vuln

package
v0.18.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 18, 2025 License: AGPL-3.0 Imports: 20 Imported by: 0

Documentation

Overview

TODO: rename the package name to vuln

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IsConnectedToThirdPartyIntegration 

func IsConnectedToThirdPartyIntegration(asset models.Asset) bool

func NewFirstPartyVulnController 

func NewFirstPartyVulnController(firstPartyVulnRepository core.FirstPartyVulnRepository, firstPartyVulnService core.FirstPartyVulnService, projectService core.ProjectService) *firstPartyVulnController

func NewFirstPartyVulnService 

func NewFirstPartyVulnService(firstPartyVulnRepository core.FirstPartyVulnRepository, vulnEventRepository core.VulnEventRepository, assetRepository core.AssetRepository, thirdPartyIntegration core.ThirdPartyIntegration) *firstPartyVulnService

func NewHTTPController 

func NewHTTPController(dependencyVulnRepository core.DependencyVulnRepository, dependencyVulnService core.DependencyVulnService, projectService core.ProjectService, statisticsService core.StatisticsService) *dependencyVulnHTTPController

func NewService 

func NewService(dependencyVulnRepository core.DependencyVulnRepository, vulnEventRepository core.VulnEventRepository, assetRepository core.AssetRepository, cveRepository core.CveRepository, orgRepository core.OrganizationRepository, projectRepository core.ProjectRepository, thirdPartyIntegration core.ThirdPartyIntegration, assetVersionRepository core.AssetVersionRepository) *service

func ShouldCreateIssues 

func ShouldCreateIssues(assetVersion models.AssetVersion) bool

func ShouldCreateThisIssue 

func ShouldCreateThisIssue(asset models.Asset, dependencyVuln *models.DependencyVuln) bool

Types

type DependencyVulnDTO 

type DependencyVulnDTO struct {
	ID                    string            `json:"id"`
	Message               *string           `json:"message"`
	AssetVersionName      string            `json:"assetVersionId"`
	AssetID               string            `json:"assetId"`
	State                 models.VulnState  `json:"state"`
	CVE                   *models.CVE       `json:"cve"`
	CVEID                 *string           `json:"cveID"`
	ComponentPurl         *string           `json:"componentPurl"`
	ComponentDepth        *int              `json:"componentDepth"`
	ComponentFixedVersion *string           `json:"componentFixedVersion"`
	Effort                *int              `json:"effort"`
	RiskAssessment        *int              `json:"riskAssessment"`
	RawRiskAssessment     *float64          `json:"rawRiskAssessment"`
	Priority              *int              `json:"priority"`
	LastDetected          time.Time         `json:"lastDetected"`
	CreatedAt             time.Time         `json:"createdAt"`
	TicketID              *string           `json:"ticketId"`
	TicketURL             *string           `json:"ticketUrl"`
	ManualTicketCreation  bool              `json:"manualTicketCreation"`
	Artifacts             []models.Artifact `json:"artifacts"`

	RiskRecalculatedAt time.Time `json:"riskRecalculatedAt"`
}

func DependencyVulnToDto 

func DependencyVulnToDto(f models.DependencyVuln) DependencyVulnDTO

type DependencyVulnStatus 

type DependencyVulnStatus struct {
	StatusType              string                             `json:"status"`
	Justification           string                             `json:"justification"`
	MechanicalJustification models.MechanicalJustificationType `json:"mechanicalJustification"`
}

type ExpectedIssueState 

type ExpectedIssueState string
const (
	ExpectedIssueStateOpen   ExpectedIssueState = "open"
	ExpectedIssueStateClosed ExpectedIssueState = "closed"
)

func GetExpectedIssueState 

func GetExpectedIssueState(asset models.Asset, dependencyVuln *models.DependencyVuln) ExpectedIssueState

func GetExpectedIssueStateForFirstPartyVuln 

func GetExpectedIssueStateForFirstPartyVuln(asset models.Asset, firstPartyVuln *models.FirstPartyVuln) ExpectedIssueState

func (ExpectedIssueState) ToGithub 

func (e ExpectedIssueState) ToGithub() string

func (ExpectedIssueState) ToGitlab 

func (e ExpectedIssueState) ToGitlab() string

type FirstPartyVulnDTO 

type FirstPartyVulnDTO struct {
	ID                   string                  `json:"id"`
	ScannerIDs           string                  `json:"scannerIds"`
	Message              *string                 `json:"message"`
	AssetVersionName     string                  `json:"assetVersionName"`
	AssetID              string                  `json:"assetId"`
	State                models.VulnState        `json:"state"`
	RuleID               string                  `json:"ruleId"`
	URI                  string                  `json:"uri"`
	SnippetContents      []models.SnippetContent `json:"snippetContents"`
	CreatedAt            time.Time               `json:"createdAt"`
	TicketID             *string                 `json:"ticketId"`
	TicketURL            *string                 `json:"ticketUrl"`
	ManualTicketCreation bool                    `json:"manualTicketCreation"`
	Commit               string                  `json:"commit"`
	Email                string                  `json:"email"`
	Author               string                  `json:"author"`
	Date                 string                  `json:"date"`

	RuleName        string         `json:"ruleName"`
	RuleHelp        string         `json:"ruleHelp"`
	RuleHelpURI     string         `json:"ruleHelpURI"`
	RuleDescription string         `json:"ruleDescription"`
	RuleProperties  map[string]any `json:"ruleProperties"`
}

func FirstPartyVulnToDto 

func FirstPartyVulnToDto(f models.FirstPartyVuln) FirstPartyVulnDTO

type FirstPartyVulnStatus 

type FirstPartyVulnStatus struct {
	StatusType              string                             `json:"status"`
	Justification           string                             `json:"justification"`
	MechanicalJustification models.MechanicalJustificationType `json:"mechanicalJustification"`
}

type LicenseRiskController 

type LicenseRiskController struct {
	// contains filtered or unexported fields
}

func NewLicenseRiskController 

func NewLicenseRiskController(licenseOverwriteRepository core.LicenseRiskRepository, LicenseRiskService core.LicenseRiskService) *LicenseRiskController

func (LicenseRiskController) Create 

func (controller LicenseRiskController) Create(ctx core.Context) error

func (LicenseRiskController) CreateEvent 

func (controller LicenseRiskController) CreateEvent(ctx core.Context) error

func (LicenseRiskController) GetComponentOverwriteForAssetVersion 

func (controller LicenseRiskController) GetComponentOverwriteForAssetVersion(assetID uuid.UUID, assetVersionName string, pURL string) (models.LicenseRisk, error)

func (LicenseRiskController) ListPaged 

func (controller LicenseRiskController) ListPaged(ctx core.Context) error

func (LicenseRiskController) MakeFinalLicenseDecision 

func (controller LicenseRiskController) MakeFinalLicenseDecision(ctx core.Context) error

func (LicenseRiskController) Mitigate 

func (controller LicenseRiskController) Mitigate(ctx core.Context) error

func (LicenseRiskController) Read 

func (controller LicenseRiskController) Read(ctx core.Context) error

type LicenseRiskDTO 

type LicenseRiskDTO struct {
	ID                   string           `json:"id"`
	Message              *string          `json:"message"`
	AssetVersionName     string           `json:"assetVersionName"`
	AssetID              string           `json:"assetId"`
	State                models.VulnState `json:"state"`
	CreatedAt            time.Time        `json:"createdAt"`
	TicketID             *string          `json:"ticketId"`
	TicketURL            *string          `json:"ticketUrl"`
	ManualTicketCreation bool             `json:"manualTicketCreation"`

	FinalLicenseDecision *string `json:"finalLicenseDecision"`
	ComponentPurl        string  `json:"componentPurl"`

	Component models.Component  `json:"component"`
	Artifacts []models.Artifact `json:"artifacts"`
}

func LicenseRiskToDto 

func LicenseRiskToDto(f models.LicenseRisk) LicenseRiskDTO

type LicenseRiskService 

type LicenseRiskService struct {
	// contains filtered or unexported fields
}

func NewLicenseRiskService 

func NewLicenseRiskService(licenseRiskRepository core.LicenseRiskRepository, vulnEventRepository core.VulnEventRepository) *LicenseRiskService

func (*LicenseRiskService) FindLicenseRisksInComponents 

func (s *LicenseRiskService) FindLicenseRisksInComponents(assetVersion models.AssetVersion, components []models.Component, artifactName string) error

func (*LicenseRiskService) MakeFinalLicenseDecision 

func (s *LicenseRiskService) MakeFinalLicenseDecision(vulnID, finalLicense, justification, userID string) error

func (*LicenseRiskService) UpdateLicenseRiskState 

func (s *LicenseRiskService) UpdateLicenseRiskState(tx core.DB, userID string, licenseRisk *models.LicenseRisk, statusType string, justification string, mechanicalJustification models.MechanicalJustificationType) (models.VulnEvent, error)

func (*LicenseRiskService) UserDetectedExistingLicenseRiskOnDifferentBranch 

func (s *LicenseRiskService) UserDetectedExistingLicenseRiskOnDifferentBranch(tx core.DB, artifactName string, licenseRisks []models.LicenseRisk, alreadyExistingEvents [][]models.VulnEvent, assetVersion models.AssetVersion, asset models.Asset) error

func (*LicenseRiskService) UserDetectedLicenseRiskInAnotherArtifact 

func (s *LicenseRiskService) UserDetectedLicenseRiskInAnotherArtifact(tx core.DB, licenseRisks []models.LicenseRisk, artifactName string) error

Helper: ensure existing license risks are associated with another artifact (insert join rows)

func (*LicenseRiskService) UserDetectedLicenseRisks 

func (s *LicenseRiskService) UserDetectedLicenseRisks(tx core.DB, assetID uuid.UUID, assetVersionName, artifactName string, licenseRisks []models.LicenseRisk) error

Helper: create detected events for newly opened license risks and save them

func (*LicenseRiskService) UserDidNotDetectLicenseRiskInArtifactAnymore 

func (s *LicenseRiskService) UserDidNotDetectLicenseRiskInArtifactAnymore(tx core.DB, licenseRisks []models.LicenseRisk, artifactName string) error

func (*LicenseRiskService) UserFixedLicenseRisks 

func (s *LicenseRiskService) UserFixedLicenseRisks(tx core.DB, userID string, licenseRisks []models.LicenseRisk) error

the license risks were fixes BY REMOVING the component

func (*LicenseRiskService) UserFixedLicenseRisksByAutomaticRefresh 

func (s *LicenseRiskService) UserFixedLicenseRisksByAutomaticRefresh(tx core.DB, userID string, licenseRisks []licenseRiskWithNewLicense, artifactName string) error

type LicenseRiskStatus 

type LicenseRiskStatus struct {
	StatusType              string                             `json:"status"`
	Justification           string                             `json:"justification"`
	MechanicalJustification models.MechanicalJustificationType `json:"mechanicalJustification"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.