sarifparser

package

v1.24.2 Latest Latest Go to latest Published: Dec 17, 2025 License: Apache-2.0 Imports: 21 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/jfrog/jfrog-cli-security

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func PrepareSarifScaVulnerabilities(cmdType utils.CommandType, target results.ScanTarget, descriptors []string, ...) ([]*sarif.Result, map[string]*sarif.ReportingDescriptor, error)
type CmdResultsSarifConverter
- func NewCmdResultsSarifConverter(baseUrl string, patchBinaryPaths bool) *CmdResultsSarifConverter
type PatchSarifParams
type RunInJfrogReport

Constants ¶

View Source

const (
	MissingCveScore = "0"

	// #nosec G101 -- Not credentials.
	BinarySecretScannerToolName = "JFrog Binary Secrets Scanner"
	PolicyEnforcerToolName      = "JFrog Policy Enforcer"
)

Variables ¶

View Source

var (
	GithubBaseWorkflowDir = filepath.Join(".github", "workflows")
)

Functions ¶

func PrepareSarifScaVulnerabilities ¶

func PrepareSarifScaVulnerabilities(cmdType utils.CommandType, target results.ScanTarget, descriptors []string, vulnerabilities []services.Vulnerability, entitledForJas bool, applicabilityRuns ...*sarif.Run) ([]*sarif.Result, map[string]*sarif.ReportingDescriptor, error)

Types ¶

type CmdResultsSarifConverter ¶

type CmdResultsSarifConverter struct {
	// contains filtered or unexported fields
}

func NewCmdResultsSarifConverter ¶

func NewCmdResultsSarifConverter(baseUrl string, patchBinaryPaths bool) *CmdResultsSarifConverter

func (*CmdResultsSarifConverter) DeprecatedParseLicenses ¶ added in v1.20.0

func (sc *CmdResultsSarifConverter) DeprecatedParseLicenses(_ services.ScanResponse) (err error)

func (*CmdResultsSarifConverter) DeprecatedParseScaVulnerabilities ¶ added in v1.23.0

func (sc *CmdResultsSarifConverter) DeprecatedParseScaVulnerabilities(descriptors []string, scaResponse services.ScanResponse, applicableScan ...[]*sarif.Run) (err error)

func (*CmdResultsSarifConverter) Get ¶

func (sc *CmdResultsSarifConverter) Get() (*sarif.Report, error)

func (*CmdResultsSarifConverter) ParseCVEs ¶ added in v1.20.0

func (sc *CmdResultsSarifConverter) ParseCVEs(enrichedSbom *cyclonedx.BOM, applicableScan ...[]*sarif.Run) (err error)

func (*CmdResultsSarifConverter) ParseIacs ¶

func (sc *CmdResultsSarifConverter) ParseIacs(iacs ...[]*sarif.Run) (err error)

func (*CmdResultsSarifConverter) ParseNewTargetResults ¶

func (sc *CmdResultsSarifConverter) ParseNewTargetResults(target results.ScanTarget, errors ...error) (err error)

func (*CmdResultsSarifConverter) ParseSast ¶

func (sc *CmdResultsSarifConverter) ParseSast(sast ...[]*sarif.Run) (err error)

func (*CmdResultsSarifConverter) ParseSbom ¶ added in v1.16.0

func (sc *CmdResultsSarifConverter) ParseSbom(_ *cyclonedx.BOM) (err error)

func (*CmdResultsSarifConverter) ParseSbomLicenses ¶ added in v1.20.0

func (sc *CmdResultsSarifConverter) ParseSbomLicenses(components []cyclonedx.Component, dependencies ...cyclonedx.Dependency) (err error)

func (*CmdResultsSarifConverter) ParseSecrets ¶

func (sc *CmdResultsSarifConverter) ParseSecrets(secrets ...[]*sarif.Run) (err error)

func (*CmdResultsSarifConverter) ParseViolations ¶

func (sc *CmdResultsSarifConverter) ParseViolations(violationsScanResults violationutils.Violations) (err error)

func (*CmdResultsSarifConverter) Reset ¶

func (sc *CmdResultsSarifConverter) Reset(metadata results.ResultsMetaData, statusCodes results.ResultsStatus, multipleTargets bool) (err error)

type PatchSarifParams ¶ added in v1.23.0

type PatchSarifParams struct {
	// Required parameters
	CmdType     utils.CommandType
	SubScanType utils.SubScanType
	// Optional parameters
	CopyContent  bool
	ConvertPaths bool
	// Use instead of invocation to convert the paths to relative
	WorkingDirectory string
	// Indicate if the runs are violations runs
	IsViolations bool
	// Add Analytics to the runs when viewed in web
	BaseJfrogUrl string
	// For uploading to Source Code Scanning, replace binary inner paths with the DOCKER file path or workflow path
	// (append the replaced path to the help text)
	PatchBinaryPaths bool
	// Add docker image tag for docker image scans
	Target *results.ScanTarget
}

type RunInJfrogReport ¶ added in v1.23.0

type RunInJfrogReport string

const (
	ScaRun        RunInJfrogReport = "sca"
	SecretsRun    RunInJfrogReport = "secrets"
	IacRun        RunInJfrogReport = "iac"
	SastRun       RunInJfrogReport = "sast"
	ViolationsRun RunInJfrogReport = "violations"
)

Source Files ¶

View all Source files

sarifparser.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL