cdxutils

package
v1.25.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 31, 2025 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AddServiceToBomIfNotExists 

func AddServiceToBomIfNotExists(bom *cyclonedx.BOM, service cyclonedx.Service)

func AppendAffectedVersionsIfNotExists added in v1.22.0 

func AppendAffectedVersionsIfNotExists(affect *cyclonedx.Affects, affectedVersions ...cyclonedx.AffectedVersions)

func AppendComponents added in v1.21.0 

func AppendComponents(bom *cyclonedx.BOM, components *[]cyclonedx.Component)

func AppendDependencies added in v1.21.0 

func AppendDependencies(bom *cyclonedx.BOM, dependencies *[]cyclonedx.Dependency)

func AppendProperties 

func AppendProperties(properties *[]cyclonedx.Property, newProperties ...cyclonedx.Property) *[]cyclonedx.Property

AppendProperties appends new properties to the existing properties list and returns the updated list.

func AttachComponentAffects 

func AttachComponentAffects(issue *cyclonedx.Vulnerability, affectedComponent cyclonedx.Component, affectsGenerator func(affectedComponent cyclonedx.Component) cyclonedx.Affects, relatedProperties ...cyclonedx.Property)

func AttachEvidenceOccurrenceToComponent 

func AttachEvidenceOccurrenceToComponent(component *cyclonedx.Component, evidenceOccurrence cyclonedx.EvidenceOccurrence)

func AttachLicenseToComponent 

func AttachLicenseToComponent(component *cyclonedx.Component, license cyclonedx.LicenseChoice)

func ConvertToAffectedVersions added in v1.23.0 

func ConvertToAffectedVersions(affectedComponent cyclonedx.Component, fixedVersion []string) *[]cyclonedx.AffectedVersions

func CreateBaseVulnerability 

func CreateBaseVulnerability(params CdxVulnerabilityParams, properties ...cyclonedx.Property) cyclonedx.Vulnerability

func CreateFileOrDirComponent 

func CreateFileOrDirComponent(filePathOrUri string) (component cyclonedx.Component)

func CreateScaImpactedAffects 

func CreateScaImpactedAffects(impactedPackageComponent cyclonedx.Component, fixedVersions []string) (affect cyclonedx.Affects)

func Exclude 

func Exclude(bom cyclonedx.BOM, componentsToExclude ...cyclonedx.Component) (filteredSbom *cyclonedx.BOM)

func GetDirectDependencies 

func GetDirectDependencies(dependencies *[]cyclonedx.Dependency, ref string) []string

func GetFileRef 

func GetFileRef(filePathOrUri string) string

func GetOrCreateScaIssue 

func GetOrCreateScaIssue(destination *cyclonedx.BOM, params CdxVulnerabilityParams, properties ...cyclonedx.Property) (scaVulnerability *cyclonedx.Vulnerability)

Returns the index of the vulnerability in the BOM

func GetProperty 

func GetProperty(properties *[]cyclonedx.Property, name string) *cyclonedx.Property

func GetRootDependenciesEntries 

func GetRootDependenciesEntries(bom *cyclonedx.BOM, skipDefaultRoot bool) (roots []cyclonedx.Dependency)

func GetSerialNumber 

func GetSerialNumber(id string) string

func GetTrimmedPurlByRef added in v1.25.0 

func GetTrimmedPurlByRef(dep string, components *[]cyclonedx.Component) string

func HasImpactedAffects 

func HasImpactedAffects(vulnerability cyclonedx.Vulnerability, affectedComponent cyclonedx.Component) bool

func SearchComponentByCleanPurl added in v1.25.0 

func SearchComponentByCleanPurl(components *[]cyclonedx.Component, purl string) (component *cyclonedx.Component)

func SearchComponentByRef 

func SearchComponentByRef(components *[]cyclonedx.Component, ref string) (component *cyclonedx.Component)

func SearchDependencyEntry 

func SearchDependencyEntry(dependencies *[]cyclonedx.Dependency, ref string) *cyclonedx.Dependency

SearchDependencyEntry searches for a dependency entry by reference in the provided dependencies list.

func SearchForServiceByName 

func SearchForServiceByName(bom *cyclonedx.BOM, serviceName string) *cyclonedx.Service

func SearchParents 

func SearchParents(componentRef string, components []cyclonedx.Component, dependencies ...cyclonedx.Dependency) []cyclonedx.Component

func SearchRating 

func SearchRating(ratings *[]cyclonedx.VulnerabilityRating, method cyclonedx.ScoringMethod, sources ...*cyclonedx.Source) *cyclonedx.VulnerabilityRating

func SearchVulnerabilityByRef 

func SearchVulnerabilityByRef(destination *cyclonedx.BOM, ref string) *cyclonedx.Vulnerability

Types

type CdxVulnerabilityParams 

type CdxVulnerabilityParams struct {
	Ref         string
	ID          string
	Details     string
	Description string
	Service     *cyclonedx.Service
	CWE         []string
	References  []string
	Ratings     []cyclonedx.VulnerabilityRating
}

type ComponentRelation 

type ComponentRelation string
const (
	// Indicates that the component is a root component in the BOM
	RootRelation ComponentRelation = "root"
	// Indicates that the component is a direct dependency of another component
	DirectRelation ComponentRelation = "direct_dependency"
	// Indicates that the component is a transitive dependency of another component
	TransitiveRelation ComponentRelation = "transitive_dependency"
	// Undefined relation
	UnknownRelation ComponentRelation = ""
)

func GetComponentRelation 

func GetComponentRelation(bom *cyclonedx.BOM, componentRef string, skipDefaultRoot bool) ComponentRelation

type FullBOM added in v1.21.7 

type FullBOM struct {
	cyclonedx.BOM
	Sast []*sarif.Run `json:"sast,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.