utils

package
v1.25.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 31, 2025 License: Apache-2.0 Imports: 27 Imported by: 3

Documentation

Index

Constants

View Source 
const (
	JfrogCurationDirName = "curation"

	CurationsDir = "JFROG_CLI_CURATION_DIR"

	// #nosec G101 -- Not credentials.
	CurationSupportFlag = "JFROG_CLI_CURATION"
)
View Source 
const (
	NodeModulesPattern = "**/*node_modules*/**"
	JfMsiEnvVariable   = "JF_MSI"

	BaseDocumentationURL = "https://jfrog.com/help/r/jfrog-security-user-guide/products/"
	XrayInfoURL          = "https://jfrog.com/xray/"
	JasInfoURL           = "https://jfrog.com/devops-native-security/"

	EntitlementsMinVersion        = "3.66.5"
	GitRepoKeyAnalyticsMinVersion = "3.114.0"
	StaticScanMinVersion          = "3.133.0"

	XrayToolName = "JFrog Xray Scanner"

	JfrogExternalRunIdEnv   = "JFROG_CLI_USAGE_RUN_ID"
	JfrogExternalJobIdEnv   = "JFROG_CLI_USAGE_JOB_ID"
	JfrogExternalGitRepoEnv = "JFROG_CLI_USAGE_GIT_REPO"

	CurrentGithubWorkflowNameEnvVar      = "GITHUB_WORKFLOW"
	CurrentGithubWorkflowRunNumberEnvVar = "GITHUB_RUN_NUMBER"
	CurrentGithubWorkflowWorkspaceEnvVar = "GITHUB_WORKSPACE"
	CurrentGithubWorkflowJobEnvVar       = "GITHUB_JOB"
	CurrentGithubShaEnvVar               = "GITHUB_SHA"

	IsAllowEmojis = "JF_ALLOW_EMOJIS"
)

Variables

View Source 
var (
	// Exclude pattern for files.
	DefaultJasExcludePatterns = []string{"**/.git/**", "**/*test*/**", "**/*venv*/**", NodeModulesPattern, "**/target/**", "**/dist/**"}
	// Exclude pattern for directories.
	DefaultScaExcludePatterns = []string{"*.git*", "*node_modules*", "*target*", "*venv*", "*test*", "dist"}
)

Functions

func DownloadResourceFromPlatformIfNeeded added in v1.21.7 

func DownloadResourceFromPlatformIfNeeded(resourceName, downloadPath, targetDir, targetArtifactName string, explodeArtifact bool, threadId int) error

func DumpCdxContentToFile added in v1.20.0 

func DumpCdxContentToFile(bom *cyclonedx.BOM, scanResultsOutputDir, filePrefix string, threadId int) (pathToSave string, err error)

func DumpCdxJsonContentToFile added in v1.23.0 

func DumpCdxJsonContentToFile(fileContent []byte, scanResultsOutputDir, filePrefix string, threadId int) (resultsFileFullPath string, err error)

func DumpContentToFile added in v1.9.0 

func DumpContentToFile(fileContent []byte, scanResultsOutputDir string, prefix, suffix string, threadId int) (resultsFileFullPath string, err error)

func DumpJsonContentToFile added in v1.20.0 

func DumpJsonContentToFile(fileContent []byte, scanResultsOutputDir string, scanType string, threadId int) (err error)

func DumpSarifContentToFile added in v1.20.0 

func DumpSarifContentToFile(fileContent []byte, scanResultsOutputDir string, scanType string, threadId int) (err error)

func FileSha256 added in v1.20.0 

func FileSha256(filePath string) (string, error)

func GetAsJsonBytes added in v1.12.0 

func GetAsJsonBytes(output interface{}, escapeValues, indent bool) (results []byte, err error)

func GetAsJsonString added in v1.12.0 

func GetAsJsonString(output interface{}, escapeValues, indent bool) (string, error)

func GetCommonParentDir added in v1.18.0 

func GetCommonParentDir(paths ...string) string

Calculate the common parent directory of the given paths. Examples:

  1. [dir] -> dir
  2. [dir/dir, dir/directory] -> dir
  3. [dir, directory] -> "."
  4. [dir/dir2, dir/dir2/dir3, dir/dir2/dir3/dir4] -> dir/dir2

func GetCurationCacheFolder added in v1.0.4 

func GetCurationCacheFolder() (string, error)

func GetCurationCacheFolderByTech added in v1.3.0 

func GetCurationCacheFolderByTech(tech techutils.Technology) (projectDir string, err error)

func GetCurationNugetCacheFolder added in v1.8.1 

func GetCurationNugetCacheFolder() (string, error)

func GetCurationPipCacheFolder added in v1.1.0 

func GetCurationPipCacheFolder() (string, error)

func GetCurrentTimeUnix added in v1.20.0 

func GetCurrentTimeUnix() string

func GetGitRepoUrlKey added in v1.15.0 

func GetGitRepoUrlKey(gitRepoHttpsCloneUrl string) string

Returns the key for the git reop Url, as expected by the Analyzer Manager and the Analytics event report

func GetRelativePath added in v1.18.0 

func GetRelativePath(fullPathWd, baseWd string) string

func GetReleasesRemoteDetails added in v1.20.0 

func GetReleasesRemoteDetails(artifact, downloadPath string) (server *config.ServerDetails, fullRemotePath string, err error)

func GetRepositoriesScansListUrlForArtifact added in v1.20.0 

func GetRepositoriesScansListUrlForArtifact(baseUrl, repoPath, artifactName, packageID string) string

func GetScanFindingsLog added in v1.14.0 

func GetScanFindingsLog(scanType SubScanType, vulnerabilitiesCount int, scanStartTime time.Time, threadId int) string

func GetScanStartLog added in v1.23.0 

func GetScanStartLog(scanType SubScanType, target string, targetCount, threadId int) string

func IsCI added in v1.12.0 

func IsCI() bool

func IsJASRequested added in v1.14.1 

func IsJASRequested(cmdType CommandType, requestedScans ...SubScanType) bool

func IsScanRequested added in v1.12.0 

func IsScanRequested(cmdType CommandType, subScan SubScanType, requestedScans ...SubScanType) bool

IsScanRequested returns true if the scan is requested, otherwise false. If requestedScans is empty, all scans are considered requested.

func Md5Hash added in v1.8.0 

func Md5Hash(values ...string) (string, error)

func MergeMaps added in v1.5.0 

func MergeMaps(maps ...map[string]string) map[string]string

Merge multiple maps into one, the last map will override the previous ones

func NewBoolPtr added in v1.12.0 

func NewBoolPtr(v bool) *bool

func NewFloat64Ptr added in v1.12.0 

func NewFloat64Ptr(v float64) *float64

func NewInt64Ptr added in v1.12.0 

func NewInt64Ptr(v int64) *int64

func NewIntPtr added in v1.12.0 

func NewIntPtr(v int) *int

func NewStrPtr added in v1.14.0 

func NewStrPtr(v string) *string

func NewStringPtr added in v1.13.7 

func NewStringPtr(v string) *string

func ReadSbomFromFile added in v1.20.0 

func ReadSbomFromFile(cdxFilePath string) (bom *cyclonedx.BOM, err error)

func SaveCdxContentToFile added in v1.20.0 

func SaveCdxContentToFile(pathToSave string, bom *cyclonedx.BOM) (err error)

func Sha1Hash added in v1.8.0 

func Sha1Hash(values ...string) (string, error)

func Sha256Hash added in v1.20.0 

func Sha256Hash(values ...string) (string, error)

func ToCommandEnvVars added in v1.5.0 

func ToCommandEnvVars(envVarsMap map[string]string) (converted []string)

map[string]string to []string (key=value format)

func ToEnvVarsMap added in v1.5.0 

func ToEnvVarsMap(envVars []string) (converted map[string]string)

[]string (key=value format) to map[string]string

func ToURI added in v1.18.0 

func ToURI(path string) string

func UniqueIntersection added in v1.12.0 

func UniqueIntersection[T comparable](arr []T, others ...T) []T

UniqueIntersection returns a new slice of strings that contains elements from both input slices without duplicates

func UniqueUnion added in v1.12.0 

func UniqueUnion[T comparable](arr []T, elements ...T) []T

UniqueUnion returns a new slice of strings that contains elements from the input slice and the elements provided without duplicates

Types

type CommandType added in v1.8.0 

type CommandType string
const (
	SourceCode  CommandType = "source_code"
	Binary      CommandType = "binary"
	DockerImage CommandType = "docker_image"
	Build       CommandType = "build"
	Curation    CommandType = "curation"
	SBOM        CommandType = "SBOM"
)

func (CommandType) IsTargetBinary added in v1.8.0 

func (s CommandType) IsTargetBinary() bool

type SecurityParallelRunner added in v1.4.0 

type SecurityParallelRunner struct {
	Runner        parallel.Runner
	ResultsMu     sync.Mutex
	ScaScansWg    sync.WaitGroup // Verify that the sca scan routines are done before running contextual scan
	JasScannersWg sync.WaitGroup // Verify that all scanners routines are done before cleaning temp dir
	JasWg         sync.WaitGroup // Verify that downloading analyzer manager and running all scanners are done
	// contains filtered or unexported fields
}

func CreateSecurityParallelRunner added in v1.4.0 

func CreateSecurityParallelRunner(numOfParallelScans int) *SecurityParallelRunner

func NewSecurityParallelRunner added in v1.4.0 

func NewSecurityParallelRunner(numOfParallelScans int) SecurityParallelRunner

func (*SecurityParallelRunner) OnScanEnd added in v1.20.0 

func (spr *SecurityParallelRunner) OnScanEnd(funcToRunOnScanEnd func()) *SecurityParallelRunner

func (*SecurityParallelRunner) Start added in v1.20.0 

func (spr *SecurityParallelRunner) Start()

type SubScanType added in v1.4.0 

type SubScanType string
const (
	ContextualAnalysisScan    SubScanType = "contextual_analysis"
	ScaScan                   SubScanType = "sca"
	IacScan                   SubScanType = "iac"
	SastScan                  SubScanType = "sast"
	SecretsScan               SubScanType = "secrets"
	SecretTokenValidationScan SubScanType = "secrets_token_validation"
	MaliciousCodeScan         SubScanType = "malicious_code"
)

func GetAllSupportedScans added in v1.4.0 

func GetAllSupportedScans() []SubScanType

func (SubScanType) String added in v1.4.0 

func (s SubScanType) String() string

func (SubScanType) ToTextString added in v1.20.0 

func (subScan SubScanType) ToTextString() string

Source Files

View all Source files

Directories

Path Synopsis
cdxutils
sarifutils
snapshotconvertor
violationutils
conversion
conversion/cyclonedxparser
conversion/sarifparser
conversion/simplejsonparser
conversion/summaryparser
conversion/tableparser
output
artifact
remediation
scangraph

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.