Documentation
¶
Overview ¶
Copyright (C) 2024 Tim Bastin, l3montree GmbH
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.
Index ¶
- Variables
- func BuildQualifierQuery(db *gorm.DB, qualifiers packageurl.Qualifiers, namespace string) *gorm.DB
- func BuildQueryBasedOnMatchContext(db *gorm.DB, ctx *normalize.PurlMatchContext) *gorm.DB
- func NewAffectedComponentRepository(db *gorm.DB) *affectedCmpRepository
- func NewArtifactRepository(db *gorm.DB, synchronizer utils.FireAndForgetSynchronizer) *artifactRepository
- func NewArtifactRiskHistoryRepository(db *gorm.DB) *artifactRiskHistoryRepository
- func NewAssetRepository(db *gorm.DB) *assetRepository
- func NewAssetVersionRepository(db *gorm.DB) *assetVersionRepository
- func NewAttestationRepository(db *gorm.DB) *attestationRepository
- func NewCVERepository(db *gorm.DB) *cveRepository
- func NewCWERepository(db *gorm.DB) *cweRepository
- func NewComponentProjectRepository(db *gorm.DB) *componentProjectRepository
- func NewComponentRepository(db *gorm.DB) *componentRepository
- func NewConfigRepository(db *gorm.DB) *configRepository
- func NewCveRelationshipRepository(db *gorm.DB) *cveRelationshipRepository
- func NewDependencyVulnRepository(db *gorm.DB) *dependencyVulnRepository
- func NewExploitRepository(db *gorm.DB) *exploitRepository
- func NewExternalReferenceRepository(db *gorm.DB) shared.ExternalReferenceRepository
- func NewExternalUserRepository(db *gorm.DB) *externalUserRepository
- func NewFirstPartyVulnerabilityRepository(db *gorm.DB) *firstPartyVulnerabilityRepository
- func NewGitLabIntegrationRepository(db *gorm.DB) *gitlabIntegrationRepository
- func NewGithubAppInstallationRepository(db *gorm.DB) *githubAppInstallationRepository
- func NewGitlabOauth2TokenRepository(db *gorm.DB) *gitlabOauth2TokenRepository
- func NewInTotoLinkRepository(db *gorm.DB) *inTotoLinkRepository
- func NewJiraIntegrationRepository(db *gorm.DB) *jiraIntegrationRepository
- func NewOrgRepository(db *gorm.DB) *orgRepository
- func NewPATRepository(db *gorm.DB) *gormPatRepository
- func NewPolicyRepository(db *gorm.DB) *policyRepository
- func NewProjectRepository(db *gorm.DB) *projectRepository
- func NewProjectRiskHistoryRepository(db *gorm.DB) *projectRiskHistoryRepository
- func NewReleaseRepository(db *gorm.DB) *releaseRepository
- func NewStatisticsRepository(db *gorm.DB) *statisticsRepository
- func NewSupplyChainRepository(db *gorm.DB) *supplyChainRepository
- func NewVEXRuleRepository(db *gorm.DB) *vexRuleRepository
- func NewVulnEventRepository(db *gorm.DB) *eventRepository
- func NewWebhookRepository(db *gorm.DB) *webhookRepository
- type AggregatedVulnRepository
- func (a AggregatedVulnRepository) ApplyAndSave(tx *gorm.DB, vuln models.Vuln, vulnEvent *models.VulnEvent) error
- func (a AggregatedVulnRepository) FindByTicketID(tx *gorm.DB, ticketID string) (models.Vuln, error)
- func (a AggregatedVulnRepository) GetOrgFromVuln(vuln models.Vuln) (models.Org, error)
- func (a AggregatedVulnRepository) Save(tx *gorm.DB, vuln *models.Vuln) error
- func (a AggregatedVulnRepository) Transaction(txFunc func(tx *gorm.DB) error) error
- type GormRepository
- func (g *GormRepository[ID, T]) Activate(tx *gorm.DB, id ID) error
- func (g *GormRepository[ID, T]) All() ([]T, error)
- func (g *GormRepository[ID, T]) Begin() *gorm.DB
- func (g *GormRepository[ID, T]) Create(tx *gorm.DB, t *T) error
- func (g *GormRepository[ID, T]) CreateBatch(tx *gorm.DB, ts []T) error
- func (g *GormRepository[ID, T]) Delete(tx *gorm.DB, id ID) error
- func (g *GormRepository[ID, T]) DeleteBatch(tx *gorm.DB, m []T) error
- func (g *GormRepository[ID, T]) GetDB(tx *gorm.DB) *gorm.DB
- func (g *GormRepository[ID, T]) List(ids []ID) ([]T, error)
- func (g *GormRepository[ID, T]) Read(id ID) (T, error)
- func (g *GormRepository[ID, T]) Save(tx *gorm.DB, t *T) error
- func (g *GormRepository[ID, T]) SaveBatch(tx *gorm.DB, ts []T) error
- func (g *GormRepository[ID, T]) SaveBatchBestEffort(tx *gorm.DB, ts []T) error
- func (g *GormRepository[ID, T]) Transaction(f func(tx *gorm.DB) error) error
- func (g *GormRepository[ID, T]) Upsert(t *[]*T, conflictingColumns []clause.Column, updateOnly []string) error
- type InvitationRepository
- type LicenseRiskRepository
- func (repository *LicenseRiskRepository) ApplyAndSave(tx *gorm.DB, licenseRisk *models.LicenseRisk, vulnEvent *models.VulnEvent) error
- func (repository *LicenseRiskRepository) DeleteByComponentPurl(assetID uuid.UUID, assetVersionName string, pURL packageurl.PackageURL) error
- func (repository *LicenseRiskRepository) GetAllLicenseRisksForAssetVersion(assetID uuid.UUID, assetVersionName string) ([]models.LicenseRisk, error)
- func (repository *LicenseRiskRepository) GetAllLicenseRisksForAssetVersionPaged(tx *gorm.DB, assetID uuid.UUID, assetVersionName string, ...) (shared.Paged[models.LicenseRisk], error)
- func (repository *LicenseRiskRepository) GetAllOverwrittenLicensesForAssetVersion(assetID uuid.UUID, assetVersionName string) ([]models.LicenseRisk, error)
- func (repository *LicenseRiskRepository) GetByAssetID(tx *gorm.DB, assetID uuid.UUID) ([]models.LicenseRisk, error)
- func (repository *LicenseRiskRepository) GetLicenseRisksByOtherAssetVersions(tx *gorm.DB, assetVersionName string, assetID uuid.UUID) ([]models.LicenseRisk, error)
- func (repository *LicenseRiskRepository) ListByArtifactName(assetVersionName string, assetID uuid.UUID, artifactName string) ([]models.LicenseRisk, error)
- func (repository *LicenseRiskRepository) MaybeGetLicenseOverwriteForComponent(assetID uuid.UUID, assetVersionName string, pURL packageurl.PackageURL) (models.LicenseRisk, error)
- func (repository *LicenseRiskRepository) Read(vulnID string) (models.LicenseRisk, error)
- type MaliciousPackageRepository
- func (r *MaliciousPackageRepository) BatchUpsertAffectedComponents(components []models.MaliciousAffectedComponent, batchSize int) error
- func (r *MaliciousPackageRepository) BatchUpsertPackages(packages []models.MaliciousPackage, batchSize int) error
- func (r *MaliciousPackageRepository) Count() (int64, error)
- func (r *MaliciousPackageRepository) CountByEcosystem() (map[string]int64, error)
- func (r *MaliciousPackageRepository) DeleteAll() error
- func (r *MaliciousPackageRepository) GetDB() *gorm.DB
- func (r *MaliciousPackageRepository) GetMaliciousAffectedComponents(purl packageurl.PackageURL) ([]models.MaliciousAffectedComponent, error)
- func (r *MaliciousPackageRepository) UpsertAffectedComponents(components []models.MaliciousAffectedComponent) error
- func (r *MaliciousPackageRepository) UpsertPackages(packages []models.MaliciousPackage) error
- type VulnStats
- type VulnerabilityRepository
- func (r *VulnerabilityRepository[T]) FindByTicketID(tx *gorm.DB, ticketID string) (T, error)
- func (r *VulnerabilityRepository[T]) GetAllByAssetIDAndState(tx *gorm.DB, assetID uuid.UUID, state dtos.VulnState, ...) ([]T, error)
- func (r *VulnerabilityRepository[T]) GetAllOpenVulnsByAssetVersionNameAndAssetID(tx *gorm.DB, assetVersionName string, assetID uuid.UUID) ([]T, error)
- func (r *VulnerabilityRepository[T]) GetAllVulnsByAssetID(tx *gorm.DB, assetID uuid.UUID) ([]T, error)
- func (r *VulnerabilityRepository[T]) GetByAssetID(tx *gorm.DB, assetID uuid.UUID) ([]T, error)
Constants ¶
This section is empty.
Variables ¶
View Source
var CleanupOrphanedRecordsSQL = `` /* 1696-byte string literal not displayed */
View Source
var Module = fx.Options( fx.Provide(fx.Annotate(NewPATRepository, fx.As(new(shared.PersonalAccessTokenRepository)))), fx.Provide(fx.Annotate(NewAssetRepository, fx.As(new(shared.AssetRepository)))), fx.Provide(fx.Annotate(NewArtifactRiskHistoryRepository, fx.As(new(shared.ArtifactRiskHistoryRepository)))), fx.Provide(fx.Annotate(NewAssetVersionRepository, fx.As(new(shared.AssetVersionRepository)))), fx.Provide(fx.Annotate(NewStatisticsRepository, fx.As(new(shared.StatisticsRepository)))), fx.Provide(fx.Annotate(NewReleaseRepository, fx.As(new(shared.ReleaseRepository)))), fx.Provide(fx.Annotate(NewProjectRepository, fx.As(new(shared.ProjectRepository)))), fx.Provide(fx.Annotate(NewComponentRepository, fx.As(new(shared.ComponentRepository)))), fx.Provide(fx.Annotate(NewVulnEventRepository, fx.As(new(shared.VulnEventRepository)))), fx.Provide(fx.Annotate(NewOrgRepository, fx.As(new(shared.OrganizationRepository)))), fx.Provide(fx.Annotate(NewCVERepository, fx.As(new(shared.CveRepository)))), fx.Provide(fx.Annotate(NewCWERepository, fx.As(new(shared.CweRepository)))), fx.Provide(fx.Annotate(NewExploitRepository, fx.As(new(shared.ExploitRepository)))), fx.Provide(fx.Annotate(NewAffectedComponentRepository, fx.As(new(shared.AffectedComponentRepository)))), fx.Provide(fx.Annotate(NewDependencyVulnRepository, fx.As(new(shared.DependencyVulnRepository)))), fx.Provide(fx.Annotate(NewFirstPartyVulnerabilityRepository, fx.As(new(shared.FirstPartyVulnRepository)))), fx.Provide(fx.Annotate(NewInTotoLinkRepository, fx.As(new(shared.InTotoLinkRepository)))), fx.Provide(fx.Annotate(NewSupplyChainRepository, fx.As(new(shared.SupplyChainRepository)))), fx.Provide(fx.Annotate(NewAttestationRepository, fx.As(new(shared.AttestationRepository)))), fx.Provide(fx.Annotate(NewPolicyRepository, fx.As(new(shared.PolicyRepository)))), fx.Provide(fx.Annotate(NewLicenseRiskRepository, fx.As(new(shared.LicenseRiskRepository)))), fx.Provide(fx.Annotate(NewWebhookRepository, fx.As(new(shared.WebhookIntegrationRepository)))), fx.Provide(fx.Annotate(NewArtifactRepository, fx.As(new(shared.ArtifactRepository)))), fx.Provide(fx.Annotate(NewInvitationRepository, fx.As(new(shared.InvitationRepository)))), fx.Provide(fx.Annotate(NewExternalUserRepository, fx.As(new(shared.ExternalUserRepository)))), fx.Provide(fx.Annotate(NewComponentProjectRepository, fx.As(new(shared.ComponentProjectRepository)))), fx.Provide(fx.Annotate(NewGitLabIntegrationRepository, fx.As(new(shared.GitlabIntegrationRepository)))), fx.Provide(fx.Annotate(NewGitlabOauth2TokenRepository, fx.As(new(shared.GitLabOauth2TokenRepository)))), fx.Provide(fx.Annotate(NewAggregatedVulnRepository, fx.As(new(shared.VulnRepository)))), fx.Provide(fx.Annotate(NewGithubAppInstallationRepository, fx.As(new(shared.GithubAppInstallationRepository)))), fx.Provide(fx.Annotate(NewJiraIntegrationRepository, fx.As(new(shared.JiraIntegrationRepository)))), fx.Provide(fx.Annotate(NewCveRelationshipRepository, fx.As(new(shared.CVERelationshipRepository)))), fx.Provide(fx.Annotate(NewVEXRuleRepository, fx.As(new(shared.VEXRuleRepository)))), fx.Provide(fx.Annotate(NewExternalReferenceRepository, fx.As(new(shared.ExternalReferenceRepository)))), )
Module provides all repository constructors as their interfaces
Functions ¶
func BuildQualifierQuery ¶
func BuildQualifierQuery(db *gorm.DB, qualifiers packageurl.Qualifiers, namespace string) *gorm.DB
BuildQualifierQuery creates the database query for qualifier matching
func NewArtifactRepository ¶
func NewArtifactRepository(db *gorm.DB, synchronizer utils.FireAndForgetSynchronizer) *artifactRepository
func NewAssetRepository ¶
func NewCVERepository ¶
func NewCWERepository ¶
func NewComponentRepository ¶
func NewConfigRepository ¶
func NewExploitRepository ¶
func NewExternalReferenceRepository ¶
func NewExternalReferenceRepository(db *gorm.DB) shared.ExternalReferenceRepository
func NewInTotoLinkRepository ¶
func NewOrgRepository ¶
func NewPATRepository ¶
func NewPolicyRepository ¶
func NewProjectRepository ¶
func NewReleaseRepository ¶
func NewStatisticsRepository ¶
func NewVEXRuleRepository ¶
func NewVulnEventRepository ¶
func NewWebhookRepository ¶
Types ¶
type AggregatedVulnRepository ¶
type AggregatedVulnRepository struct {
// contains filtered or unexported fields
}
func NewAggregatedVulnRepository ¶
func NewAggregatedVulnRepository(db *gorm.DB) *AggregatedVulnRepository
func (AggregatedVulnRepository) ApplyAndSave ¶
func (AggregatedVulnRepository) FindByTicketID ¶
func (AggregatedVulnRepository) GetOrgFromVuln ¶
func (AggregatedVulnRepository) Transaction ¶
func (a AggregatedVulnRepository) Transaction(txFunc func(tx *gorm.DB) error) error
type GormRepository ¶
type GormRepository[ID comparable, T utils.Tabler] struct { // contains filtered or unexported fields }
func (*GormRepository[ID, T]) Activate ¶
func (g *GormRepository[ID, T]) Activate(tx *gorm.DB, id ID) error
func (*GormRepository[ID, T]) All ¶
func (g *GormRepository[ID, T]) All() ([]T, error)
func (*GormRepository[ID, T]) Begin ¶
func (g *GormRepository[ID, T]) Begin() *gorm.DB
func (*GormRepository[ID, T]) Create ¶
func (g *GormRepository[ID, T]) Create(tx *gorm.DB, t *T) error
func (*GormRepository[ID, T]) CreateBatch ¶
func (g *GormRepository[ID, T]) CreateBatch(tx *gorm.DB, ts []T) error
func (*GormRepository[ID, T]) Delete ¶
func (g *GormRepository[ID, T]) Delete(tx *gorm.DB, id ID) error
func (*GormRepository[ID, T]) DeleteBatch ¶
func (g *GormRepository[ID, T]) DeleteBatch(tx *gorm.DB, m []T) error
func (*GormRepository[ID, T]) List ¶
func (g *GormRepository[ID, T]) List(ids []ID) ([]T, error)
func (*GormRepository[ID, T]) Read ¶
func (g *GormRepository[ID, T]) Read(id ID) (T, error)
func (*GormRepository[ID, T]) SaveBatch ¶
func (g *GormRepository[ID, T]) SaveBatch(tx *gorm.DB, ts []T) error
func (*GormRepository[ID, T]) SaveBatchBestEffort ¶
func (g *GormRepository[ID, T]) SaveBatchBestEffort( tx *gorm.DB, ts []T, ) error
func (*GormRepository[ID, T]) Transaction ¶
func (g *GormRepository[ID, T]) Transaction(f func(tx *gorm.DB) error) error
type InvitationRepository ¶
type InvitationRepository struct {
utils.Repository[uuid.UUID, models.Invitation, *gorm.DB]
// contains filtered or unexported fields
}
func NewInvitationRepository ¶
func NewInvitationRepository(db *gorm.DB) *InvitationRepository
func (*InvitationRepository) FindByCode ¶
func (g *InvitationRepository) FindByCode(code string) (models.Invitation, error)
func (*InvitationRepository) Save ¶
func (g *InvitationRepository) Save(db *gorm.DB, invitation *models.Invitation) error
type LicenseRiskRepository ¶
type LicenseRiskRepository struct {
utils.Repository[string, models.LicenseRisk, *gorm.DB]
// contains filtered or unexported fields
}
func NewLicenseRiskRepository ¶
func NewLicenseRiskRepository(db *gorm.DB) *LicenseRiskRepository
func (*LicenseRiskRepository) ApplyAndSave ¶
func (repository *LicenseRiskRepository) ApplyAndSave(tx *gorm.DB, licenseRisk *models.LicenseRisk, vulnEvent *models.VulnEvent) error
func (*LicenseRiskRepository) DeleteByComponentPurl ¶
func (repository *LicenseRiskRepository) DeleteByComponentPurl(assetID uuid.UUID, assetVersionName string, pURL packageurl.PackageURL) error
func (*LicenseRiskRepository) GetAllLicenseRisksForAssetVersion ¶
func (repository *LicenseRiskRepository) GetAllLicenseRisksForAssetVersion(assetID uuid.UUID, assetVersionName string) ([]models.LicenseRisk, error)
func (*LicenseRiskRepository) GetAllLicenseRisksForAssetVersionPaged ¶
func (*LicenseRiskRepository) GetAllOverwrittenLicensesForAssetVersion ¶
func (repository *LicenseRiskRepository) GetAllOverwrittenLicensesForAssetVersion(assetID uuid.UUID, assetVersionName string) ([]models.LicenseRisk, error)
func (*LicenseRiskRepository) GetByAssetID ¶
func (repository *LicenseRiskRepository) GetByAssetID(tx *gorm.DB, assetID uuid.UUID) ([]models.LicenseRisk, error)
func (*LicenseRiskRepository) GetLicenseRisksByOtherAssetVersions ¶
func (repository *LicenseRiskRepository) GetLicenseRisksByOtherAssetVersions(tx *gorm.DB, assetVersionName string, assetID uuid.UUID) ([]models.LicenseRisk, error)
func (*LicenseRiskRepository) ListByArtifactName ¶
func (repository *LicenseRiskRepository) ListByArtifactName(assetVersionName string, assetID uuid.UUID, artifactName string) ([]models.LicenseRisk, error)
func (*LicenseRiskRepository) MaybeGetLicenseOverwriteForComponent ¶
func (repository *LicenseRiskRepository) MaybeGetLicenseOverwriteForComponent(assetID uuid.UUID, assetVersionName string, pURL packageurl.PackageURL) (models.LicenseRisk, error)
func (*LicenseRiskRepository) Read ¶
func (repository *LicenseRiskRepository) Read(vulnID string) (models.LicenseRisk, error)
type MaliciousPackageRepository ¶
type MaliciousPackageRepository struct {
// contains filtered or unexported fields
}
func NewMaliciousPackageRepository ¶
func NewMaliciousPackageRepository(db *gorm.DB) *MaliciousPackageRepository
func (*MaliciousPackageRepository) BatchUpsertAffectedComponents ¶
func (r *MaliciousPackageRepository) BatchUpsertAffectedComponents(components []models.MaliciousAffectedComponent, batchSize int) error
func (*MaliciousPackageRepository) BatchUpsertPackages ¶
func (r *MaliciousPackageRepository) BatchUpsertPackages(packages []models.MaliciousPackage, batchSize int) error
BatchUpsert handles large batches by splitting them into chunks
func (*MaliciousPackageRepository) Count ¶
func (r *MaliciousPackageRepository) Count() (int64, error)
func (*MaliciousPackageRepository) CountByEcosystem ¶
func (r *MaliciousPackageRepository) CountByEcosystem() (map[string]int64, error)
func (*MaliciousPackageRepository) DeleteAll ¶
func (r *MaliciousPackageRepository) DeleteAll() error
func (*MaliciousPackageRepository) GetDB ¶
func (r *MaliciousPackageRepository) GetDB() *gorm.DB
func (*MaliciousPackageRepository) GetMaliciousAffectedComponents ¶
func (r *MaliciousPackageRepository) GetMaliciousAffectedComponents(purl packageurl.PackageURL) ([]models.MaliciousAffectedComponent, error)
GetMaliciousAffectedComponents finds malicious packages for a given purl (similar to GetAffectedComponents)
func (*MaliciousPackageRepository) UpsertAffectedComponents ¶
func (r *MaliciousPackageRepository) UpsertAffectedComponents(components []models.MaliciousAffectedComponent) error
func (*MaliciousPackageRepository) UpsertPackages ¶
func (r *MaliciousPackageRepository) UpsertPackages(packages []models.MaliciousPackage) error
type VulnerabilityRepository ¶
type VulnerabilityRepository[T utils.Tabler] struct { utils.Repository[string, T, *gorm.DB] // contains filtered or unexported fields }
func NewVulnerabilityRepository ¶
func NewVulnerabilityRepository[T utils.Tabler](db *gorm.DB) *VulnerabilityRepository[T]
func (*VulnerabilityRepository[T]) FindByTicketID ¶
func (r *VulnerabilityRepository[T]) FindByTicketID(tx *gorm.DB, ticketID string) (T, error)
func (*VulnerabilityRepository[T]) GetAllByAssetIDAndState ¶
func (*VulnerabilityRepository[T]) GetAllOpenVulnsByAssetVersionNameAndAssetID ¶
func (*VulnerabilityRepository[T]) GetAllVulnsByAssetID ¶
func (*VulnerabilityRepository[T]) GetByAssetID ¶
Source Files
¶
- affected_component_repository.go
- artifact_repository.go
- artifact_risk_history_repository.go
- asset_repository.go
- asset_version_repository.go
- attestation_repository.go
- component_project_repository.go
- component_repository.go
- config_repository.go
- cve_relationship_repository.go
- cve_repository.go
- cwe_repository.go
- dependency_vuln_repository.go
- exploit_repository.go
- external_reference_repository.go
- external_user_repository.go
- first_party_vuln_repository.go
- github_app_installation_repository.go
- gitlab_integration_repository.go
- gorm_repository.go
- intoto_link_repository.go
- invitation_repository.go
- jira_integration_repository.go
- license_risk_repository.go
- malicious_package_repository.go
- org_repository.go
- pat_repository.go
- policy_repository.go
- project_repository.go
- project_risk_history_repository.go
- providers.go
- purl_matcher.go
- release_repository.go
- slugs.go
- statistics_repository.go
- supply_chain_repository.go
- vex_rule_repository.go
- vulnerability_repository.go
- vulnevent_repository.go
- webhook_repository.go
Click to show internal directories.
Click to hide internal directories.