jas

package
v1.26.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 4, 2026 License: Apache-2.0 Imports: 35 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	ApplicabilityFeatureId = "contextual_analysis"
	AnalyzerManagerZipName = "analyzerManager.zip"

	ErrFailedScannerRun = "failed to run %s scan. Exit code received: %s"

	JfPackageManagerEnvVariable = "AM_PACKAGE_MANAGER"
	JfLanguageEnvVariable       = "AM_LANGUAGE"
	DiffScanEnvVariable         = "AM_DIFF_SCAN"
	// #nosec G101 -- Not credentials.
	JfSecretValidationEnvVariable = "JF_VALIDATE_SECRETS"
)
View Source 
const (
	NoServerUrlWarn      = "" /* 191-byte string literal not displayed */
	NoServerDetailsError = "jfrog Server details are missing"
)

Variables

View Source 
var FakeBasicXrayResults = []services.ScanResponse{
	{
		ScanId: "scanId_1",
		Vulnerabilities: []services.Vulnerability{
			{IssueId: "issueId_1", Technology: techutils.Pipenv.String(),
				Cves:       []services.Cve{{Id: "testCve1"}, {Id: "testCve2"}, {Id: "testCve3"}},
				Components: map[string]services.Component{"issueId_1_direct_dependency": {}, "issueId_3_direct_dependency": {}}},
		},
		Violations: []services.Violation{
			{IssueId: "issueId_2", Technology: techutils.Pipenv.String(),
				Cves:       []services.Cve{{Id: "testCve4"}, {Id: "testCve5"}},
				Components: map[string]services.Component{"issueId_2_direct_dependency": {}, "issueId_4_direct_dependency": {}}},
		},
	},
}
View Source 
var FakeServerDetails = config.ServerDetails{
	Url:      "platformUrl",
	Password: "password",
	User:     "user",
}

Functions

func CheckForSecretValidation added in v1.10.0 

func CheckForSecretValidation(xrayManager *xray.XrayServicesManager, xrayVersion string, validateSecrets bool) bool

func CreateJFrogAppsConfig added in v1.4.0 

func CreateJFrogAppsConfig(workingDirs []string) (*jfrogappsconfig.JFrogAppsConfig, error)

func CreateScannerTempDirectory added in v1.4.0 

func CreateScannerTempDirectory(scanner *JasScanner, scanType string, threadId int) (string, error)

func CreateScannersConfigFile 

func CreateScannersConfigFile(fileName string, fileContent interface{}, scanType jasutils.JasScanType) error

func DownloadAnalyzerManagerIfNeeded added in v1.5.0 

func DownloadAnalyzerManagerIfNeeded(threadId int) error

Download the latest AnalyzerManager executable if not cached locally. By default, the zip is downloaded directly from jfrog releases.

func GetAnalyzerManagerDirAbsolutePath added in v1.5.0 

func GetAnalyzerManagerDirAbsolutePath() (string, error)

func GetAnalyzerManagerDownloadPath added in v1.5.0 

func GetAnalyzerManagerDownloadPath() (string, error)

func GetAnalyzerManagerEnvVariables added in v1.5.0 

func GetAnalyzerManagerEnvVariables(serverDetails *config.ServerDetails) (envVars map[string]string, err error)

func GetAnalyzerManagerExecutable added in v1.5.0 

func GetAnalyzerManagerExecutable() (analyzerManagerPath string, err error)

func GetAnalyzerManagerExecutableName added in v1.5.0 

func GetAnalyzerManagerExecutableName() string

func GetAnalyzerManagerExitCode added in v1.14.0 

func GetAnalyzerManagerExitCode(err error) int

func GetAnalyzerManagerVersion added in v1.5.0 

func GetAnalyzerManagerVersion() string

func GetAnalyzerManagerXscEnvVars added in v1.5.0 

func GetAnalyzerManagerXscEnvVars(newFlow bool, msi string, gitRepoUrl, projectKey string, watches []string, technologies ...techutils.Technology) map[string]string

func GetExcludePatterns 

func GetExcludePatterns(module jfrogappsconfig.Module, scanner *jfrogappsconfig.Scanner, centralConfigExclusions []string, cliExclusions ...string) []string

func GetModule added in v1.12.0 

func GetModule(root string, appConfig *jfrogappsconfig.JFrogAppsConfig) *jfrogappsconfig.Module

func GetSourceRoots 

func GetSourceRoots(module jfrogappsconfig.Module, scanner *jfrogappsconfig.Scanner) ([]string, error)

func GetStartJasScanLog added in v1.23.0 

func GetStartJasScanLog(scanType utils.SubScanType, threadId int, module jfrogappsconfig.Module, targetCount int) string

func GetTestDataPath 

func GetTestDataPath() string

func IsEntitledForJas 

func IsEntitledForJas(xrayManager *xray.XrayServicesManager, xrayVersion string) (entitled bool, err error)

func ParseAnalyzerManagerError added in v1.5.0 

func ParseAnalyzerManagerError(scanner jasutils.JasScanType, err error) (formatErr error)

func ReadJasScanRunsFromFile 

func ReadJasScanRunsFromFile(fileName, wd, informationUrlSuffix string, minSeverity severityutils.Severity) (vulnerabilitiesSarifRuns []*sarif.Run, violationsSarifRuns []*sarif.Run, err error)

func RunAnalyzerManagerWithPipes added in v1.26.3 

func RunAnalyzerManagerWithPipes(env map[string]string, cmd string, inputPipe io.Reader, outputPipe io.Writer, errorPipe io.Writer, timeout int, args ...string) error

RunAnalyzerManagerWithPipes runs the analyzer manager with the given command and pipes for stdin, stdout, and stderr. timeout is in seconds; if 0 or negative, the command runs until completion.

func RunAnalyzerManagerWithPipesAndDownload added in v1.26.3 

func RunAnalyzerManagerWithPipesAndDownload(envVars map[string]string, cmd string, inputPipe io.Reader, outputPipe io.Writer, errorPipe io.Writer, timeout int, args ...string) error

RunAnalyzerManagerWithPipesAndDownload downloads the analyzer manager if needed and runs the command with pipes.

func SaveScanResultsToCompareAsReport added in v1.18.0 

func SaveScanResultsToCompareAsReport(fileName string, runs ...*sarif.Run) error

func ShouldSkipScanner 

func ShouldSkipScanner(module jfrogappsconfig.Module, scanType jasutils.JasScanType) bool

func UpdateJasScannerWithExcludePatternsFromProfile added in v1.17.0 

func UpdateJasScannerWithExcludePatternsFromProfile(scanner *JasScanner, profile *clientservices.ConfigProfile)

Types

type AnalyzerManager added in v1.5.0 

type AnalyzerManager struct {
	AnalyzerManagerFullPath string
	MultiScanId             string
}

func (*AnalyzerManager) Exec added in v1.5.0 

func (am *AnalyzerManager) Exec(configFile, scanCommand, workingDir string, serverDetails *config.ServerDetails, envVars map[string]string) (err error)

func (*AnalyzerManager) ExecWithOutputFile added in v1.5.0 

func (am *AnalyzerManager) ExecWithOutputFile(configFile, scanCommand, workingDir, outputFile string, serverDetails *config.ServerDetails, envVars map[string]string) (err error)

type JasDiffScanEnvValue added in v1.18.0 

type JasDiffScanEnvValue string
const (
	NotDiffScanEnvValue        JasDiffScanEnvValue = ""
	FirstScanDiffScanEnvValue  JasDiffScanEnvValue = "first_scan"
	SecondScanDiffScanEnvValue JasDiffScanEnvValue = "second_scan"
)

func GetDiffScanTypeValue added in v1.18.0 

func GetDiffScanTypeValue(diffScan bool, resultsToCompare *results.SecurityCommandResults) JasDiffScanEnvValue

type JasScanner 

type JasScanner struct {
	TempDir               string
	AnalyzerManager       AnalyzerManager
	ServerDetails         *config.ServerDetails
	ScannerDirCleanupFunc func() error
	EnvVars               map[string]string
	DiffMode              bool
	ResultsToCompare      *results.SecurityCommandResults
	Exclusions            []string
	// This field contains scanner specific exclude patterns from Config Profile
	ScannersExclusions SpecificScannersExcludePatterns
	MinSeverity        severityutils.Severity
}

func InitJasTest 

func InitJasTest(t *testing.T) (*JasScanner, func())

func NewJasScanner 

func NewJasScanner(serverDetails *config.ServerDetails, options ...JasScannerOption) (scanner *JasScanner, err error)

func (*JasScanner) GetResultsToCompareByRelativePath added in v1.20.0 

func (js *JasScanner) GetResultsToCompareByRelativePath(relativeTarget string) (resultsToCompare *results.TargetResults)

func (*JasScanner) Run 

func (a *JasScanner) Run(scannerCmd ScannerCmd, module jfrogappsconfig.Module) (vulnerabilitiesSarifRuns []*sarif.Run, violationsSarifRuns []*sarif.Run, err error)

type JasScannerOption added in v1.18.0 

type JasScannerOption func(f *JasScanner) error

func WithEnvVars added in v1.18.0 

func WithEnvVars(validateSecrets bool, diffMode JasDiffScanEnvValue, envVars map[string]string) JasScannerOption

func WithExclusions added in v1.18.0 

func WithExclusions(exclusions ...string) JasScannerOption

func WithMinSeverity added in v1.18.0 

func WithMinSeverity(minSeverity severityutils.Severity) JasScannerOption

func WithResultsToCompare added in v1.18.0 

func WithResultsToCompare(resultsToCompare *results.SecurityCommandResults) JasScannerOption

type ScannerCmd 

type ScannerCmd interface {
	Run(module jfrogappsconfig.Module) (vulnerabilitiesSarifRuns []*sarif.Run, violationsSarifRuns []*sarif.Run, err error)
}

type SpecificScannersExcludePatterns added in v1.17.0 

type SpecificScannersExcludePatterns struct {
	ContextualAnalysisExcludePatterns []string
	SastExcludePatterns               []string
	SecretsExcludePatterns            []string
	IacExcludePatterns                []string
	MaliciousCodeExcludePatterns      []string
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.