Documentation
¶
Overview ¶
markdown.go provides Markdown formatting for security findings outputs.
register.go wires security findings MCP tools to the MCP server.
Package securityfindings implements MCP tool handlers for GitLab pipeline security report findings using the GraphQL API. This replaces the deprecated REST vulnerability_findings endpoint with the GraphQL Pipeline.securityReportFindings query.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FormatListMarkdown ¶
func FormatListMarkdown(out ListOutput) string
FormatListMarkdown renders a paginated list of security findings as Markdown.
func RegisterTools ¶
func RegisterTools(server *mcp.Server, client *gitlabclient.Client)
RegisterTools registers security findings tools on the MCP server.
Types ¶
type EvidenceItem ¶
type EvidenceItem struct {
Source string `json:"source,omitempty"`
Data string `json:"data,omitempty"`
}
EvidenceItem holds supporting evidence for a finding.
type FindingItem ¶
type FindingItem struct {
UUID string `json:"uuid"`
Name string `json:"name"`
Title string `json:"title,omitempty"`
Severity string `json:"severity"`
Confidence string `json:"confidence,omitempty"`
ReportType string `json:"report_type"`
Scanner *ScannerItem `json:"scanner,omitempty"`
Description string `json:"description,omitempty"`
Solution string `json:"solution,omitempty"`
Identifiers []IdentifierItem `json:"identifiers,omitempty"`
Location *LocationItem `json:"location,omitempty"`
State string `json:"state"`
Evidence *EvidenceItem `json:"evidence,omitempty"`
VulnID string `json:"vulnerability_id,omitempty"`
VulnState string `json:"vulnerability_state,omitempty"`
}
FindingItem represents a single security report finding from a pipeline scan.
type IdentifierItem ¶
type IdentifierItem struct {
Name string `json:"name"`
ExternalType string `json:"external_type,omitempty"`
ExternalID string `json:"external_id,omitempty"`
URL string `json:"url,omitempty"`
}
IdentifierItem represents a finding identifier (CVE, CWE, OWASP, etc.).
type ListInput ¶
type ListInput struct {
ProjectPath string `json:"project_path" jsonschema:"Full path of the project (e.g. my-group/my-project),required"`
PipelineIID string `json:"pipeline_iid" jsonschema:"Pipeline IID within the project,required"`
Severity []string `json:"severity,omitempty" jsonschema:"Filter by severity: CRITICAL, HIGH, MEDIUM, LOW, INFO, UNKNOWN"`
Confidence []string `json:"confidence,omitempty" jsonschema:"Filter by confidence: CONFIRMED, MEDIUM, LOW"`
Scanner []string `json:"scanner,omitempty" jsonschema:"Filter by scanner external IDs"`
ReportType []string `` /* 189-byte string literal not displayed */
toolutil.GraphQLPaginationInput
}
ListInput is the input for listing pipeline security report findings.
type ListOutput ¶
type ListOutput struct {
toolutil.HintableOutput
Findings []FindingItem `json:"findings"`
Pagination toolutil.GraphQLPaginationOutput `json:"pagination"`
}
ListOutput is the output for listing pipeline security report findings.
func List ¶
func List(ctx context.Context, client *gitlabclient.Client, input ListInput) (ListOutput, error)
List retrieves pipeline security report findings via the GitLab GraphQL API.
type LocationItem ¶
type LocationItem struct {
File string `json:"file,omitempty"`
StartLine int `json:"start_line,omitempty"`
EndLine int `json:"end_line,omitempty"`
BlobPath string `json:"blob_path,omitempty"`
}
LocationItem represents the code location where the finding was detected.
type ScannerItem ¶
type ScannerItem struct {
Name string `json:"name"`
Vendor string `json:"vendor,omitempty"`
ExternalID string `json:"external_id,omitempty"`
}
ScannerItem represents the scanner that produced the finding.
Source Files