors []string, violations []services.Violation, applicableScan ...results.ScanResult[[]*sarif.Run]) error
// When done parsing the stream results, get the converted content
Get() (T, error)
}
Parse a stream of results and convert them to the desired format T
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.