controllers

package
v1.0.0-rc.15 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 8, 2026 License: AGPL-3.0 Imports: 56 Imported by: 0

Documentation

Overview

TODO: rename the package name to vuln

Index

Constants

This section is empty.

Variables

View Source 
var ControllerModule = fx.Options(

	fx.Provide(NewAssetController),
	fx.Provide(NewAssetVersionController),
	fx.Provide(NewArtifactController),
	fx.Provide(NewComponentController),

	fx.Provide(NewDependencyVulnController),
	fx.Provide(NewFirstPartyVulnController),
	fx.Provide(NewVulnEventController),
	fx.Provide(NewLicenseRiskController),

	fx.Provide(NewOrganizationController),
	fx.Provide(NewProjectController),

	fx.Provide(NewCSAFController),
	fx.Provide(NewComplianceController),
	fx.Provide(NewAttestationController),
	fx.Provide(NewInToToController),
	fx.Provide(NewPolicyController),

	fx.Provide(NewIntegrationController),
	fx.Provide(NewVulnDBController),
	fx.Provide(NewWebhookController),

	fx.Provide(NewReleaseController),
	fx.Provide(NewStatisticsController),

	fx.Provide(NewPatController),
	fx.Provide(NewScanController),

	fx.Provide(ProvideDependencyProxyConfig),
	fx.Provide(fx.Annotate(ProvideMaliciousPackageChecker, fx.As(new(shared.MaliciousPackageChecker)))),
	fx.Provide(NewDependencyProxyController),
)

ControllerModule provides all HTTP controller constructors

Functions

func FetchMembersOfProject 

func FetchMembersOfProject(ctx shared.Context) ([]dtos.UserDTO, error)

func ProvideMaliciousPackageChecker 

func ProvideMaliciousPackageChecker(
	db shared.DB,
	leaderElector shared.LeaderElector,
) *vulndb.MaliciousPackageChecker

ProvideMaliciousPackageChecker creates the malicious package checker

Types

type ArtifactController 

type ArtifactController struct {

	// mark public to let it be overridden in tests
	utils.FireAndForgetSynchronizer
	shared.ScanService
	// contains filtered or unexported fields
}

func NewArtifactController 

func NewArtifactController(artifactRepository shared.ArtifactRepository, artifactService shared.ArtifactService, assetVersionService shared.AssetVersionService, dependencyVulnService shared.DependencyVulnService, statisticsService shared.StatisticsService, componentService shared.ComponentService, scanService shared.ScanService, synchronizer utils.FireAndForgetSynchronizer, dependencyVulnRepository shared.DependencyVulnRepository) *ArtifactController

func (*ArtifactController) Create 

func (c *ArtifactController) Create(ctx shared.Context) error

func (*ArtifactController) DeleteArtifact 

func (c *ArtifactController) DeleteArtifact(ctx shared.Context) error

func (*ArtifactController) SyncExternalSources 

func (c *ArtifactController) SyncExternalSources(ctx shared.Context) error

func (*ArtifactController) UpdateArtifact 

func (c *ArtifactController) UpdateArtifact(ctx shared.Context) error

type AssetController 

type AssetController struct {
	utils.FireAndForgetSynchronizer
	// contains filtered or unexported fields
}

func NewAssetController 

func NewAssetController(repository shared.AssetRepository, assetVersionRepository shared.AssetVersionRepository, assetService shared.AssetService, dependencyVulnService shared.DependencyVulnService, statisticsService shared.StatisticsService, thirdPartyIntegration shared.IntegrationAggregate, synchronizer utils.FireAndForgetSynchronizer, daemonRunner shared.DaemonRunner) *AssetController

func (*AssetController) AttachSigningKey 

func (a *AssetController) AttachSigningKey(ctx shared.Context) error

func (*AssetController) ChangeRole 

func (a *AssetController) ChangeRole(c shared.Context) error

func (*AssetController) Create 

func (a *AssetController) Create(ctx shared.Context) error

func (*AssetController) Delete 

func (a *AssetController) Delete(ctx shared.Context) error

func (*AssetController) GetBadges 

func (a *AssetController) GetBadges(ctx shared.Context) error

func (*AssetController) GetConfigFile 

func (a *AssetController) GetConfigFile(ctx shared.Context) error

func (*AssetController) GetSecrets 

func (a *AssetController) GetSecrets(ctx shared.Context) error

func (*AssetController) HandleLookup 

func (a *AssetController) HandleLookup(ctx shared.Context) error

func (*AssetController) InviteMembers 

func (a *AssetController) InviteMembers(c shared.Context) error

func (*AssetController) List 

func (a *AssetController) List(ctx shared.Context) error

func (*AssetController) Members 

func (a *AssetController) Members(c shared.Context) error

func (*AssetController) Read 

func (a *AssetController) Read(ctx shared.Context) error

func (*AssetController) RemoveMember 

func (a *AssetController) RemoveMember(c shared.Context) error

func (*AssetController) RunDaemonPipeline 

func (a *AssetController) RunDaemonPipeline(ctx shared.Context) error

func (*AssetController) Update 

func (a *AssetController) Update(ctx shared.Context) error

type AssetVersionController 

type AssetVersionController struct {
	// contains filtered or unexported fields
}

func NewAssetVersionController 

func NewAssetVersionController(
	assetVersionRepository shared.AssetVersionRepository,
	assetVersionService shared.AssetVersionService,
	dependencyVulnRepository shared.DependencyVulnRepository,
	componentRepository shared.ComponentRepository,
	dependencyVulnService shared.DependencyVulnService,
	supplyChainRepository shared.SupplyChainRepository,
	licenseRiskRepository shared.LicenseRiskRepository,
	componentService shared.ComponentService,
	statisticsService shared.StatisticsService,
	artifactService shared.ArtifactService,
) *AssetVersionController

func (*AssetVersionController) AffectedComponents 

func (a *AssetVersionController) AffectedComponents(ctx shared.Context) error

func (*AssetVersionController) BuildPDFFromSBOM 

func (a *AssetVersionController) BuildPDFFromSBOM(ctx shared.Context) error

func (*AssetVersionController) BuildVulnerabilityReportPDF 

func (a *AssetVersionController) BuildVulnerabilityReportPDF(ctx shared.Context) error

func (*AssetVersionController) Create 

func (a *AssetVersionController) Create(ctx shared.Context) error

func (*AssetVersionController) Delete 

func (a *AssetVersionController) Delete(ctx shared.Context) error

Function to delete provided asset version

func (*AssetVersionController) DependencyGraph 

func (a *AssetVersionController) DependencyGraph(ctx shared.Context) error

func (*AssetVersionController) GetAssetVersionsByAssetID 

func (a *AssetVersionController) GetAssetVersionsByAssetID(ctx shared.Context) error

func (*AssetVersionController) GetDependencyPathFromPURL 

func (a *AssetVersionController) GetDependencyPathFromPURL(ctx shared.Context) error

function to return a graph of all dependencies which lead to the requested pURL

func (*AssetVersionController) ListArtifacts 

func (a *AssetVersionController) ListArtifacts(ctx shared.Context) error

func (*AssetVersionController) MakeDefault 

func (a *AssetVersionController) MakeDefault(ctx shared.Context) error

func (*AssetVersionController) Metrics 

func (a *AssetVersionController) Metrics(ctx shared.Context) error

func (*AssetVersionController) OpenVEXJSON 

func (a *AssetVersionController) OpenVEXJSON(ctx shared.Context) error

func (*AssetVersionController) Read 

func (a *AssetVersionController) Read(ctx shared.Context) error

func (*AssetVersionController) ReadRootNodes 

func (a *AssetVersionController) ReadRootNodes(ctx shared.Context) error

func (*AssetVersionController) RefetchLicenses 

func (a *AssetVersionController) RefetchLicenses(ctx shared.Context) error

RefetchLicenses forces re-fetching license information for all components of the current asset version

func (*AssetVersionController) SBOMJSON 

func (a *AssetVersionController) SBOMJSON(ctx shared.Context) error

func (*AssetVersionController) SBOMXML 

func (a *AssetVersionController) SBOMXML(ctx shared.Context) error

func (*AssetVersionController) VEXJSON 

func (a *AssetVersionController) VEXJSON(ctx shared.Context) error

func (*AssetVersionController) VEXXML 

func (a *AssetVersionController) VEXXML(ctx shared.Context) error

type AttestationController 

type AttestationController struct {
	// contains filtered or unexported fields
}

func NewAttestationController 

func NewAttestationController(repository shared.AttestationRepository, assetVersionRepository shared.AssetVersionRepository, artifactRepository shared.ArtifactRepository) *AttestationController

func (*AttestationController) Create 

func (a *AttestationController) Create(ctx shared.Context) error

func (*AttestationController) List 

func (a *AttestationController) List(ctx shared.Context) error

type CSAFController 

type CSAFController struct {
	// contains filtered or unexported fields
}

func NewCSAFController 

func NewCSAFController(dependencyVulnRepository shared.DependencyVulnRepository, vulnEventRepository shared.VulnEventRepository, assetVersionRepository shared.AssetVersionRepository, assetRepository shared.AssetRepository, projectRepository shared.ProjectRepository, organizationRepository shared.OrganizationRepository, cveRepository shared.CveRepository, artifactRepository shared.ArtifactRepository) *CSAFController

func (*CSAFController) GetAggregatorJSON 

func (controller *CSAFController) GetAggregatorJSON(ctx shared.Context) error

returns the aggregator file which points to all public organizations provider-metadata files

func (*CSAFController) GetCSAFIndexHTML 

func (controller *CSAFController) GetCSAFIndexHTML(ctx shared.Context) error

returns the html to display each subdirectory present under the csaf url

func (*CSAFController) GetChangesCSVFile 

func (controller *CSAFController) GetChangesCSVFile(ctx shared.Context) error

builds and returns the changes.csv file, containing all reports ordered by release dates

func (*CSAFController) GetIndexFile 

func (controller *CSAFController) GetIndexFile(ctx shared.Context) error

builds and returns the index.txt file, listing all csaf reports currently available

func (*CSAFController) GetOpenPGPFile 

func (controller *CSAFController) GetOpenPGPFile(ctx shared.Context) error

handles request to files placed in the openpgp directory (currently public key and the respective sha512 hash)

func (*CSAFController) GetOpenPGPHTML 

func (controller *CSAFController) GetOpenPGPHTML(ctx shared.Context) error

return the html used to display all openpgp related keys and hashes

func (*CSAFController) GetProviderMetadataForOrganization 

func (controller *CSAFController) GetProviderMetadataForOrganization(ctx shared.Context) error

returns the provider-metadata file for an organization which points to each assets provider-metadata

func (*CSAFController) GetReportsByYearHTML 

func (controller *CSAFController) GetReportsByYearHTML(ctx shared.Context) error

builds and returns the html to display every csaf version of a given year as well as the signature and hash

func (*CSAFController) GetTLPWhiteEntriesHTML 

func (controller *CSAFController) GetTLPWhiteEntriesHTML(ctx shared.Context) error

builds and returns the html used to display every directory in the tlp white folder

func (*CSAFController) ServeCSAFReportRequest 

func (controller *CSAFController) ServeCSAFReportRequest(ctx shared.Context) error

handles all requests directed at a specific csaf report version, including the csaf report itself as well as the respective hash and signature

type ComplianceController 

type ComplianceController struct {
	// contains filtered or unexported fields
}

func NewComplianceController 

func NewComplianceController(assetVersionRepository shared.AssetVersionRepository, attestationRepository shared.AttestationRepository, policyRepository shared.PolicyRepository) *ComplianceController

func (*ComplianceController) AssetCompliance 

func (c *ComplianceController) AssetCompliance(ctx shared.Context) error

func (*ComplianceController) Details 

func (c *ComplianceController) Details(ctx shared.Context) error

func (*ComplianceController) ProjectCompliance 

func (c *ComplianceController) ProjectCompliance(ctx shared.Context) error

type ComponentController 

type ComponentController struct {
	// contains filtered or unexported fields
}

func NewComponentController 

func NewComponentController(componentRepository shared.ComponentRepository, assetVersionRepository shared.AssetVersionRepository, licenseOverwriteRepository shared.LicenseRiskRepository, projectRepository shared.ProjectRepository) *ComponentController

func (ComponentController) LicenseDistribution 

func (ComponentController ComponentController) LicenseDistribution(ctx shared.Context) error

func (ComponentController) ListPaged 

func (ComponentController ComponentController) ListPaged(ctx shared.Context) error

func (ComponentController) SearchComponentOccurrences 

func (ComponentController ComponentController) SearchComponentOccurrences(ctx shared.Context) error

type DependencyProxyConfig 

type DependencyProxyConfig struct {
	CacheDir string
}

func ProvideDependencyProxyConfig 

func ProvideDependencyProxyConfig() DependencyProxyConfig

ProvideDependencyProxyConfig creates the configuration for the dependency proxy

type DependencyProxyController 

type DependencyProxyController struct {
	// contains filtered or unexported fields
}

func NewDependencyProxyController 

func NewDependencyProxyController(
	config DependencyProxyConfig,
	maliciousChecker shared.MaliciousPackageChecker,
) *DependencyProxyController

func (*DependencyProxyController) CacheDataWithIntegrity 

func (d *DependencyProxyController) CacheDataWithIntegrity(cachePath string, data []byte) error

CacheDataWithIntegrity stores data and its SHA256 hash for integrity verification

func (*DependencyProxyController) ExtractNPMVersionFromMetadata 

func (d *DependencyProxyController) ExtractNPMVersionFromMetadata(data []byte) string

ExtractNPMVersionFromMetadata parses NPM package metadata JSON and extracts the "latest" version This is used when npx or npm install is called without a specific version

func (*DependencyProxyController) ParsePackageFromPath 

func (d *DependencyProxyController) ParsePackageFromPath(proxyType ProxyType, path string) (string, string)

func (*DependencyProxyController) ProxyGo 

func (d *DependencyProxyController) ProxyGo(c shared.Context) error

func (*DependencyProxyController) ProxyNPM 

func (d *DependencyProxyController) ProxyNPM(c shared.Context) error

func (*DependencyProxyController) ProxyNPMAudit 

func (d *DependencyProxyController) ProxyNPMAudit(c shared.Context) error

func (*DependencyProxyController) ProxyPyPI 

func (d *DependencyProxyController) ProxyPyPI(c shared.Context) error

func (*DependencyProxyController) VerifyCacheIntegrity 

func (d *DependencyProxyController) VerifyCacheIntegrity(cachePath string, data []byte) bool

VerifyCacheIntegrity checks if the cached data matches its stored hash

type DependencyVulnController 

type DependencyVulnController struct {

	// mark public to let it be overridden in tests
	utils.FireAndForgetSynchronizer
	// contains filtered or unexported fields
}

func NewDependencyVulnController 

func NewDependencyVulnController(dependencyVulnRepository shared.DependencyVulnRepository, dependencyVulnService shared.DependencyVulnService, projectService shared.ProjectService, statisticsService shared.StatisticsService, vulnEventRepository shared.VulnEventRepository, synchronizer utils.FireAndForgetSynchronizer) *DependencyVulnController

func (DependencyVulnController) CreateEvent 

func (controller DependencyVulnController) CreateEvent(ctx shared.Context) error

func (DependencyVulnController) Hints 

func (controller DependencyVulnController) Hints(ctx shared.Context) error

func (DependencyVulnController) ListByAssetIDWithoutHandledExternalEventsPaged 

func (controller DependencyVulnController) ListByAssetIDWithoutHandledExternalEventsPaged(ctx shared.Context) error

func (DependencyVulnController) ListByOrgPaged 

func (controller DependencyVulnController) ListByOrgPaged(ctx shared.Context) error

func (DependencyVulnController) ListByProjectPaged 

func (controller DependencyVulnController) ListByProjectPaged(ctx shared.Context) error

func (DependencyVulnController) ListPaged 

func (controller DependencyVulnController) ListPaged(ctx shared.Context) error

func (DependencyVulnController) Mitigate 

func (controller DependencyVulnController) Mitigate(ctx shared.Context) error

func (DependencyVulnController) Read 

func (controller DependencyVulnController) Read(ctx shared.Context) error

func (DependencyVulnController) SyncDependencyVulns 

func (controller DependencyVulnController) SyncDependencyVulns(ctx shared.Context) error

type DependencyVulnStatus 

type DependencyVulnStatus struct {
	StatusType              string                           `json:"status"`
	Justification           string                           `json:"justification"`
	MechanicalJustification dtos.MechanicalJustificationType `json:"mechanicalJustification"`
}

type FirstPartyVulnController 

type FirstPartyVulnController struct {
	// contains filtered or unexported fields
}

func NewFirstPartyVulnController 

func NewFirstPartyVulnController(firstPartyVulnRepository shared.FirstPartyVulnRepository, firstPartyVulnService shared.FirstPartyVulnService, projectService shared.ProjectService) *FirstPartyVulnController

func (FirstPartyVulnController) CreateEvent 

func (c FirstPartyVulnController) CreateEvent(ctx shared.Context) error

func (FirstPartyVulnController) ListByOrgPaged 

func (c FirstPartyVulnController) ListByOrgPaged(ctx shared.Context) error

func (FirstPartyVulnController) ListByProjectPaged 

func (c FirstPartyVulnController) ListByProjectPaged(ctx shared.Context) error

func (FirstPartyVulnController) ListPaged 

func (c FirstPartyVulnController) ListPaged(ctx shared.Context) error

func (FirstPartyVulnController) Mitigate 

func (c FirstPartyVulnController) Mitigate(ctx shared.Context) error

func (FirstPartyVulnController) Read 

func (c FirstPartyVulnController) Read(ctx shared.Context) error

func (FirstPartyVulnController) Sarif 

func (c FirstPartyVulnController) Sarif(ctx shared.Context) error

type FirstPartyVulnStatus 

type FirstPartyVulnStatus struct {
	StatusType              string                           `json:"status"`
	Justification           string                           `json:"justification"`
	MechanicalJustification dtos.MechanicalJustificationType `json:"mechanicalJustification"`
}

type InToToController 

type InToToController struct {
	// contains filtered or unexported fields
}

func NewInToToController 

func NewInToToController(repository shared.InTotoLinkRepository, supplyChainRepository shared.SupplyChainRepository, assetVersionRepository shared.AssetVersionRepository, patRepository shared.PersonalAccessTokenRepository, inTotoVerifierService shared.InTotoVerifierService) *InToToController

func (*InToToController) Create 

func (a *InToToController) Create(ctx shared.Context) error

func (*InToToController) Read 

func (a *InToToController) Read(ctx shared.Context) error

func (*InToToController) RootLayout 

func (a *InToToController) RootLayout(ctx shared.Context) error

func (*InToToController) VerifySupplyChain 

func (a *InToToController) VerifySupplyChain(ctx shared.Context) error

type IntegrationController 

type IntegrationController struct {
	// contains filtered or unexported fields
}

func NewIntegrationController 

func NewIntegrationController(gitlabOauth2Integration map[string]*gitlabint.GitlabOauth2Config) *IntegrationController

func (*IntegrationController) AutoSetup 

func (c *IntegrationController) AutoSetup(ctx shared.Context) error

func (*IntegrationController) DeleteGitLabAccessToken 

func (c *IntegrationController) DeleteGitLabAccessToken(ctx shared.Context) error

func (*IntegrationController) DeleteJiraAccessToken 

func (c *IntegrationController) DeleteJiraAccessToken(ctx shared.Context) error

func (*IntegrationController) FinishInstallation 

func (c *IntegrationController) FinishInstallation(ctx shared.Context) error

func (*IntegrationController) GitLabOauth2Callback 

func (c *IntegrationController) GitLabOauth2Callback(ctx shared.Context) error

func (*IntegrationController) GitLabOauth2Login 

func (c *IntegrationController) GitLabOauth2Login(ctx shared.Context) error

func (*IntegrationController) HandleWebhook 

func (c *IntegrationController) HandleWebhook(ctx shared.Context) error

func (*IntegrationController) ListRepositories 

func (c *IntegrationController) ListRepositories(ctx shared.Context) error

func (*IntegrationController) TestAndSaveGitlabIntegration 

func (c *IntegrationController) TestAndSaveGitlabIntegration(ctx shared.Context) error

func (*IntegrationController) TestAndSaveJiraIntegration 

func (c *IntegrationController) TestAndSaveJiraIntegration(ctx shared.Context) error

type LicenseRiskController 

type LicenseRiskController struct {
	// contains filtered or unexported fields
}

func NewLicenseRiskController 

func NewLicenseRiskController(licenseOverwriteRepository shared.LicenseRiskRepository, LicenseRiskService shared.LicenseRiskService) *LicenseRiskController

func (LicenseRiskController) Create 

func (controller LicenseRiskController) Create(ctx shared.Context) error

func (LicenseRiskController) CreateEvent 

func (controller LicenseRiskController) CreateEvent(ctx shared.Context) error

func (LicenseRiskController) GetComponentOverwriteForAssetVersion 

func (controller LicenseRiskController) GetComponentOverwriteForAssetVersion(assetID uuid.UUID, assetVersionName string, pURL string) (models.LicenseRisk, error)

func (LicenseRiskController) ListPaged 

func (controller LicenseRiskController) ListPaged(ctx shared.Context) error

func (LicenseRiskController) MakeFinalLicenseDecision 

func (controller LicenseRiskController) MakeFinalLicenseDecision(ctx shared.Context) error

func (LicenseRiskController) Mitigate 

func (controller LicenseRiskController) Mitigate(ctx shared.Context) error

func (LicenseRiskController) Read 

func (controller LicenseRiskController) Read(ctx shared.Context) error

type LicenseRiskStatus 

type LicenseRiskStatus struct {
	StatusType              string                           `json:"status"`
	Justification           string                           `json:"justification"`
	MechanicalJustification dtos.MechanicalJustificationType `json:"mechanicalJustification"`
}

type OrgController 

type OrgController struct {
	// contains filtered or unexported fields
}

func NewOrganizationController 

func NewOrganizationController(repository shared.OrganizationRepository, orgService shared.OrgService, rbacProvider shared.RBACProvider, projectService shared.ProjectService, invitationRepository shared.InvitationRepository) *OrgController

func (*OrgController) AcceptInvitation 

func (controller *OrgController) AcceptInvitation(ctx shared.Context) error

func (*OrgController) ChangeRole 

func (controller *OrgController) ChangeRole(ctx shared.Context) error

func (*OrgController) ContentTree 

func (controller *OrgController) ContentTree(ctx shared.Context) error

func (*OrgController) Create 

func (controller *OrgController) Create(ctx shared.Context) error

func (*OrgController) Delete 

func (controller *OrgController) Delete(ctx shared.Context) error

func (*OrgController) GetConfigFile 

func (controller *OrgController) GetConfigFile(ctx shared.Context) error

func (*OrgController) InviteMember 

func (controller *OrgController) InviteMember(ctx shared.Context) error

func (*OrgController) List 

func (controller *OrgController) List(ctx shared.Context) error

func (*OrgController) Members 

func (controller *OrgController) Members(ctx shared.Context) error

func (*OrgController) Metrics 

func (controller *OrgController) Metrics(ctx shared.Context) error

func (*OrgController) Read 

func (controller *OrgController) Read(ctx shared.Context) error

func (*OrgController) RemoveMember 

func (controller *OrgController) RemoveMember(ctx shared.Context) error

func (*OrgController) Update 

func (controller *OrgController) Update(ctx shared.Context) error

type PatController 

type PatController struct {
	// contains filtered or unexported fields
}

func NewPatController 

func NewPatController(service shared.PersonalAccessTokenService, repository shared.PersonalAccessTokenRepository) *PatController

func (*PatController) Create 

func (p *PatController) Create(c shared.Context) error

func (*PatController) Delete 

func (p *PatController) Delete(c shared.Context) error

func (*PatController) List 

func (p *PatController) List(c shared.Context) error

func (*PatController) RevokeByPrivateKey 

func (p *PatController) RevokeByPrivateKey(c shared.Context) error

type PolicyController 

type PolicyController struct {
	// contains filtered or unexported fields
}

func NewPolicyController 

func NewPolicyController(policyRepository shared.PolicyRepository, projectRepository shared.ProjectRepository) *PolicyController

func (*PolicyController) CreatePolicy 

func (c *PolicyController) CreatePolicy(ctx shared.Context) error

func (*PolicyController) DeletePolicy 

func (c *PolicyController) DeletePolicy(ctx shared.Context) error

func (*PolicyController) DisablePolicyForProject 

func (c *PolicyController) DisablePolicyForProject(ctx shared.Context) error

func (*PolicyController) EnablePolicyForProject 

func (c *PolicyController) EnablePolicyForProject(ctx shared.Context) error

func (*PolicyController) GetOrganizationPolicies 

func (c *PolicyController) GetOrganizationPolicies(ctx shared.Context) error

func (*PolicyController) GetPolicy 

func (c *PolicyController) GetPolicy(ctx shared.Context) error

func (*PolicyController) GetProjectPolicies 

func (c *PolicyController) GetProjectPolicies(ctx shared.Context) error

func (*PolicyController) UpdatePolicy 

func (c *PolicyController) UpdatePolicy(ctx shared.Context) error

type ProjectController 

type ProjectController struct {
	// contains filtered or unexported fields
}

func NewProjectController 

func NewProjectController(repository shared.ProjectRepository, assetRepository shared.AssetRepository, projectService shared.ProjectService, webhookRepository shared.WebhookIntegrationRepository) *ProjectController

func (*ProjectController) ChangeRole 

func (ProjectController *ProjectController) ChangeRole(c shared.Context) error

func (*ProjectController) Create 

func (ProjectController *ProjectController) Create(ctx shared.Context) error

func (*ProjectController) Delete 

func (ProjectController *ProjectController) Delete(c shared.Context) error

func (*ProjectController) GetConfigFile 

func (ProjectController *ProjectController) GetConfigFile(ctx shared.Context) error

func (*ProjectController) InviteMembers 

func (ProjectController *ProjectController) InviteMembers(c shared.Context) error

func (*ProjectController) List 

func (ProjectController *ProjectController) List(c shared.Context) error

func (*ProjectController) Members 

func (ProjectController *ProjectController) Members(c shared.Context) error

func (*ProjectController) Read 

func (ProjectController *ProjectController) Read(c shared.Context) error

func (*ProjectController) RemoveMember 

func (ProjectController *ProjectController) RemoveMember(c shared.Context) error

func (*ProjectController) Update 

func (ProjectController *ProjectController) Update(c shared.Context) error

type ProxyType 

type ProxyType string
const (
	NPMProxy  ProxyType = "npm"
	GoProxy   ProxyType = "go"
	PyPIProxy ProxyType = "pypi"
)

type ReleaseController 

type ReleaseController struct {
	// contains filtered or unexported fields
}

func NewReleaseController 

func NewReleaseController(service shared.ReleaseService, avService shared.AssetVersionService, avRepo shared.AssetVersionRepository, compRepo shared.ComponentRepository, licRepo shared.LicenseRiskRepository, dvRepo shared.DependencyVulnRepository, assetRepository shared.AssetRepository) *ReleaseController

func (*ReleaseController) AddItem 

func (h *ReleaseController) AddItem(c shared.Context) error

add item to a release (artifact or child release)

func (*ReleaseController) Create 

func (h *ReleaseController) Create(c shared.Context) error

func (*ReleaseController) Delete 

func (h *ReleaseController) Delete(c shared.Context) error

func (*ReleaseController) List 

func (h *ReleaseController) List(c shared.Context) error

func (*ReleaseController) ListCandidates 

func (h *ReleaseController) ListCandidates(c shared.Context) error

func (*ReleaseController) Read 

func (h *ReleaseController) Read(c shared.Context) error

func (*ReleaseController) RemoveItem 

func (h *ReleaseController) RemoveItem(c shared.Context) error

remove an item from a release

func (*ReleaseController) SBOMJSON 

func (h *ReleaseController) SBOMJSON(c shared.Context) error

SBOMJSON returns a merged CycloneDX BOM for a release in JSON format.

func (*ReleaseController) SBOMXML 

func (h *ReleaseController) SBOMXML(c shared.Context) error

SBOMXML returns a merged CycloneDX BOM for a release in XML format.

func (*ReleaseController) Update 

func (h *ReleaseController) Update(c shared.Context) error

func (*ReleaseController) VEXJSON 

func (h *ReleaseController) VEXJSON(c shared.Context) error

VEXJSON currently returns the merged CycloneDX BOM as JSON for compatibility.

func (*ReleaseController) VEXXML 

func (h *ReleaseController) VEXXML(c shared.Context) error

VEXXML currently returns the merged CycloneDX BOM as XML for compatibility.

type ScanController 

type ScanController struct {
	shared.ScanService
	// mark public to let it be overridden in tests
	utils.FireAndForgetSynchronizer
	// contains filtered or unexported fields
}

func NewScanController 

func NewScanController(scanService shared.ScanService, componentRepository shared.ComponentRepository, assetRepository shared.AssetRepository, assetVersionRepository shared.AssetVersionRepository, assetVersionService shared.AssetVersionService, statisticsService shared.StatisticsService, dependencyVulnService shared.DependencyVulnService, firstPartyVulnService shared.FirstPartyVulnService, artifactService shared.ArtifactService, dependencyVulnRepository shared.DependencyVulnRepository, synchronizer utils.FireAndForgetSynchronizer) *ScanController

func (*ScanController) DependencyVulnScan 

func (s *ScanController) DependencyVulnScan(c shared.Context, bom *cdx.BOM) (dtos.ScanResponse, error)

func (*ScanController) FirstPartyVulnScan 

func (s *ScanController) FirstPartyVulnScan(ctx shared.Context) error

func (*ScanController) ScanDependencyVulnFromProject 

func (s *ScanController) ScanDependencyVulnFromProject(c shared.Context) error

func (*ScanController) ScanSbomFile 

func (s *ScanController) ScanSbomFile(c shared.Context) error

func (ScanController) UploadVEX 

func (s ScanController) UploadVEX(ctx shared.Context) error

UploadVEX accepts a multipart file upload (field name "file") containing an OpenVEX JSON document. It updates existing dependency vulnerabilities on the target asset version and creates vuln events.

type StatisticsController 

type StatisticsController struct {
	// contains filtered or unexported fields
}

func NewStatisticsController 

func NewStatisticsController(statisticsService shared.StatisticsService, statisticsRepository shared.StatisticsRepository, assetRepository shared.AssetRepository, assetVersionRepository shared.AssetVersionRepository, projectService shared.ProjectService) *StatisticsController

func (*StatisticsController) GetArtifactRiskHistory 

func (c *StatisticsController) GetArtifactRiskHistory(ctx shared.Context) error

func (*StatisticsController) GetAverageFixingTime 

func (c *StatisticsController) GetAverageFixingTime(ctx shared.Context) error

func (*StatisticsController) GetAverageReleaseFixingTime 

func (c *StatisticsController) GetAverageReleaseFixingTime(ctx shared.Context) error

GetAverageReleaseFixingTime returns the average fixing time (seconds) for a release across all included artifacts

func (*StatisticsController) GetCVESWithKnownExploits 

func (c *StatisticsController) GetCVESWithKnownExploits(ctx shared.Context) error

func (*StatisticsController) GetComponentRisk 

func (c *StatisticsController) GetComponentRisk(ctx shared.Context) error

func (*StatisticsController) GetReleaseRiskHistory 

func (c *StatisticsController) GetReleaseRiskHistory(ctx shared.Context) error

GetReleaseRiskHistory returns aggregated artifact risk history for a given release

type VulnDBController 

type VulnDBController struct {
	// contains filtered or unexported fields
}

func NewVulnDBController 

func NewVulnDBController(cveRepository shared.CveRepository) *VulnDBController

func (VulnDBController) ListPaged 

func (c VulnDBController) ListPaged(ctx shared.Context) error

@Summary List all CVEs with pagination @Description Get a paginated list of CVEs with optional filtering and sorting @Tags CVE @Produce json @Param page query int false "Page number" @Param limit query int false "Number of items per page" @Param sort query string false "Sort by field, e.g. 'sort[cve]=asc" @Param filter query string false "Filter query, e.g. 'filterQuery[cvss][is greater than]=4'" @Param confidentialityRequirements query string false "Confidentiality Requirements (low, medium, high), default is medium" @Param integrityRequirements query string false "Integrity Requirements (low, medium, high), default is medium" @Param availabilityRequirements query string false "Availability Requirements (low, medium, high), default is medium" @Success 200 {object} object{pageSize=int,page=int,total=int,data=[]models.CVE} "A paginated list of CVEs" @Failure 500 {object} object{message=string} "Internal server error" @Router /vulndb [get]

func (VulnDBController) Read 

func (c VulnDBController) Read(ctx shared.Context) error

@Summary Get a specific CVE by ID @Description Retrieve details of a specific CVE by its ID, including risk and vector calculations @Tags CVE @Produce json @Param cveID path string true "CVE ID" @Param confidentialityRequirements query string false "Confidentiality Requirements (low, medium, high), default is medium" @Param integrityRequirements query string false "Integrity Requirements (low, medium, high), default is medium" @Param availabilityRequirements query string false "Availability Requirements (low, medium, high), default is medium" @Success 200 {object} models.CVE "Details of the specified CVE" @Failure 500 {object} object{message=string} "Internal server error" @Router /vulndb/{cveID}/ [get]

type VulnEventController 

type VulnEventController struct {
	// contains filtered or unexported fields
}

func NewVulnEventController 

func NewVulnEventController(vulnEventRepository shared.VulnEventRepository, assetVersionRepository shared.AssetVersionRepository) *VulnEventController

func (VulnEventController) DeleteEventByID 

func (c VulnEventController) DeleteEventByID(ctx shared.Context) error

func (VulnEventController) ReadAssetEventsByVulnID 

func (c VulnEventController) ReadAssetEventsByVulnID(ctx shared.Context) error

func (VulnEventController) ReadEventsByAssetIDAndAssetVersionName 

func (c VulnEventController) ReadEventsByAssetIDAndAssetVersionName(ctx shared.Context) error

type WebhookController 

type WebhookController struct {
	// contains filtered or unexported fields
}

func NewWebhookController 

func NewWebhookController(db shared.DB) *WebhookController

func (*WebhookController) CompareIssueStatesAndResolveDifferences 

func (w *WebhookController) CompareIssueStatesAndResolveDifferences(asset models.Asset, vulnsWithTickets []models.DependencyVuln) error

func (*WebhookController) CreateIssue 

func (w *WebhookController) CreateIssue(ctx context.Context, asset models.Asset, assetVersionName string, vuln models.Vuln, projectSlug string, orgSlug string, justification string, userID string) error

func (*WebhookController) CreateLabels 

func (w *WebhookController) CreateLabels(ctx context.Context, asset models.Asset) error

func (*WebhookController) Delete 

func (w *WebhookController) Delete(ctx shared.Context) error

func (*WebhookController) GetID 

func (w *WebhookController) GetID() shared.IntegrationID

func (*WebhookController) GetRoleInGroup 

func (w *WebhookController) GetRoleInGroup(ctx context.Context, userID string, providerID string, groupID string) (string, error)

func (*WebhookController) GetRoleInProject 

func (w *WebhookController) GetRoleInProject(ctx context.Context, userID string, providerID string, projectID string) (string, error)

func (*WebhookController) GetUsers 

func (w *WebhookController) GetUsers(org models.Org) []dtos.UserDTO

func (*WebhookController) HandleEvent 

func (w *WebhookController) HandleEvent(event any) error

func (*WebhookController) HandleWebhook 

func (w *WebhookController) HandleWebhook(ctx shared.Context) error

func (*WebhookController) HasAccessToExternalEntityProvider 

func (w *WebhookController) HasAccessToExternalEntityProvider(ctx shared.Context, externalEntityProviderID string) (bool, error)

func (*WebhookController) ListGroups 

func (w *WebhookController) ListGroups(ctx context.Context, userID string, providerID string) ([]models.Project, []shared.Role, error)

func (*WebhookController) ListOrgs 

func (w *WebhookController) ListOrgs(ctx shared.Context) ([]models.Org, error)

func (*WebhookController) ListProjects 

func (w *WebhookController) ListProjects(ctx context.Context, userID string, providerID string, groupID string) ([]models.Asset, []shared.Role, error)

func (*WebhookController) ListRepositories 

func (w *WebhookController) ListRepositories(ctx shared.Context) ([]dtos.GitRepository, error)

func (*WebhookController) Save 

func (w *WebhookController) Save(ctx shared.Context) error

func (*WebhookController) Test 

func (w *WebhookController) Test(ctx shared.Context) error

func (*WebhookController) Update 

func (w *WebhookController) Update(ctx shared.Context) error

func (*WebhookController) UpdateIssue 

func (w *WebhookController) UpdateIssue(ctx context.Context, asset models.Asset, assetVersionSlug string, vuln models.Vuln) error

func (*WebhookController) WantsToHandleWebhook 

func (w *WebhookController) WantsToHandleWebhook(ctx shared.Context) bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.