Documentation
¶
Overview ¶
Copyright (C) 2024 Tim Bastin, l3montree GmbH
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
Index ¶
- Constants
- func CheckStatusType(statusType string) error
- func RunHashMigrationsIfNeeded(db *gorm.DB) error
- type AffectedComponent
- type Artifact
- type ArtifactRiskHistory
- type Asset
- type AssetType
- type AssetVersion
- type AssetVersionType
- type Attestation
- type AttestationType
- type CVE
- type CWE
- type Comment
- type Component
- type ComponentDependency
- type ComponentProject
- type ComponentType
- type Config
- type DependencyVuln
- func (vuln DependencyVuln) AssetVersionIndependentHash() string
- func (vuln *DependencyVuln) BeforeSave(tx *gorm.DB) (err error)
- func (vuln *DependencyVuln) CalculateHash() string
- func (vuln *DependencyVuln) GetArtifacts() []Artifact
- func (vuln DependencyVuln) GetAssetVersionName() string
- func (vuln DependencyVuln) GetEvents() []VulnEvent
- func (vuln *DependencyVuln) GetRawRiskAssessment() float64
- func (vuln *DependencyVuln) GetScannerIDsOrArtifactNames() string
- func (vuln *DependencyVuln) GetType() VulnType
- func (vuln *DependencyVuln) SetRawRiskAssessment(risk float64)
- func (vuln *DependencyVuln) SetRiskRecalculatedAt(t time.Time)
- func (vuln DependencyVuln) TableName() string
- type DependencyVulnRisk
- type Distribution
- type Exploit
- type ExternalUser
- type FirstPartyVuln
- func (firstPartyVuln *FirstPartyVuln) AddScannerID(scannerID string)
- func (firstPartyVuln FirstPartyVuln) AssetVersionIndependentHash() string
- func (firstPartyVuln *FirstPartyVuln) BeforeSave(tx *gorm.DB) (err error)
- func (firstPartyVuln *FirstPartyVuln) CalculateHash() string
- func (firstPartyVuln *FirstPartyVuln) FromJSONSnippetContents() (SnippetContents, error)
- func (firstPartyVuln *FirstPartyVuln) GetArtifacts() []Artifact
- func (firstPartyVuln FirstPartyVuln) GetAssetVersionName() string
- func (firstPartyVuln FirstPartyVuln) GetEvents() []VulnEvent
- func (firstPartyVuln *FirstPartyVuln) GetScannerIDsOrArtifactNames() string
- func (firstPartyVuln *FirstPartyVuln) GetType() VulnType
- func (firstPartyVuln *FirstPartyVuln) RemoveScannerID(scannerID string)
- func (firstPartyVuln *FirstPartyVuln) RenderADF(baseURL, orgSlug, projectSlug, assetSlug, assetVersionSlug string) jira.ADF
- func (firstPartyVuln *FirstPartyVuln) RenderMarkdown(baseURL, orgSlug, projectSlug, assetSlug, assetVersionSlug string) string
- func (firstPartyVuln FirstPartyVuln) TableName() string
- func (firstPartyVuln *FirstPartyVuln) Title() string
- type GitLabIntegration
- type GitLabOauth2Token
- type GithubAppInstallation
- type History
- type InTotoLink
- type Invitation
- type JiraIntegration
- type LicenseRisk
- func (licenseRisk LicenseRisk) AssetVersionIndependentHash() string
- func (licenseRisk *LicenseRisk) BeforeSave(tx *gorm.DB) (err error)
- func (licenseRisk *LicenseRisk) CalculateHash() string
- func (licenseRisk *LicenseRisk) GetArtifactNames() string
- func (licenseRisk *LicenseRisk) GetArtifacts() []Artifact
- func (licenseRisk LicenseRisk) GetAssetVersionName() string
- func (licenseRisk LicenseRisk) GetEvents() []VulnEvent
- func (licenseRisk LicenseRisk) GetType() VulnType
- func (licenseRisk *LicenseRisk) SetFinalLicenseDecision(finalLicenseDecision string)
- func (licenseRisk LicenseRisk) TableName() string
- type MechanicalJustificationType
- type Mitigation
- type Model
- type Org
- type PAT
- type Policy
- type Project
- type ProjectRiskHistory
- type ProjectType
- type Release
- type ReleaseItem
- type RequirementLevel
- type ScannerInformation
- type Severity
- type SnippetContent
- type SnippetContents
- type SupplyChain
- type Type
- type Vuln
- type VulnEvent
- func NewAcceptedEvent(vulnID string, vulnType VulnType, userID, justification string) VulnEvent
- func NewCommentEvent(vulnID string, vulnType VulnType, userID, justification string) VulnEvent
- func NewDetectedEvent(vulnID string, vulnType VulnType, userID string, ...) VulnEvent
- func NewFalsePositiveEvent(vulnID string, vulnType VulnType, userID, justification string, ...) VulnEvent
- func NewFixedEvent(vulnID string, vulnType VulnType, userID string, artifactName string) VulnEvent
- func NewLicenseDecisionEvent(vulnID string, vulnType VulnType, userID string, ...) VulnEvent
- func NewMitigateEvent(vulnID string, vulnType VulnType, userID string, justification string, ...) VulnEvent
- func NewRawRiskAssessmentUpdatedEvent(vulnID string, vulnType VulnType, userID string, justification string, ...) VulnEvent
- func NewReopenedEvent(vulnID string, vulnType VulnType, userID, justification string) VulnEvent
- type VulnEventDetail
- type VulnEventType
- type VulnInPackage
- type VulnState
- type VulnType
- type Vulnerability
- func (d *Vulnerability) AddScannerID(scannerID string)
- func (d *Vulnerability) GetAssetID() uuid.UUID
- func (d *Vulnerability) GetAssetVersionName() string
- func (d *Vulnerability) GetID() string
- func (d *Vulnerability) GetManualTicketCreation() bool
- func (d *Vulnerability) GetRawRiskAssessment() float64
- func (d *Vulnerability) GetScannerIDsOrArtifactNames() string
- func (d *Vulnerability) GetState() VulnState
- func (d *Vulnerability) GetTicketID() *string
- func (d *Vulnerability) GetTicketURL() *string
- func (d *Vulnerability) RemoveScannerID(scannerID string)
- func (d *Vulnerability) SetManualTicketCreation(manualTicketCreation bool)
- func (d *Vulnerability) SetRawRiskAssessment(risk float64)
- func (d *Vulnerability) SetRiskRecalculatedAt(t time.Time)
- func (d *Vulnerability) SetState(state VulnState)
- func (d *Vulnerability) SetTicketID(ticketID string)
- func (d *Vulnerability) SetTicketURL(ticketURL string)
- type Weakness
- type WebhookIntegration
Constants ¶
View Source
const ( // Increment this when the hash calculation algorithm changes CurrentHashVersion = 1 // Config key for tracking hash migration version HashMigrationVersionKey = "hash_migration_version" )
View Source
const NoVersion = "0.0.0"
Variables ¶
This section is empty.
Functions ¶
func CheckStatusType ¶
func RunHashMigrationsIfNeeded ¶ added in v0.17.2
Types ¶
type AffectedComponent ¶
type AffectedComponent struct {
ID string `json:"id" gorm:"primaryKey;"`
Source string
PurlWithoutVersion string `json:"purl" gorm:"type:text;column:purl;index"`
Ecosystem string `json:"ecosystem" gorm:"type:text;"`
Scheme string `json:"scheme" gorm:"type:text;"`
Type string `json:"type" gorm:"type:text;"`
Name string `json:"name" gorm:"type:text;"`
Namespace *string `json:"namespace" gorm:"type:text;"`
Qualifiers *string `json:"qualifiers" gorm:"type:text;"`
Subpath *string `json:"subpath" gorm:"type:text;"`
Version *string `json:"version" gorm:"index"` // either version or semver is defined
SemverIntroduced *string `json:"semverStart" gorm:"type:semver;index"`
SemverFixed *string `json:"semverEnd" gorm:"type:semver;index"`
VersionIntroduced *string `json:"versionIntroduced" gorm:"index"` // for non semver packages - if both are defined, THIS one should be used for displaying. We might fake semver versions just for database querying and ordering
VersionFixed *string `json:"versionFixed" gorm:"index"` // for non semver packages - if both are defined, THIS one should be used for displaying. We might fake semver versions just for database querying and ordering
CVE []CVE `json:"cves" gorm:"many2many:cve_affected_component;constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
}
func AffectedComponentFromOSV ¶ added in v0.5.1
func AffectedComponentFromOSV(osv common.OSV) []AffectedComponent
func (*AffectedComponent) BeforeSave ¶ added in v0.5.1
func (affectedComponent *AffectedComponent) BeforeSave(tx *gorm.DB) error
func (AffectedComponent) CalculateHash ¶ added in v0.5.1
func (affectedComponent AffectedComponent) CalculateHash() string
func (AffectedComponent) TableName ¶
func (affectedComponent AffectedComponent) TableName() string
type Artifact ¶ added in v0.17.2
type Artifact struct {
CreatedAt time.Time `json:"createdAt"`
ArtifactName string `json:"artifactName" gorm:"primaryKey;not null;"`
AssetVersionName string `json:"assetVersionName" gorm:"primaryKey;not null;type:text;"`
AssetID uuid.UUID `json:"vulnAssetId" gorm:"primaryKey;not null;type:uuid;"`
LastHistoryUpdate *time.Time `json:"lastHistoryUpdate,omitempty"`
AssetVersion AssetVersion `json:"assetVersion" gorm:"foreignKey:AssetVersionName,AssetID;references:Name,AssetID;constraint:OnDelete:CASCADE;"`
DependencyVuln []DependencyVuln `json:"dependencyVulns" gorm:"many2many:artifact_dependency_vulns;constraint:OnDelete:CASCADE;"`
ComponentDependencies []ComponentDependency `json:"componentDependencies" gorm:"many2many:artifact_component_dependencies;constraint:OnDelete:CASCADE;"`
LicenseRisks []LicenseRisk `json:"licenseRisks" gorm:"many2many:artifact_license_risks;constraint:OnDelete:CASCADE;"`
RiskHistories []ArtifactRiskHistory `` /* 154-byte string literal not displayed */
}
type ArtifactRiskHistory ¶ added in v0.17.2
type ArtifactRiskHistory struct {
History
ArtifactName string `json:"artifactName" gorm:"primaryKey;type:text;"`
AssetVersionName string `json:"assetVersionName" gorm:"primaryKey;type:text;"`
AssetID uuid.UUID `json:"assetId" gorm:"primaryKey;type:uuid"`
}
func (ArtifactRiskHistory) TableName ¶ added in v0.17.2
func (m ArtifactRiskHistory) TableName() string
type Asset ¶
type Asset struct {
Model
Name string `json:"name" gorm:"type:text"`
Avatar *string `json:"avatar" gorm:"type:text"`
Slug string `json:"slug" gorm:"type:text;uniqueIndex:idx_app_project_slug;not null;"`
CentralDependencyVulnManagement bool `json:"centralDependencyVulnManagement" gorm:"default:false;"`
ProjectID uuid.UUID `json:"projectId" gorm:"uniqueIndex:idx_app_project_slug;not null;type:uuid;"`
Description string `json:"description" gorm:"type:text"`
Type AssetType `json:"type" gorm:"type:text;not null;"`
AssetVersions []AssetVersion `json:"refs" gorm:"foreignKey:AssetID;references:ID;constraint:OnDelete:CASCADE;"`
Importance int `json:"importance" gorm:"default:1;"`
ReachableFromInternet bool `json:"reachableFromInternet" gorm:"default:false;"`
ConfidentialityRequirement RequirementLevel `json:"confidentialityRequirement" gorm:"default:'high';not null;type:text;"`
IntegrityRequirement RequirementLevel `json:"integrityRequirement" gorm:"default:'high';not null;type:text;"`
AvailabilityRequirement RequirementLevel `json:"availabilityRequirement" gorm:"default:'high';not null;type:text;"`
RepositoryID *string `json:"repositoryId" gorm:"type:text;"` // the id will be prefixed with the provider name, e.g. github:<github app installation id>:123456
RepositoryName *string `json:"repositoryName" gorm:"type:text;"`
LastHistoryUpdate *time.Time
CVSSAutomaticTicketThreshold *float64 `json:"cvssAutomaticTicketThreshold" gorm:"type:decimal(4,2);"`
RiskAutomaticTicketThreshold *float64 `json:"riskAutomaticTicketThreshold" gorm:"type:decimal(4,2);"`
// Auto-reopen configuration - number of days after which closed/accepted vulnerabilities should be reopened
VulnAutoReopenAfterDays *int `json:"vulnAutoReopenAfterDays" gorm:"type:integer;"`
SigningPubKey *string `json:"signingPubKey" gorm:"type:text;"`
ConfigFiles database.JSONB `json:"configFiles" gorm:"type:jsonb"`
BadgeSecret *uuid.UUID `json:"badgeSecret" gorm:"type:uuid;default:gen_random_uuid();"`
WebhookSecret *uuid.UUID `json:"webhookSecret" gorm:"type:uuid;default:gen_random_uuid();"`
ExternalEntityID *string `json:"externalEntityId" gorm:"uniqueIndex:asset_unique_external_entity;type:text"`
ExternalEntityProviderID *string `json:"externalEntityProviderId" gorm:"uniqueIndex:asset_unique_external_entity;type:text"`
RepositoryProvider *string `json:"repositoryProvider" gorm:"type:text;"`
Metadata database.JSONB `json:"metadata" gorm:"column:metadata;type:jsonb;"`
}
type AssetVersion ¶ added in v0.17.2
type AssetVersion struct {
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
Name string `json:"name" gorm:"primarykey;type:text;not null;"`
AssetID uuid.UUID `json:"assetId" gorm:"primarykey;not null;type:uuid;"`
Asset Asset `json:"asset" gorm:"foreignKey:AssetID;references:ID; constraint:OnDelete:CASCADE;"`
DefaultBranch bool `json:"defaultBranch" gorm:"default:false;"`
Slug string `json:"slug" gorm:"type:text;not null;type:text;"`
DependencyVulns []DependencyVuln `json:"dependencyVulns" gorm:"foreignKey:AssetVersionName,AssetID;references:Name,AssetID;constraint:OnDelete:CASCADE;"`
Artifacts []Artifact `` /* 129-byte string literal not displayed */
Type AssetVersionType `json:"type" gorm:"type:text;not null;"`
Components []ComponentDependency `json:"components" gorm:"foreignKey:AssetVersionName,AssetID;references:Name,AssetID;constraint:OnDelete:CASCADE;"`
SupplyChains []SupplyChain `json:"supplyChains" gorm:"foreignKey:AssetVersionName,AssetID;references:Name,AssetID;constraint:OnDelete:CASCADE;"`
SigningPubKey *string `json:"signingPubKey" gorm:"type:text;"`
Metadata database.JSONB `json:"metadata" gorm:"type:jsonb"`
LastAccessedAt time.Time `json:"lastAccessedAt,omitempty" gorm:"default:NOW();"`
}
func (AssetVersion) TableName ¶ added in v0.17.2
func (m AssetVersion) TableName() string
type AssetVersionType ¶ added in v0.17.2
type AssetVersionType string
const ( AssetVersionBranch AssetVersionType = "branch" AssetVersionTag AssetVersionType = "tag" )
type Attestation ¶ added in v0.17.2
type Attestation struct {
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
PredicateType string `json:"predicateType" gorm:"type:text;primaryKey"`
AssetVersionName string `json:"assetVersionName" gorm:"primaryKey;type:text;"`
AssetID uuid.UUID `json:"assetId" gorm:"primaryKey;type:uuid"`
ArtifactName string `json:"artifactName" gorm:"primaryKey"`
// Ensure foreign key field order matches Artifact primary key: ArtifactName, AssetVersionName, AssetID
Artifact Artifact `json:"artifact" gorm:"foreignKey:ArtifactName,AssetVersionName,AssetID;constraint:OnDelete:CASCADE;"`
Content database.JSONB `json:"content" gorm:"type:jsonb"`
}
func (Attestation) TableName ¶ added in v0.17.2
func (m Attestation) TableName() string
type AttestationType ¶ added in v0.17.2
type AttestationType string
type CVE ¶
type CVE struct {
CVE string `json:"cve" gorm:"primaryKey;not null;type:text;"`
CreatedAt time.Time `json:"createdAt" cve:"createdAt"`
UpdatedAt time.Time `json:"updatedAt" cve:"updatedAt"`
DatePublished time.Time `json:"datePublished" cve:"datePublished"`
DateLastModified time.Time `json:"dateLastModified" cve:"dateLastModified"`
Weaknesses []*Weakness `json:"weaknesses" gorm:"foreignKey:CVEID;constraint:OnDelete:CASCADE;" cve:"weaknesses"`
Description string `json:"description" gorm:"type:text;" cve:"description"`
CVSS float32 `json:"cvss" gorm:"type:decimal(4,2);" cve:"cvss"`
References string `json:"references" gorm:"type:text;" cve:"references"`
CISAExploitAdd *datatypes.Date `json:"cisaExploitAdd" gorm:"type:date;" cve:"cisaExploitAdd"`
CISAActionDue *datatypes.Date `json:"cisaActionDue" gorm:"type:date;" cve:"cisaActionDue"`
CISARequiredAction string `json:"cisaRequiredAction" gorm:"type:text;" cve:"cisaRequiredAction"`
CISAVulnerabilityName string `json:"cisaVulnerabilityName" gorm:"type:text;" cve:"cisaVulnerabilityName"`
EPSS *float64 `json:"epss" gorm:"type:decimal(6,5);" cve:"epss"`
Percentile *float32 `json:"percentile" gorm:"type:decimal(6,5);" cve:"percentile"`
AffectedComponents []*AffectedComponent `json:"affectedComponents" gorm:"many2many:cve_affected_component"`
Vector string `json:"vector" gorm:"type:text;" cve:"vector"`
Risk common.RiskMetrics `json:"risk" gorm:"-" cve:"risk"`
Exploits []*Exploit `json:"exploits" gorm:"foreignKey:CVEID;"`
}
func (CVE) GetReferences ¶
type CWE ¶
type Comment ¶
type Component ¶
type Component struct {
Purl string `json:"purl" gorm:"primaryKey;column:purl"` // without qualifiers!
Dependencies []ComponentDependency `json:"dependsOn" gorm:"hasMany;"`
ComponentType ComponentType `json:"componentType"`
Version string `json:"version"`
License *string `json:"license"`
Published *time.Time `json:"published"`
ComponentProject *ComponentProject `json:"project" gorm:"foreignKey:ComponentProjectKey;references:ProjectKey;constraint:OnDelete:CASCADE;"`
ComponentProjectKey *string `json:"projectId" gorm:"column:project_key"`
IsLicenseOverwritten bool `json:"isLicenseOverwritten" gorm:"-"`
}
type ComponentDependency ¶
type ComponentDependency struct {
ID uuid.UUID `gorm:"primarykey;type:uuid;default:gen_random_uuid()" json:"id"`
// the provided sbom from cyclondx only contains the transitive dependencies, which do really get used
// this means, that the dependency graph between people using the same library might differ, since they use it differently
// we use edges, which provide the information, that a component is used by another component in one asset
Component Component `json:"component" gorm:"foreignKey:ComponentPurl;references:Purl;constraint:OnDelete:CASCADE;"`
ComponentPurl *string `json:"componentPurl" gorm:"column:component_purl;index:component_purl_idx"` // will be nil, for direct dependencies
Dependency Component `json:"dependency" gorm:"foreignKey:DependencyPurl;references:Purl;constraint:OnDelete:CASCADE;"`
DependencyPurl string `json:"dependencyPurl" gorm:"column:dependency_purl;index:dependency_purl_idx"`
// Foreign key fields for AssetVersion relationship
AssetVersionName string `json:"assetVersionName" gorm:"column:asset_version_name;not null;"`
AssetID uuid.UUID `json:"assetId" gorm:"column:asset_id;not null;type:uuid;"`
Artifacts []Artifact `json:"artifacts" gorm:"many2many:artifact_component_dependencies;constraint:OnDelete:CASCADE"`
Depth int `json:"depth" gorm:"column:depth"`
}
func GetOnlyDirectDependencies ¶
func GetOnlyDirectDependencies(deps []ComponentDependency) []ComponentDependency
func (ComponentDependency) TableName ¶
func (c ComponentDependency) TableName() string
type ComponentProject ¶ added in v0.17.2
type ComponentProject struct {
// project name like "github.com/facebook/react"
ProjectKey string `json:"projectKey" gorm:"primaryKey;column:project_key"`
StarsCount int `json:"starsCount" gorm:"column:stars_count"`
ForksCount int `json:"forksCount" gorm:"column:forks_count"`
OpenIssuesCount int `json:"openIssuesCount" gorm:"column:open_issues_count"`
Homepage string `json:"homepage"`
License string `json:"license"`
Description string `json:"description"`
ScoreCard *database.JSONB `json:"scoreCard" gorm:"column:score_card;type:jsonb"`
ScoreCardScore *float64 `json:"scoreCardScore" gorm:"column:score_card_score"`
UpdatedAt time.Time `json:"updatedAt" gorm:"column:updated_at"`
}
func (ComponentProject) TableName ¶ added in v0.17.2
func (c ComponentProject) TableName() string
type ComponentType ¶ added in v0.5.1
type ComponentType string
const ( ComponentTypeApplication ComponentType = "application" ComponentTypeContainer ComponentType = "container" ComponentTypeData ComponentType = "data" ComponentTypeDevice ComponentType = "device" ComponentTypeDeviceDriver ComponentType = "device-driver" ComponentTypeFile ComponentType = "file" ComponentTypeFirmware ComponentType = "firmware" ComponentTypeFramework ComponentType = "framework" ComponentTypeLibrary ComponentType = "library" ComponentTypeMachineLearningModel ComponentType = "machine-learning-model" ComponentTypeOS ComponentType = "operating-system" ComponentTypePlatform ComponentType = "platform" )
type DependencyVuln ¶ added in v0.17.2
type DependencyVuln struct {
Vulnerability
CVE *CVE `json:"cve"`
CVEID *string `json:"cveId" gorm:"null;type:text;default:null;"`
ComponentPurl *string `json:"componentPurl" gorm:"type:text;default:null;"`
ComponentDepth *int `json:"componentDepth" gorm:"default:null;"`
ComponentFixedVersion *string `json:"componentFixedVersion" gorm:"default:null;"`
Effort *int `json:"effort" gorm:"default:null;"`
RiskAssessment *int `json:"riskAssessment" gorm:"default:null;"`
RawRiskAssessment *float64 `json:"rawRiskAssessment" gorm:"default:null;"`
Priority *int `json:"priority" gorm:"default:null;"`
LastDetected time.Time `json:"lastDetected" gorm:"default:now();not null;"`
RiskRecalculatedAt time.Time `json:"riskRecalculatedAt"`
Artifacts []Artifact `json:"artifacts" gorm:"many2many:artifact_dependency_vulns;constraint:OnDelete:CASCADE"`
}
func (DependencyVuln) AssetVersionIndependentHash ¶ added in v0.17.2
func (vuln DependencyVuln) AssetVersionIndependentHash() string
func (*DependencyVuln) BeforeSave ¶ added in v0.17.2
func (vuln *DependencyVuln) BeforeSave(tx *gorm.DB) (err error)
hook to calculate the hash before creating the dependencyVuln
func (*DependencyVuln) CalculateHash ¶ added in v0.17.2
func (vuln *DependencyVuln) CalculateHash() string
func (*DependencyVuln) GetArtifacts ¶ added in v0.17.2
func (vuln *DependencyVuln) GetArtifacts() []Artifact
func (DependencyVuln) GetAssetVersionName ¶ added in v0.17.2
func (vuln DependencyVuln) GetAssetVersionName() string
func (DependencyVuln) GetEvents ¶ added in v0.17.2
func (vuln DependencyVuln) GetEvents() []VulnEvent
func (*DependencyVuln) GetRawRiskAssessment ¶ added in v0.17.2
func (vuln *DependencyVuln) GetRawRiskAssessment() float64
func (*DependencyVuln) GetScannerIDsOrArtifactNames ¶ added in v0.17.2
func (vuln *DependencyVuln) GetScannerIDsOrArtifactNames() string
func (*DependencyVuln) GetType ¶ added in v0.17.2
func (vuln *DependencyVuln) GetType() VulnType
func (*DependencyVuln) SetRawRiskAssessment ¶ added in v0.17.2
func (vuln *DependencyVuln) SetRawRiskAssessment(risk float64)
func (*DependencyVuln) SetRiskRecalculatedAt ¶ added in v0.17.2
func (vuln *DependencyVuln) SetRiskRecalculatedAt(t time.Time)
func (DependencyVuln) TableName ¶ added in v0.17.2
func (vuln DependencyVuln) TableName() string
type DependencyVulnRisk ¶ added in v0.17.2
type Distribution ¶ added in v0.17.2
type Exploit ¶
type Exploit struct {
ID string `json:"id" gorm:"primaryKey;"`
Published *time.Time `json:"pushed_at" gorm:"type:date;"`
Updated *time.Time `json:"updated_at" gorm:"type:date;"`
Author string `json:"author" gorm:"type:text;"`
Type string `json:"type" gorm:"type:text;"`
Verified bool `json:"verified" gorm:"type:boolean;"`
SourceURL string `json:"sourceURL" gorm:"type:text;"`
Description string `json:"description" gorm:"type:text;"`
CVE CVE `json:"-" gorm:"foreignKey:CVEID;constraint:OnDelete:CASCADE;"`
CVEID string `json:"cveID" gorm:"type:text;"`
Tags string `json:"tags" gorm:"type:text;"`
Forks int `json:"forks" gorm:"type:integer;"`
Watchers int `json:"watchers" gorm:"type:integer;"`
Subscribers int `json:"subscribers_count" gorm:"type:integer;"`
Stars int `json:"stargazers_count" gorm:"type:integer;"`
}
type ExternalUser ¶ added in v0.5.14
type ExternalUser struct {
ID string `json:"id" gorm:"primaryKey"`
Username string `json:"username"`
AvatarURL string `json:"avatarUrl"`
Organizations []Org `json:"orgs" gorm:"many2many:external_user_orgs;"`
}
func (ExternalUser) TableName ¶ added in v0.5.14
func (ExternalUser) TableName() string
type FirstPartyVuln ¶ added in v0.17.2
type FirstPartyVuln struct {
Vulnerability
// the scanner which was used to detect this firstPartyVuln
ScannerIDs string `json:"scannerIds" gorm:"not null;column:scanner_ids"` //List of scanner ids separated by a white space
Fingerprint string `json:"fingerprint" gorm:"type:text;"`
RuleID string `json:"ruleId"`
RuleName string `json:"ruleName"`
RuleDescription string `json:"ruleDescription"`
RuleHelp string `json:"ruleHelp"`
RuleHelpURI string `json:"ruleHelpUri"`
RuleProperties database.JSONB `json:"ruleProperties" gorm:"type:jsonb"`
URI string `json:"uri"`
Commit string `json:"commit"`
Email string `json:"email"`
Author string `json:"author"`
Date string `json:"date"`
SnippetContents database.JSONB `json:"snippetContents" gorm:"type:jsonb;snippet_contents"` // SnippetContents
}
func (*FirstPartyVuln) AddScannerID ¶ added in v0.17.2
func (firstPartyVuln *FirstPartyVuln) AddScannerID(scannerID string)
func (FirstPartyVuln) AssetVersionIndependentHash ¶ added in v0.17.2
func (firstPartyVuln FirstPartyVuln) AssetVersionIndependentHash() string
func (*FirstPartyVuln) BeforeSave ¶ added in v0.17.2
func (firstPartyVuln *FirstPartyVuln) BeforeSave(tx *gorm.DB) (err error)
func (*FirstPartyVuln) CalculateHash ¶ added in v0.17.2
func (firstPartyVuln *FirstPartyVuln) CalculateHash() string
func (*FirstPartyVuln) FromJSONSnippetContents ¶ added in v0.17.2
func (firstPartyVuln *FirstPartyVuln) FromJSONSnippetContents() (SnippetContents, error)
func (*FirstPartyVuln) GetArtifacts ¶ added in v0.17.2
func (firstPartyVuln *FirstPartyVuln) GetArtifacts() []Artifact
func (FirstPartyVuln) GetAssetVersionName ¶ added in v0.17.2
func (firstPartyVuln FirstPartyVuln) GetAssetVersionName() string
func (FirstPartyVuln) GetEvents ¶ added in v0.17.2
func (firstPartyVuln FirstPartyVuln) GetEvents() []VulnEvent
func (*FirstPartyVuln) GetScannerIDsOrArtifactNames ¶ added in v0.17.2
func (firstPartyVuln *FirstPartyVuln) GetScannerIDsOrArtifactNames() string
func (*FirstPartyVuln) GetType ¶ added in v0.17.2
func (firstPartyVuln *FirstPartyVuln) GetType() VulnType
func (*FirstPartyVuln) RemoveScannerID ¶ added in v0.17.2
func (firstPartyVuln *FirstPartyVuln) RemoveScannerID(scannerID string)
func (*FirstPartyVuln) RenderADF ¶ added in v0.17.2
func (firstPartyVuln *FirstPartyVuln) RenderADF(baseURL, orgSlug, projectSlug, assetSlug, assetVersionSlug string) jira.ADF
func (*FirstPartyVuln) RenderMarkdown ¶ added in v0.17.2
func (firstPartyVuln *FirstPartyVuln) RenderMarkdown(baseURL, orgSlug, projectSlug, assetSlug, assetVersionSlug string) string
func (FirstPartyVuln) TableName ¶ added in v0.17.2
func (firstPartyVuln FirstPartyVuln) TableName() string
func (*FirstPartyVuln) Title ¶ added in v0.17.2
func (firstPartyVuln *FirstPartyVuln) Title() string
type GitLabIntegration ¶ added in v0.5.14
type GitLabIntegration struct {
Model
Name string `json:"name"`
AccessToken string `json:"accessToken"`
GitLabURL string `json:"gitLabUrl" gorm:"column:gitlab_url"`
Org Org `json:"org" gorm:"foreignKey:OrgID;constraint:OnDelete:CASCADE;"`
OrgID uuid.UUID `json:"orgId" gorm:"column:org_id"`
}
func (GitLabIntegration) TableName ¶ added in v0.5.14
func (g GitLabIntegration) TableName() string
type GitLabOauth2Token ¶ added in v0.17.2
type GitLabOauth2Token struct {
ID uuid.UUID `json:"id" gorm:"column:id;primaryKey;default:gen_random_uuid()"` // the id of the token
// oauth2 token using GitLab Applications feature
AccessToken string `json:"accessToken" gorm:"column:access_token"`
RefreshToken string `json:"refreshToken" gorm:"column:refresh_token"`
ExpiresAt int64 `json:"expiresAt" gorm:"column:expires_at"`
Scopes string `json:"scopes" gorm:"column:scopes"`
UserID string `json:"userId" gorm:"column:user_id;uniqueIndex:single-provider-token;check:LOWER(user_id) <> 'NO_SESSION'"` // the gitlab user id
GitLabUserID int `json:"gitLabUserId" gorm:"column:gitlab_user_id"` // the gitlab user id
Expiry time.Time `json:"expiry" gorm:"column:expiry"`
Verifier *string `json:"verifier" gorm:"column:verifier"` // used for the PKCE to protect against CSRF attacks during doing oauth2
BaseURL string `json:"baseUrl" gorm:"column:base_url;"` // the base url of the gitlab instance
CreatedAt time.Time `json:"createdAt" gorm:"column:created_at"`
UpdatedAt time.Time `json:"updatedAt" gorm:"column:updated_at"`
ProviderID string `json:"providerId" gorm:"column:provider_id;uniqueIndex:single-provider-token"` // the id of the provider - what you define in the env variables GITLAB_<PROVIDERID>_BASEURL...
}
func (*GitLabOauth2Token) BeforeSave ¶ added in v0.17.2
func (token *GitLabOauth2Token) BeforeSave(tx *gorm.DB) (err error)
func (GitLabOauth2Token) TableName ¶ added in v0.17.2
func (GitLabOauth2Token) TableName() string
type GithubAppInstallation ¶
type GithubAppInstallation struct {
InstallationID int `json:"installationId" gorm:"primaryKey"`
Org *Org `json:"org" gorm:"foreignKey:OrgID;constraint:OnDelete:CASCADE;"`
OrgID *uuid.UUID `json:"orgId" gorm:"column:org_id"`
InstallationCreatedWebhookReceivedTime time.Time `json:"installationCreatedWebhookReceivedTime"`
SettingsURL string `json:"settingsUrl"`
TargetType string `json:"targetType"`
TargetLogin string `json:"targetLogin"`
TargetAvatarURL string `json:"targetAvatarUrl"`
}
func (GithubAppInstallation) TableName ¶
func (GithubAppInstallation) TableName() string
type History ¶ added in v0.17.2
type History struct {
Distribution
// on the day 2024-08-12 the asset had a sumRisk of 25.
Day time.Time `json:"day" gorm:"primaryKey;type:date"`
SumOpenRisk float64 `json:"sumOpenRisk"`
AvgOpenRisk float64 `json:"averageOpenRisk"`
MaxOpenRisk float64 `json:"maxOpenRisk"`
MinOpenRisk float64 `json:"minOpenRisk"`
SumClosedRisk float64 `json:"sumClosedRisk"`
AvgClosedRisk float64 `json:"averageClosedRisk"`
MaxClosedRisk float64 `json:"maxClosedRisk"`
MinClosedRisk float64 `json:"minClosedRisk"`
OpenDependencyVulns int `json:"openDependencyVulns"`
FixedDependencyVulns int `json:"fixedDependencyVulns"`
}
type InTotoLink ¶ added in v0.5.14
type InTotoLink struct {
// this is used to identify the link afterwards.
// for the post-commit link this is the commit hash
SupplyChainID string `json:"supplyChainId" gorm:"column:supply_chain_id;primaryKey"`
Step string `json:"step" gorm:"column:step;primaryKey"`
Filename string `json:"filename" gorm:"column:filename"`
// the real link payload
Payload string `json:"payload" gorm:"column:payload"`
PAT PAT `json:"pat" gorm:"foreignKey:PatID;constraint:OnDelete:CASCADE;"`
AssetVersion AssetVersion `gorm:"foreignKey:AssetVersionName,AssetID;references:Name,AssetID;constraint:OnDelete:CASCADE;"`
AssetVersionName string `json:"assetVersionName" gorm:"column:asset_version_name;primaryKey"`
AssetID uuid.UUID `json:"assetId" gorm:"column:asset_id;primaryKey"`
PatID uuid.UUID `json:"patId" gorm:"column:pat_id;"`
CreatedAt time.Time `json:"createdAt" gorm:"column:created_at"`
}
func (InTotoLink) TableName ¶ added in v0.5.14
func (InTotoLink) TableName() string
type Invitation ¶ added in v0.5.14
type Invitation struct {
Model
Code string `json:"code"`
// OrganizationID is the ID of the organization the invitation is for
OrganizationID uuid.UUID `json:"organizationId"`
Organization Org
// Email is the email address of the user the invitation is for
Email string `json:"email"`
}
func (Invitation) TableName ¶ added in v0.5.14
func (i Invitation) TableName() string
type JiraIntegration ¶ added in v0.17.2
type JiraIntegration struct {
Model
Name string `json:"name" gorm:"type:varchar(255);not null"`
Org Org `json:"org" gorm:"foreignKey:OrgID;constraint:OnDelete:CASCADE;"`
OrgID uuid.UUID `json:"orgId" gorm:"column:org_id"`
AccessToken string `json:"accessToken"`
URL string `json:"url" gorm:"type:text;not null"`
UserEmail string `json:"userEmail" gorm:"column:user_email"`
AccountID string `json:"accountId" gorm:"column:account_id"`
}
func (JiraIntegration) TableName ¶ added in v0.17.2
func (JiraIntegration) TableName() string
type LicenseRisk ¶ added in v0.17.2
type LicenseRisk struct {
Vulnerability
FinalLicenseDecision *string `json:"finalLicenseDecision" gorm:"type:text"`
ComponentPurl string `json:"componentPurl" gorm:"type:text;"`
Component Component `json:"component" gorm:"foreignKey:ComponentPurl;references:Purl;constraint:OnDelete:CASCADE;"`
Artifacts []Artifact `json:"artifacts" gorm:"many2many:artifact_license_risks;constraint:OnDelete:CASCADE"`
}
func (LicenseRisk) AssetVersionIndependentHash ¶ added in v0.17.2
func (licenseRisk LicenseRisk) AssetVersionIndependentHash() string
func (*LicenseRisk) BeforeSave ¶ added in v0.17.2
func (licenseRisk *LicenseRisk) BeforeSave(tx *gorm.DB) (err error)
func (*LicenseRisk) CalculateHash ¶ added in v0.17.2
func (licenseRisk *LicenseRisk) CalculateHash() string
func (*LicenseRisk) GetArtifactNames ¶ added in v0.17.2
func (licenseRisk *LicenseRisk) GetArtifactNames() string
func (*LicenseRisk) GetArtifacts ¶ added in v0.17.2
func (licenseRisk *LicenseRisk) GetArtifacts() []Artifact
func (LicenseRisk) GetAssetVersionName ¶ added in v0.17.2
func (licenseRisk LicenseRisk) GetAssetVersionName() string
func (LicenseRisk) GetEvents ¶ added in v0.17.2
func (licenseRisk LicenseRisk) GetEvents() []VulnEvent
func (LicenseRisk) GetType ¶ added in v0.17.2
func (licenseRisk LicenseRisk) GetType() VulnType
func (*LicenseRisk) SetFinalLicenseDecision ¶ added in v0.17.2
func (licenseRisk *LicenseRisk) SetFinalLicenseDecision(finalLicenseDecision string)
func (LicenseRisk) TableName ¶ added in v0.17.2
func (licenseRisk LicenseRisk) TableName() string
type MechanicalJustificationType ¶ added in v0.17.2
type MechanicalJustificationType string
const ( ComponentNotPresent MechanicalJustificationType = "component_not_present" VulnerableCodeNotPresent MechanicalJustificationType = "vulnerable_code_not_present" VulnerableCodeNotInExecutePath MechanicalJustificationType = "vulnerable_code_not_in_execute_path" VulnerableCodeCannotBeControlledByAdversary MechanicalJustificationType = "vulnerable_code_cannot_be_controlled_by_adversary" InlineMitigationsAlreadyExist MechanicalJustificationType = "inline_mitigations_already_exist" )
type Mitigation ¶
type Mitigation struct {
Model
Type Type `json:"mitigationType"`
InitiatingUserID string `json:"initiatingUserId"`
ResultID uuid.UUID `json:"resultId"`
DueDate *time.Time `json:"dueDate"`
Properties datatypes.JSON `gorm:"type:jsonb;default:'{}';not null"`
MitigationPending bool `json:"mitigationPending" gorm:"default:false"` // will be true for fix and transfer types - we are waiting for another scan report which verifies, that the related result is fixed. Will be false for avoid and accept types
Justification string `json:"justification"`
}
type Model ¶
type Org ¶
type Org struct {
Model
Name string `json:"name" gorm:"type:text"`
ContactPhoneNumber *string `json:"contactPhoneNumber" gorm:"type:text"`
NumberOfEmployees *int `json:"numberOfEmployees"`
Country *string `json:"country" gorm:"type:text"`
Industry *string `json:"industry" gorm:"type:text"`
CriticalInfrastructure bool `json:"criticalInfrastructure"`
ISO27001 bool `json:"iso27001"`
NIST bool `json:"nist"`
Grundschutz bool `json:"grundschutz"`
Projects []Project `json:"projects" gorm:"foreignKey:OrganizationID;"`
Slug string `json:"slug" gorm:"type:text;unique;not null;index"`
Description string `json:"description" gorm:"type:text"`
GithubAppInstallations []GithubAppInstallation `json:"githubAppInstallations" gorm:"foreignKey:OrgID;"`
GitLabIntegrations []GitLabIntegration `json:"gitLabIntegrations" gorm:"foreignKey:OrgID;"`
JiraIntegrations []JiraIntegration `json:"jiraIntegrations" gorm:"foreignKey:OrgID;"`
Webhooks []WebhookIntegration `json:"webhooks" gorm:"foreignKey:OrgID;"`
IsPublic bool `json:"isPublic" gorm:"default:false;"`
ConfigFiles database.JSONB `json:"configFiles" gorm:"type:jsonb"`
Language string `json:"language" gorm:"type:text;size:2"`
ExternalEntityProviderID *string `json:"externalEntityProviderId" gorm:"unique;type:text"`
}
func (Org) IsExternalEntity ¶ added in v0.17.2
type PAT ¶
type PAT struct {
CreatedAt time.Time `json:"createdAt"`
UserID uuid.UUID `json:"userId"`
PubKey string `json:"pubKey"`
Description string `json:"description" gorm:"type:text"`
ID uuid.UUID `json:"id" gorm:"type:uuid;default:gen_random_uuid()"`
Fingerprint string `json:"fingerprint"`
LastUsedAt *time.Time `json:"lastUsedAt" gorm:"default:null"`
Scopes string `json:"scopes" gorm:"type:text"` // whitespace separated scopes manage-project read-project scan-asset manage-all
}
type Policy ¶ added in v0.17.2
type Policy struct {
ID uuid.UUID `json:"id" gorm:"type:uuid;primaryKey;default:gen_random_uuid()"`
Rego string `json:"rego"`
Title string `json:"title"`
PredicateType string `json:"predicateType"`
Description string `json:"description"`
OrganizationID *uuid.UUID `json:"organizationId"` // will be null for global policies
Organization *Org `json:"organization" gorm:"foreignKey:OrganizationID;references:ID;constraint:OnDelete:CASCADE;"`
OpaqueID *string `json:"opaqueId" gorm:"unique"` // only used by global policies maintained by the community and migrated by the system
Projects []Project `json:"projects" gorm:"many2many:project_enabled_policies;constraint:OnDelete:CASCADE;"`
}
type Project ¶
type Project struct {
Model
Name string `json:"name" gorm:"type:text"`
Avatar *string `json:"avatar" gorm:"type:text"`
Assets []Asset `json:"assets" gorm:"foreignKey:ProjectID;"`
OrganizationID uuid.UUID `json:"organizationId" gorm:"uniqueIndex:idx_project_org_slug;not null;type:uuid"`
Organization Org `json:"organization" gorm:"foreignKey:OrganizationID;references:ID;constraint:OnDelete:CASCADE;"`
Slug string `json:"slug" gorm:"type:text;uniqueIndex:idx_project_org_slug;not null"`
Description string `json:"description" gorm:"type:text"`
IsPublic bool `json:"isPublic" gorm:"default:false;"`
Children []Project `json:"-" gorm:"foreignKey:ParentID;constraint:OnDelete:CASCADE;"` // allowing nested projects
ParentID *uuid.UUID `json:"parentId" gorm:"type:uuid;"`
Parent *Project `json:"parent" gorm:"foreignKey:ParentID;constraint:OnDelete:CASCADE;"`
Type ProjectType `json:"type" gorm:"type:text;default:'default';"`
RepositoryID *string `json:"repositoryId" gorm:"type:text;"` // the id will be prefixed with the provider name, e.g. github:<github app installation id>:123456
RepositoryName *string `json:"repositoryName" gorm:"type:text;"`
ConfigFiles database.JSONB `json:"configFiles" gorm:"type:jsonb"`
EnabledPolicies []Policy `json:"enabledPolicies" gorm:"many2many:project_enabled_policies;constraint:OnDelete:CASCADE;"`
ExternalEntityID *string `json:"externalEntityId" gorm:"uniqueIndex:unique_external_entity;"`
ExternalEntityProviderID *string `json:"externalEntityProviderId" gorm:"uniqueIndex:unique_external_entity;"`
ExternalEntityParentID *string `json:"externalEntityProviderParentId" gorm:"type:text;"`
Webhooks []WebhookIntegration `json:"webhooks" gorm:"foreignKey:ProjectID;"`
}
func (Project) IsExternalEntity ¶ added in v0.17.2
type ProjectRiskHistory ¶ added in v0.5.14
type ProjectRiskHistory struct {
Distribution
History
ProjectID uuid.UUID `json:"id" gorm:"primaryKey;type:uuid"`
}
func (ProjectRiskHistory) TableName ¶ added in v0.5.14
func (m ProjectRiskHistory) TableName() string
type ProjectType ¶ added in v0.5.15
type ProjectType string
const ( ProjectTypeDefault ProjectType = "default" ProjectTypeKubernetesNamespace ProjectType = "kubernetesNamespace" ProjectTypeKubernetesCluster ProjectType = "kubernetesCluster" )
type Release ¶ added in v0.17.2
type Release struct {
ID uuid.UUID `gorm:"primarykey;type:uuid;default:gen_random_uuid()" json:"id"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
Name string `json:"name" gorm:"not null;type:text;"`
ProjectID uuid.UUID `json:"projectId" gorm:"index;type:uuid"`
Project Project `json:"project" gorm:"foreignKey:ProjectID;references:ID;constraint:OnDelete:CASCADE;"`
// parent → children
Items []ReleaseItem `json:"items" gorm:"foreignKey:ReleaseID;constraint:OnDelete:CASCADE;"`
// back reference → where this release is included as a child
ParentItems []ReleaseItem `json:"parentItems" gorm:"foreignKey:ChildReleaseID;constraint:OnDelete:CASCADE;"`
}
type ReleaseItem ¶ added in v0.17.2
type ReleaseItem struct {
ID uuid.UUID `gorm:"primarykey;type:uuid;default:gen_random_uuid()"`
ReleaseID uuid.UUID `gorm:"index;type:uuid"` // parent release
Release Release `gorm:"foreignKey:ReleaseID;constraint:OnDelete:CASCADE;"`
ChildReleaseID *uuid.UUID `gorm:"index;type:uuid"`
ChildRelease *Release `gorm:"foreignKey:ChildReleaseID;references:ID;constraint:OnDelete:CASCADE;"`
// composite foreign key to artifacts (ArtifactName, AssetVersionName, AssetID)
ArtifactName *string `gorm:"index;type:text"`
AssetVersionName *string `gorm:"index;type:text"`
AssetID *uuid.UUID `gorm:"index;type:uuid"`
Artifact *Artifact `` /* 133-byte string literal not displayed */
}
type RequirementLevel ¶
type RequirementLevel string
const ( RequirementLevelLow RequirementLevel = "low" RequirementLevelMedium RequirementLevel = "medium" RequirementLevelHigh RequirementLevel = "high" )
type ScannerInformation ¶ added in v0.17.2
type SnippetContent ¶ added in v0.17.2
type SnippetContents ¶ added in v0.17.2
type SnippetContents struct {
Snippets []SnippetContent `json:"snippets"`
}
type SupplyChain ¶ added in v0.5.14
type SupplyChain struct {
SupplyChainID string `json:"supplyChainId" gorm:"column:supply_chain_id;primaryKey"`
Verified bool `json:"verified" gorm:"column:verified"`
SupplyChainOutputDigest string `json:"supplyChainOutputDigest" gorm:"column:supply_chain_output_digest"`
CreatedAt time.Time `json:"createdAt" gorm:"column:created_at"`
UpdatedAt time.Time `json:"updatedAt" gorm:"column:updated_at"`
AssetVersion AssetVersion `json:"assetVersion" gorm:"foreignKey:AssetVersionName,AssetID;references:Name,AssetID;OnDelete:CASCADE;"`
AssetVersionName string `json:"assetVersionName" gorm:"column:asset_version_name;"`
AssetID uuid.UUID `json:"assetId" gorm:"column:asset_id;"`
}
func (SupplyChain) TableName ¶ added in v0.5.14
func (SupplyChain) TableName() string
type Vuln ¶ added in v0.17.2
type Vuln interface {
SetState(state VulnState)
GetState() VulnState
SetRawRiskAssessment(risk float64)
SetRiskRecalculatedAt(time.Time)
GetRawRiskAssessment() float64
GetAssetVersionName() string
GetAssetID() uuid.UUID
GetID() string
TableName() string
AddScannerID(scannerID string)
RemoveScannerID(scannerID string)
GetScannerIDsOrArtifactNames() string
GetType() VulnType
SetTicketID(ticketID string)
SetTicketURL(ticketURL string)
SetManualTicketCreation(manualTicketCreation bool)
GetArtifacts() []Artifact
GetTicketID() *string
GetTicketURL() *string
GetManualTicketCreation() bool
}
type VulnEvent ¶ added in v0.17.2
type VulnEvent struct {
Model
Type VulnEventType `json:"type" gorm:"type:text"`
VulnID string `json:"vulnId"`
VulnType VulnType `json:"vulnType" gorm:"type:text;not null;default:'dependencyVuln'"`
UserID string `json:"userId"`
Justification *string `json:"justification" gorm:"type:text;"`
MechanicalJustification MechanicalJustificationType `json:"mechanicalJustification" gorm:"type:text;"`
ArbitraryJSONData string `json:"arbitraryJSONData" gorm:"type:text;"`
OriginalAssetVersionName *string `json:"originalAssetVersionName" gorm:"column:original_asset_version_name;type:text;default:null;"`
// contains filtered or unexported fields
}
func NewAcceptedEvent ¶ added in v0.5.1
func NewCommentEvent ¶ added in v0.5.1
func NewDetectedEvent ¶
func NewFalsePositiveEvent ¶ added in v0.5.1
func NewFixedEvent ¶
func NewLicenseDecisionEvent ¶ added in v0.17.2
func NewMitigateEvent ¶ added in v0.5.1
func NewReopenedEvent ¶ added in v0.5.1
func (*VulnEvent) GetArbitraryJSONData ¶ added in v0.17.2
func (*VulnEvent) SetArbitraryJSONData ¶ added in v0.17.2
type VulnEventDetail ¶ added in v0.17.2
type VulnEventType ¶ added in v0.17.2
type VulnEventType string
const ( // Manual Events (Events that required User Interaction) (see asset_version_service.go @ getDatesForVulnerabilityEvent) EventTypeFixed VulnEventType = "fixed" EventTypeLicenseDecision VulnEventType = "licenseDecision" EventTypeReopened VulnEventType = "reopened" EventTypeAccepted VulnEventType = "accepted" EventTypeMitigate VulnEventType = "mitigate" EventTypeFalsePositive VulnEventType = "falsePositive" EventTypeMarkedForTransfer VulnEventType = "markedForTransfer" EventTypeComment VulnEventType = "comment" // Automated Events (Events that are triggered by automation's on the server) EventTypeDetected VulnEventType = "detected" // EventTypeRiskAssessmentUpdated VulnEventType = "riskAssessmentUpdated" EventTypeRawRiskAssessmentUpdated VulnEventType = "rawRiskAssessmentUpdated" )
type VulnInPackage ¶
type VulnState ¶ added in v0.17.2
type VulnState string
const ( VulnStateOpen VulnState = "open" VulnStateFixed VulnState = "fixed" // we did not find the dependencyVuln anymore in the last scan! VulnStateAccepted VulnState = "accepted" // like ignore VulnStateFalsePositive VulnState = "falsePositive" // we can use that for crowdsource vulnerability management. 27 People marked this as false positive and they have the same dependency tree - propably you are not either VulnStateMarkedForTransfer VulnState = "markedForTransfer" )
type Vulnerability ¶ added in v0.17.2
type Vulnerability struct {
ID string `json:"id" gorm:"primaryKey;not null;"`
AssetVersionName string `json:"assetVersionName" gorm:"not null;"`
AssetID uuid.UUID `json:"vulnAssetId" gorm:"not null;"`
AssetVersion AssetVersion `json:"assetVersion" gorm:"foreignKey:AssetVersionName,AssetID;references:Name,AssetID;constraint:OnDelete:CASCADE;"`
Message *string `json:"message"`
Events []VulnEvent `gorm:"foreignKey:VulnID;constraint:OnDelete:CASCADE,OnUpdate:CASCADE;" json:"events"`
State VulnState `json:"state" gorm:"default:'open';not null;type:text;"`
LastDetected time.Time `json:"lastDetected" gorm:"default:now();not null;"`
TicketID *string `json:"ticketId" gorm:"default:null;"` // might be set by integrations
TicketURL *string `json:"ticketUrl" gorm:"default:null;"`
ManualTicketCreation bool `json:"manualTicketCreation" gorm:"default:false;"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
}
func (*Vulnerability) AddScannerID ¶ added in v0.17.2
func (d *Vulnerability) AddScannerID(scannerID string)
func (*Vulnerability) GetAssetID ¶ added in v0.17.2
func (d *Vulnerability) GetAssetID() uuid.UUID
func (*Vulnerability) GetAssetVersionName ¶ added in v0.17.2
func (d *Vulnerability) GetAssetVersionName() string
func (*Vulnerability) GetID ¶ added in v0.17.2
func (d *Vulnerability) GetID() string
func (*Vulnerability) GetManualTicketCreation ¶ added in v0.17.2
func (d *Vulnerability) GetManualTicketCreation() bool
func (*Vulnerability) GetRawRiskAssessment ¶ added in v0.17.2
func (d *Vulnerability) GetRawRiskAssessment() float64
func (*Vulnerability) GetScannerIDsOrArtifactNames ¶ added in v0.17.2
func (d *Vulnerability) GetScannerIDsOrArtifactNames() string
TODO what should we return by dependency vulns? we need this for example by commonint.CreateNewVulnEventBasedOnComment function
func (*Vulnerability) GetState ¶ added in v0.17.2
func (d *Vulnerability) GetState() VulnState
func (*Vulnerability) GetTicketID ¶ added in v0.17.2
func (d *Vulnerability) GetTicketID() *string
func (*Vulnerability) GetTicketURL ¶ added in v0.17.2
func (d *Vulnerability) GetTicketURL() *string
func (*Vulnerability) RemoveScannerID ¶ added in v0.17.2
func (d *Vulnerability) RemoveScannerID(scannerID string)
func (*Vulnerability) SetManualTicketCreation ¶ added in v0.17.2
func (d *Vulnerability) SetManualTicketCreation(manualTicketCreation bool)
func (*Vulnerability) SetRawRiskAssessment ¶ added in v0.17.2
func (d *Vulnerability) SetRawRiskAssessment(risk float64)
func (*Vulnerability) SetRiskRecalculatedAt ¶ added in v0.17.2
func (d *Vulnerability) SetRiskRecalculatedAt(t time.Time)
func (*Vulnerability) SetState ¶ added in v0.17.2
func (d *Vulnerability) SetState(state VulnState)
func (*Vulnerability) SetTicketID ¶ added in v0.17.2
func (d *Vulnerability) SetTicketID(ticketID string)
func (*Vulnerability) SetTicketURL ¶ added in v0.17.2
func (d *Vulnerability) SetTicketURL(ticketURL string)
type Weakness ¶
type WebhookIntegration ¶ added in v0.17.2
type WebhookIntegration struct {
Model
Name *string `json:"name"`
Description *string `json:"description"`
URL string `json:"url" gorm:"column:url"`
Secret *string `json:"secret" gorm:"column:secret"`
SbomEnabled bool `json:"sbomEnabled" gorm:"column:sbom_enabled"`
VulnEnabled bool `json:"vulnEnabled" gorm:"column:vuln_enabled"`
Org Org `json:"org" gorm:"foreignKey:OrgID;constraint:OnDelete:CASCADE;"`
OrgID uuid.UUID `json:"orgId" gorm:"column:org_id"`
ProjectID *uuid.UUID `json:"projectId" gorm:"column:project_id;nullable"`
Project *Project `json:"project" gorm:"foreignKey:ProjectID;constraint:OnDelete:CASCADE;"`
}
func (WebhookIntegration) TableName ¶ added in v0.17.2
func (WebhookIntegration) TableName() string
Source Files
¶
- affected_component_model.go
- artifact_model.go
- asset_model.go
- asset_version_model.go
- attestation_model.go
- comment_model.go
- component_model.go
- config_model.go
- cve_model.go
- cwe_model.go
- dependency_vuln_model.go
- exploit_model.go
- first_party_vuln_model.go
- github_model.go
- gitlab_model.go
- hash_migration.go
- intoto_link_model.go
- invitation_model.go
- jira_model.go
- license_risk_model.go
- mitigation_model.go
- model.go
- org_model.go
- pat_model.go
- policy_model.go
- project_model.go
- release_model.go
- statistic_model.go
- supply_chain_model.go
- vulnerability_model.go
- vulnevent_model.go
- webhook_model.go
Click to show internal directories.
Click to hide internal directories.