controllers

package
v1.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 17, 2026 License: AGPL-3.0 Imports: 63 Imported by: 0

Documentation

Overview

TODO: rename the package name to vuln

Index

Constants

This section is empty.

Variables

View Source 
var ControllerModule = fx.Options(

	fx.Provide(NewAdminController),

	fx.Provide(NewAssetController),
	fx.Provide(NewAssetVersionController),
	fx.Provide(NewArtifactController),
	fx.Provide(NewComponentController),

	fx.Provide(NewDependencyVulnController),
	fx.Provide(NewFirstPartyVulnController),
	fx.Provide(NewVulnEventController),
	fx.Provide(NewLicenseRiskController),
	fx.Provide(NewVEXRuleController),
	fx.Provide(NewExternalReferenceController),

	fx.Provide(NewOrganizationController),
	fx.Provide(NewProjectController),

	fx.Provide(NewCSAFController),
	fx.Provide(NewComplianceController),
	fx.Provide(NewAttestationController),
	fx.Provide(NewInToToController),
	fx.Provide(NewPolicyController),

	fx.Provide(NewIntegrationController),
	fx.Provide(NewVulnDBController),
	fx.Provide(NewWebhookController),

	fx.Provide(NewReleaseController),
	fx.Provide(NewStatisticsController),

	fx.Provide(NewPatController),
	fx.Provide(NewScanController),

	fx.Provide(ProvideDependencyProxyCache),
	fx.Provide(fx.Annotate(ProvideMaliciousPackageChecker, fx.As(new(shared.MaliciousPackageChecker)))),
	fx.Provide(dependencyfirewall.NewDependencyProxyController),
	fx.Provide(dependencyfirewall.NewNPMDependencyProxyController),
	fx.Provide(dependencyfirewall.NewGoDependencyProxyController),
	fx.Provide(dependencyfirewall.NewPythonDependencyProxyController),
	fx.Provide(dependencyfirewall.NewOCIDependencyProxyController),

	fx.Provide(NewCrowdsourcedVexingController),
)

ControllerModule provides all HTTP controller constructors

Functions

func FetchMembersOfProject 

func FetchMembersOfProject(ctx shared.Context) ([]dtos.UserDTO, error)

func ProvideDependencyProxyCache added in v1.3.0 

func ProvideDependencyProxyCache() dependencyfirewall.DependencyProxyCache

ProvideDependencyProxyCache creates the configuration for the dependency proxy

func ProvideMaliciousPackageChecker 

func ProvideMaliciousPackageChecker(
	db shared.DB,
	leaderElector shared.LeaderElector,
) *vulndb.MaliciousPackageChecker

ProvideMaliciousPackageChecker creates the malicious package checker

Types

type AdminController added in v1.6.1 

type AdminController struct {
	// contains filtered or unexported fields
}

func NewAdminController added in v1.6.1 

func NewAdminController(
	daemonRunner shared.DaemonRunner,
	adminService shared.AdminService,
	adminRepository shared.AdminRepository,
	statisticsService shared.StatisticsService,
	assetService shared.AssetService,
	configService shared.ConfigService,
) *AdminController

func (*AdminController) AddAdminToOrg added in v1.6.1 

func (controller *AdminController) AddAdminToOrg(ctx shared.Context) error

func (*AdminController) GetAdminsForExternalOrgs added in v1.6.1 

func (controller *AdminController) GetAdminsForExternalOrgs(ctx shared.Context) error

func (AdminController) GetInstanceSettings added in v1.6.1 

func (controller AdminController) GetInstanceSettings(ctx shared.Context) error

func (*AdminController) GetInstanceUsageStatistics added in v1.6.1 

func (controller *AdminController) GetInstanceUsageStatistics(ctx shared.Context) error

func (*AdminController) GetInstanceVulnStatistics added in v1.6.1 

func (controller *AdminController) GetInstanceVulnStatistics(ctx shared.Context) error

func (*AdminController) GetOrgInformation added in v1.6.1 

func (controller *AdminController) GetOrgInformation(ctx shared.Context) error

func (*AdminController) GetUserInformation added in v1.6.1 

func (controller *AdminController) GetUserInformation(ctx shared.Context) error

func (*AdminController) RevokeAdmin added in v1.6.1 

func (controller *AdminController) RevokeAdmin(ctx shared.Context) error

func (*AdminController) TriggerAssetPipelineAll added in v1.6.1 

func (controller *AdminController) TriggerAssetPipelineAll(ctx shared.Context) error

TriggerAssetPipelineAll runs the asset pipeline for every asset.

@Summary Trigger the asset pipeline for all assets @Description Runs the full asset pipeline (scan, sync, risk calculation, statistics) for every asset on this instance. Returns an SSE stream with log, done, and error events. Subject to a 5-minute cooldown. @Tags Admin Daemons @Security AdminSignedAuth @Produce text/event-stream @Success 200 {string} string "SSE stream (event: log | done | error)" @Failure 429 {object} echo.HTTPError "Cooldown not elapsed – try again later" @Router /admin/daemons/asset-pipeline-all/trigger [post]

func (*AdminController) TriggerAssetPipelineSingle added in v1.6.1 

func (controller *AdminController) TriggerAssetPipelineSingle(ctx shared.Context) error

TriggerAssetPipelineSingle runs the asset pipeline for a single asset.

@Summary Trigger the asset pipeline for a single asset @Description Runs the full asset pipeline for one asset identified by its UUID. Returns an SSE stream with log, done, and error events. Subject to a 5-minute cooldown per asset. @Tags Admin Daemons @Security AdminSignedAuth @Accept json @Produce text/event-stream @Param body body object true "Request body" example({"assetId":"550e8400-e29b-41d4-a716-446655440000"}) @Success 200 {string} string "SSE stream (event: log | done | error)" @Failure 400 {object} echo.HTTPError "Invalid or missing assetId" @Failure 429 {object} echo.HTTPError "Cooldown not elapsed – try again later" @Router /admin/daemons/asset-pipeline-single/trigger [post]

func (*AdminController) TriggerFixedVersions added in v1.6.1 

func (controller *AdminController) TriggerFixedVersions(ctx shared.Context) error

TriggerFixedVersions runs the fixed-versions daemon.

@Summary Trigger the Fixed Versions daemon @Description Updates known fixed versions for tracked vulnerabilities. Returns an SSE stream with log, done, and error events. Subject to a 5-minute cooldown. @Tags Admin Daemons @Security AdminSignedAuth @Produce text/event-stream @Success 200 {string} string "SSE stream (event: log | done | error)" @Failure 429 {object} echo.HTTPError "Cooldown not elapsed – try again later" @Router /admin/daemons/fixed-versions/trigger [post]

func (*AdminController) TriggerOpenSourceInsights added in v1.6.1 

func (controller *AdminController) TriggerOpenSourceInsights(ctx shared.Context) error

TriggerOpenSourceInsights runs the open-source-insights daemon.

@Summary Trigger the Open Source Insights daemon @Description Syncs open-source project metadata from deps.dev. Returns an SSE stream with log, done, and error events. Subject to a 5-minute cooldown (enforced across all API instances via the config DB). @Tags Admin Daemons @Security AdminSignedAuth @Produce text/event-stream @Success 200 {string} string "SSE stream (event: log | done | error)" @Failure 429 {object} echo.HTTPError "Cooldown not elapsed – try again later" @Router /admin/daemons/open-source-insights/trigger [post]

func (*AdminController) TriggerVulnDB added in v1.6.1 

func (controller *AdminController) TriggerVulnDB(ctx shared.Context) error

TriggerVulnDB runs the VulnDB import daemon.

@Summary Trigger the VulnDB import daemon @Description Runs an incremental VulnDB import from upstream diffs. Sets the vulndb.vulndb config timestamp at the start of processing. Returns an SSE stream with log, done, and error events. Subject to a 5-minute cooldown. @Tags Admin Daemons @Security AdminSignedAuth @Produce text/event-stream @Success 200 {string} string "SSE stream (event: log | done | error)" @Failure 429 {object} echo.HTTPError "Cooldown not elapsed – try again later" @Router /admin/daemons/vulndb/trigger [post]

func (*AdminController) UpdateAsset added in v1.6.1 

func (controller *AdminController) UpdateAsset(ctx shared.Context) error

func (AdminController) UpdateInstanceSettings added in v1.6.1 

func (controller AdminController) UpdateInstanceSettings(ctx shared.Context) error

type ArtifactController 

type ArtifactController struct {

	// mark public to let it be overridden in tests
	utils.FireAndForgetSynchronizer
	shared.ScanService
	// contains filtered or unexported fields
}

func NewArtifactController 

func NewArtifactController(artifactRepository shared.ArtifactRepository, artifactService shared.ArtifactService, assetVersionService shared.AssetVersionService, dependencyVulnService shared.DependencyVulnService, statisticsRepository shared.StatisticsRepository, statisticsService shared.StatisticsService, componentService shared.ComponentService, scanService shared.ScanService, synchronizer utils.FireAndForgetSynchronizer, dependencyVulnRepository shared.DependencyVulnRepository, vexRuleService shared.VEXRuleService, thirdPartyIntegration shared.IntegrationAggregate) *ArtifactController

func (*ArtifactController) BuildPDFFromSBOM 

func (c *ArtifactController) BuildPDFFromSBOM(ctx shared.Context) error

@Summary Get SBOM as PDF @Tags Artifacts @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName path string true "Artifact name" @Produce application/pdf @Success 200 {string} string "SBOM as PDF" @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/artifacts/{artifactName}/sbom.pdf/ [get]

func (*ArtifactController) BuildVulnerabilityReportPDF 

func (c *ArtifactController) BuildVulnerabilityReportPDF(ctx shared.Context) error

@Summary Get vulnerability report as PDF @Tags Artifacts @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName path string true "Artifact name" @Produce application/pdf @Success 200 {string} string "Vulnerability report as PDF" @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/artifacts/{artifactName}/vulnerability-report.pdf/ [get]

func (*ArtifactController) Create 

func (c *ArtifactController) Create(ctx shared.Context) error

@Summary Create artifact @Tags Artifacts @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param body body object true "Artifact data" @Success 201 {object} models.Artifact @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/artifacts/ [post]

func (*ArtifactController) DeleteArtifact 

func (c *ArtifactController) DeleteArtifact(ctx shared.Context) error

@Summary Delete artifact @Tags Artifacts @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName path string true "Artifact name" @Success 200 @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/artifacts/{artifactName}/ [delete]

func (*ArtifactController) OpenVEXJSON 

func (c *ArtifactController) OpenVEXJSON(ctx shared.Context) error

@Summary Get VEX in OpenVEX JSON format @Tags Artifacts @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName path string true "Artifact name" @Produce application/json @Success 200 {object} object "OpenVEX document in JSON format" @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/artifacts/{artifactName}/openvex.json/ [get]

func (*ArtifactController) SBOMJSON 

func (c *ArtifactController) SBOMJSON(ctx shared.Context) error

@Summary Get SBOM in JSON format @Tags Artifacts @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName path string true "Artifact name" @Produce application/json @Success 200 {object} object "CycloneDX BOM in JSON format" @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/artifacts/{artifactName}/sbom.json/ [get]

func (*ArtifactController) SBOMXML 

func (c *ArtifactController) SBOMXML(ctx shared.Context) error

@Summary Get SBOM in XML format @Tags Artifacts @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName path string true "Artifact name" @Produce application/xml @Success 200 {string} string "CycloneDX BOM in XML format" @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/artifacts/{artifactName}/sbom.xml/ [get]

func (*ArtifactController) UpdateArtifact 

func (c *ArtifactController) UpdateArtifact(ctx shared.Context) error

@Summary Update artifact @Tags Artifacts @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName path string true "Artifact name" @Param body body object true "Artifact data" @Success 200 {object} object @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/artifacts/{artifactName}/ [put]

func (*ArtifactController) VEXJSON 

func (c *ArtifactController) VEXJSON(ctx shared.Context) error

@Summary Get VEX in JSON format @Tags Artifacts @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName path string true "Artifact name" @Produce application/json @Success 200 {object} object "CycloneDX VEX in JSON format" @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/artifacts/{artifactName}/vex.json/ [get]

func (*ArtifactController) VEXXML 

func (c *ArtifactController) VEXXML(ctx shared.Context) error

@Summary Get VEX in XML format @Tags Artifacts @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName path string true "Artifact name" @Produce application/xml @Success 200 {string} string "CycloneDX VEX in XML format" @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/artifacts/{artifactName}/vex.xml/ [get]

type AssetController 

type AssetController struct {
	utils.FireAndForgetSynchronizer
	// contains filtered or unexported fields
}

func NewAssetController 

func NewAssetController(repository shared.AssetRepository, assetVersionRepository shared.AssetVersionRepository, artifactRiskHistoryRepository shared.ArtifactRiskHistoryRepository, assetService shared.AssetService, dependencyVulnService shared.DependencyVulnService, statisticsService shared.StatisticsService, thirdPartyIntegration shared.IntegrationAggregate, synchronizer utils.FireAndForgetSynchronizer, daemonRunner shared.DaemonRunner) *AssetController

func (*AssetController) AttachSigningKey 

func (a *AssetController) AttachSigningKey(ctx shared.Context) error

func (*AssetController) ChangeRole 

func (a *AssetController) ChangeRole(c shared.Context) error

func (*AssetController) Create 

func (a *AssetController) Create(ctx shared.Context) error

@Summary Create asset @Tags Assets @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param body body dtos.AssetCreateRequest true "Request body" @Success 200 {object} dtos.AssetDTO @Router /organizations/{organization}/projects/{projectSlug}/assets [post]

func (*AssetController) Delete 

func (a *AssetController) Delete(ctx shared.Context) error

@Summary Delete asset @Tags Assets @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Success 200 @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug} [delete]

func (*AssetController) GetBadges 

func (a *AssetController) GetBadges(ctx shared.Context) error

func (*AssetController) GetConfigFile 

func (a *AssetController) GetConfigFile(ctx shared.Context) error

@Summary Get asset config file @Tags Assets @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param config-file path string true "Config file ID" @Produce text/plain @Success 200 {string} string "Config file content" @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/config-files/{config-file}/ [get]

func (*AssetController) GetSecrets 

func (a *AssetController) GetSecrets(ctx shared.Context) error

func (*AssetController) HandleLookup 

func (a *AssetController) HandleLookup(ctx shared.Context) error

@Summary Lookup asset by provider @Tags Assets @Param provider query string true "Provider name" @Param id query string true "Repository ID" @Success 200 {object} dtos.LookupResponse @Router /lookup [get]

func (*AssetController) InviteMembers 

func (a *AssetController) InviteMembers(c shared.Context) error

func (*AssetController) List 

func (a *AssetController) List(ctx shared.Context) error

@Summary List assets @Tags Assets @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Success 200 {array} dtos.AssetDTO @Router /organizations/{organization}/projects/{projectSlug}/assets [get]

func (*AssetController) Members 

func (a *AssetController) Members(c shared.Context) error

func (*AssetController) Read 

func (a *AssetController) Read(ctx shared.Context) error

@Summary Get asset details @Tags Assets @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Success 200 {object} dtos.AssetDetailsDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug} [get]

func (*AssetController) RemoveMember 

func (a *AssetController) RemoveMember(c shared.Context) error

func (*AssetController) RunDaemonPipeline 

func (a *AssetController) RunDaemonPipeline(ctx shared.Context) error

func (*AssetController) Update 

func (a *AssetController) Update(ctx shared.Context) error

@Summary Update asset @Tags Assets @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param body body dtos.AssetPatchRequest true "Request body" @Success 200 {object} dtos.AssetDetailsDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug} [patch]

func (*AssetController) UpdateConfigFile added in v1.2.0 

func (a *AssetController) UpdateConfigFile(ctx shared.Context) error

@Summary Update asset config file @Tags Assets @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param config-file path string true "Config file ID" @Param body body string true "Config file content" @Produce text/plain @Success 200 {string} string "Updated config file content" @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/config-files/{config-file}/ [put]

type AssetVersionController 

type AssetVersionController struct {
	// contains filtered or unexported fields
}

func NewAssetVersionController 

func NewAssetVersionController(
	assetVersionRepository shared.AssetVersionRepository,
	assetVersionService shared.AssetVersionService,
	dependencyVulnRepository shared.DependencyVulnRepository,
	componentRepository shared.ComponentRepository,
	supplyChainRepository shared.SupplyChainRepository,
	componentService shared.ComponentService,
	statisticsService shared.StatisticsService,
	artifactService shared.ArtifactService,
	dependencyVulnService shared.DependencyVulnService,

) *AssetVersionController

func (*AssetVersionController) AffectedComponents 

func (a *AssetVersionController) AffectedComponents(ctx shared.Context) error

func (*AssetVersionController) Create 

func (a *AssetVersionController) Create(ctx shared.Context) error

@Summary Create asset version @Tags Asset Versions @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param body body object{name=string,tag=bool,defaultBranch=bool} true "Request body" @Success 201 {object} dtos.AssetVersionDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/ [post]

func (*AssetVersionController) Delete 

func (a *AssetVersionController) Delete(ctx shared.Context) error

@Summary Delete asset version @Tags Asset Versions @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Success 200 @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/ [delete]

func (*AssetVersionController) DependencyGraph 

func (a *AssetVersionController) DependencyGraph(ctx shared.Context) error

func (*AssetVersionController) GetAssetVersionsByAssetID 

func (a *AssetVersionController) GetAssetVersionsByAssetID(ctx shared.Context) error

@Summary List asset versions @Tags Asset Versions @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Success 200 {array} dtos.AssetVersionDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/ [get]

func (*AssetVersionController) GetDependencyPathFromPURL 

func (a *AssetVersionController) GetDependencyPathFromPURL(ctx shared.Context) error

function to return a graph of all dependencies which lead to the requested pURL

func (*AssetVersionController) ListArtifacts 

func (a *AssetVersionController) ListArtifacts(ctx shared.Context) error

func (*AssetVersionController) MakeDefault 

func (a *AssetVersionController) MakeDefault(ctx shared.Context) error

func (*AssetVersionController) Metrics 

func (a *AssetVersionController) Metrics(ctx shared.Context) error

@Summary Get asset version metrics @Tags Asset Versions @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName query string false "Artifact name" @Success 200 {object} object @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/metrics [get]

func (*AssetVersionController) Read 

func (a *AssetVersionController) Read(ctx shared.Context) error

@Summary Get asset version details @Tags Asset Versions @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Success 200 {object} dtos.AssetVersionDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/ [get]

func (*AssetVersionController) ReadRootNodes 

func (a *AssetVersionController) ReadRootNodes(ctx shared.Context) error

func (*AssetVersionController) RefetchLicenses 

func (a *AssetVersionController) RefetchLicenses(ctx shared.Context) error

RefetchLicenses forces re-fetching license information for all components of the current asset version

func (*AssetVersionController) SBOMJSON added in v1.2.0 

func (a *AssetVersionController) SBOMJSON(ctx shared.Context) error

func (*AssetVersionController) VEXJSON added in v1.2.0 

func (a *AssetVersionController) VEXJSON(ctx shared.Context) error

type AttestationController 

type AttestationController struct {
	// contains filtered or unexported fields
}

func NewAttestationController 

func NewAttestationController(repository shared.AttestationRepository, artifactRepository shared.ArtifactRepository) *AttestationController

func (*AttestationController) Create 

func (a *AttestationController) Create(ctx shared.Context) error

@Summary Create attestation @Tags Attestations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param body body object true "Attestation content" @Param X-Asset-Ref header string false "Asset version name" @Param X-Artifact-Name header string false "Artifact name" @Param X-Predicate-Type header string false "Predicate type" @Success 200 @Router /attestations [post]

func (*AttestationController) List 

func (a *AttestationController) List(ctx shared.Context) error

@Summary List attestations @Tags Attestations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Success 200 {array} models.Attestation @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/attestations [get]

type BatchDependencyVulnStatus 

type BatchDependencyVulnStatus struct {
	VulnIDs                 []uuid.UUID                      `json:"vulnIds"`
	StatusType              string                           `json:"status"`
	Justification           string                           `json:"justification"`
	MechanicalJustification dtos.MechanicalJustificationType `json:"mechanicalJustification"`
}

type CSAFController 

type CSAFController struct {
	// contains filtered or unexported fields
}

func NewCSAFController 

func NewCSAFController(csafService shared.CSAFService, dependencyVulnRepository shared.DependencyVulnRepository, dependencyVulnService shared.DependencyVulnService, vulnEventRepository shared.VulnEventRepository, assetVersionRepository shared.AssetVersionRepository, assetRepository shared.AssetRepository, organizationRepository shared.OrganizationRepository, cveRepository shared.CveRepository, artifactRepository shared.ArtifactRepository) *CSAFController

func (*CSAFController) GetAggregatorJSON 

func (controller *CSAFController) GetAggregatorJSON(ctx shared.Context) error

@Summary Get CSAF aggregator metadata @Tags CSAF @Success 200 {object} object @Router /.well-known/csaf-aggregator/aggregator.json [get]

func (*CSAFController) GetCSAFIndexHTML 

func (controller *CSAFController) GetCSAFIndexHTML(ctx shared.Context) error

returns the html to display each subdirectory present under the csaf url

func (*CSAFController) GetChangesCSVFile 

func (controller *CSAFController) GetChangesCSVFile(ctx shared.Context) error

@Summary Get CSAF changes CSV @Tags CSAF @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Success 200 {string} string @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/csaf/white/changes.csv [get]

func (*CSAFController) GetIndexFile 

func (controller *CSAFController) GetIndexFile(ctx shared.Context) error

@Summary Get CSAF index file @Tags CSAF @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Success 200 {string} string @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/csaf/white/index.txt [get]

func (*CSAFController) GetOpenPGPFile 

func (controller *CSAFController) GetOpenPGPFile(ctx shared.Context) error

handles request to files placed in the openpgp directory (currently public key and the respective sha512 hash)

func (*CSAFController) GetOpenPGPHTML 

func (controller *CSAFController) GetOpenPGPHTML(ctx shared.Context) error

return the html used to display all openpgp related keys and hashes

func (*CSAFController) GetProviderMetadataForOrganization 

func (controller *CSAFController) GetProviderMetadataForOrganization(ctx shared.Context) error

@Summary Get CSAF provider metadata for organization @Tags CSAF @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Success 200 {object} object @Router /organizations/{organization}/csaf/provider-metadata.json [get]

func (*CSAFController) GetReportsByYearHTML 

func (controller *CSAFController) GetReportsByYearHTML(ctx shared.Context) error

builds and returns the html to display every csaf version of a given year as well as the signature and hash

func (*CSAFController) GetTLPWhiteEntriesHTML 

func (controller *CSAFController) GetTLPWhiteEntriesHTML(ctx shared.Context) error

builds and returns the html used to display every directory in the tlp white folder

func (*CSAFController) ServeCSAFReportRequest 

func (controller *CSAFController) ServeCSAFReportRequest(ctx shared.Context) error

@Summary Get CSAF report @Tags CSAF @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param year path string true "Year" @Param version path string true "Version filename" @Success 200 @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/csaf/white/{year}/{version} [get]

type ComplianceController 

type ComplianceController struct {
	// contains filtered or unexported fields
}

func NewComplianceController 

func NewComplianceController(assetVersionRepository shared.AssetVersionRepository, attestationRepository shared.AttestationRepository, policyRepository shared.PolicyRepository) *ComplianceController

func (*ComplianceController) AssetCompliance 

func (c *ComplianceController) AssetCompliance(ctx shared.Context) error

func (*ComplianceController) Details 

func (c *ComplianceController) Details(ctx shared.Context) error

func (*ComplianceController) ProjectCompliance 

func (c *ComplianceController) ProjectCompliance(ctx shared.Context) error

type ComponentController 

type ComponentController struct {
	// contains filtered or unexported fields
}

func NewComponentController 

func NewComponentController(componentRepository shared.ComponentRepository, assetVersionRepository shared.AssetVersionRepository, licenseOverwriteRepository shared.LicenseRiskRepository, projectRepository shared.ProjectRepository, assetVersionService shared.AssetVersionService) *ComponentController

func (ComponentController) LicenseDistribution 

func (componentController ComponentController) LicenseDistribution(ctx shared.Context) error

func (ComponentController) ListPaged 

func (componentController ComponentController) ListPaged(ctx shared.Context) error

func (ComponentController) SearchComponentOccurrences 

func (componentController ComponentController) SearchComponentOccurrences(ctx shared.Context) error

type CreateExternalReferenceRequest 

type CreateExternalReferenceRequest struct {
	URL              string `json:"url" validate:"required,url"`
	Type             string `json:"type" validate:"required,oneof=cyclonedxvex csaf"`
	CSAFPackageScope string `json:"csafPackageScope"` // only relevant for csaf references - NEEDS TO BE A VALID PURL
}

type CreateVEXRuleRequest 

type CreateVEXRuleRequest struct {
	CVEID                   string                           `json:"cveId" validate:"required"`
	Justification           string                           `json:"justification" validate:"required"`
	MechanicalJustification dtos.MechanicalJustificationType `json:"mechanicalJustification"`
	PathPattern             []string                         `json:"pathPattern" validate:"required,min=1"`
}

type CrowdsourcedVexingController added in v1.4.0 

type CrowdsourcedVexingController struct {
	// contains filtered or unexported fields
}

func NewCrowdsourcedVexingController added in v1.4.0 

func NewCrowdsourcedVexingController(crowdsourcedVexingService shared.CrowdSourcedVexingService) *CrowdsourcedVexingController

func (*CrowdsourcedVexingController) Recommend added in v1.4.0 

func (c *CrowdsourcedVexingController) Recommend(ctx shared.Context) error

type DependencyVulnController 

type DependencyVulnController struct {

	// mark public to let it be overridden in tests
	utils.FireAndForgetSynchronizer
	// contains filtered or unexported fields
}

func NewDependencyVulnController 

func NewDependencyVulnController(dependencyVulnRepository shared.DependencyVulnRepository, dependencyVulnService shared.DependencyVulnService, projectService shared.ProjectService, statisticsService shared.StatisticsService, vulnEventRepository shared.VulnEventRepository, synchronizer utils.FireAndForgetSynchronizer) *DependencyVulnController

func (DependencyVulnController) BatchCreateEvent 

func (controller DependencyVulnController) BatchCreateEvent(ctx shared.Context) error

func (DependencyVulnController) CreateEvent 

func (controller DependencyVulnController) CreateEvent(ctx shared.Context) error

@Summary Create vulnerability event @Tags Vulnerabilities @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param dependencyVulnID path string true "Vulnerability ID" @Param body body object true "Request body" @Success 200 @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/dependency-vulns/{dependencyVulnID} [post]

func (DependencyVulnController) GetRecommendation added in v1.3.0 

func (controller DependencyVulnController) GetRecommendation(ctx echo.Context) error

func (DependencyVulnController) Hints 

func (controller DependencyVulnController) Hints(ctx shared.Context) error

func (DependencyVulnController) ListByOrgPaged 

func (controller DependencyVulnController) ListByOrgPaged(ctx shared.Context) error

func (DependencyVulnController) ListByProjectPaged 

func (controller DependencyVulnController) ListByProjectPaged(ctx shared.Context) error

func (DependencyVulnController) ListPaged 

func (controller DependencyVulnController) ListPaged(ctx shared.Context) error

@Summary List dependency vulnerabilities @Tags Vulnerabilities @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param flat query string false "Flat list flag" @Param search query string false "Search term" @Success 200 {object} object @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/dependency-vulns [get]

func (DependencyVulnController) Mitigate 

func (controller DependencyVulnController) Mitigate(ctx shared.Context) error

func (DependencyVulnController) Read 

func (controller DependencyVulnController) Read(ctx shared.Context) error

@Summary Get dependency vulnerability details @Tags Vulnerabilities @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param dependencyVulnID path string true "Vulnerability ID" @Success 200 {object} dtos.DetailedDependencyVulnDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/dependency-vulns/{dependencyVulnID} [get]

func (DependencyVulnController) SyncDependencyVulns 

func (controller DependencyVulnController) SyncDependencyVulns(ctx shared.Context) error

type DependencyVulnStatus 

type DependencyVulnStatus struct {
	StatusType              string                           `json:"status"`
	Justification           string                           `json:"justification"`
	MechanicalJustification dtos.MechanicalJustificationType `json:"mechanicalJustification"`
}

type ExternalReferenceController 

type ExternalReferenceController struct {
	utils.FireAndForgetSynchronizer
	shared.ScanService
	// contains filtered or unexported fields
}

func NewExternalReferenceController 

func NewExternalReferenceController(
	externalReferenceRepository shared.ExternalReferenceRepository,
	artifactRepository shared.ArtifactRepository,
	dependencyVulnService shared.DependencyVulnService,
	statisticsService shared.StatisticsService,
	synchronizer utils.FireAndForgetSynchronizer,
	scanService shared.ScanService,
) *ExternalReferenceController

func (*ExternalReferenceController) Create 

func (c *ExternalReferenceController) Create(ctx shared.Context) error

@Summary Create an external reference @Tags ExternalReferences @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param request body CreateExternalReferenceRequest true "Create request" @Success 201 {object} ExternalReferenceDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/external-references [post]

func (*ExternalReferenceController) Delete 

func (c *ExternalReferenceController) Delete(ctx shared.Context) error

@Summary Delete all external references for an asset version @Tags ExternalReferences @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Success 204 @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/external-references/{id} [delete]

func (*ExternalReferenceController) List 

func (c *ExternalReferenceController) List(ctx shared.Context) error

@Summary List external references for an asset version @Tags ExternalReferences @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Success 200 {array} ExternalReferenceDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/external-references [get]

func (*ExternalReferenceController) Sync 

func (c *ExternalReferenceController) Sync(ctx shared.Context) error

@Summary Sync external sources for all artifacts of an asset version @Tags ExternalReferences @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Success 200 @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/external-references/sync [post]

func (*ExternalReferenceController) SyncArtifact added in v1.5.0 

func (c *ExternalReferenceController) SyncArtifact(ctx shared.Context) error

@Summary Sync external sources for a single artifact @Tags ExternalReferences @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName path string true "Artifact name" @Success 200 @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/artifacts/{artifactName}/sync-external-sources/ [post]

type ExternalReferenceDTO 

type ExternalReferenceDTO struct {
	ID               string `json:"id"`
	AssetID          string `json:"assetId"`
	AssetVersionName string `json:"assetVersionName"`
	URL              string `json:"url"`
	Type             string `json:"type"`
}

type FirstPartyVulnController 

type FirstPartyVulnController struct {
	// contains filtered or unexported fields
}

func NewFirstPartyVulnController 

func NewFirstPartyVulnController(firstPartyVulnRepository shared.FirstPartyVulnRepository, firstPartyVulnService shared.FirstPartyVulnService, projectService shared.ProjectService) *FirstPartyVulnController

func (FirstPartyVulnController) CreateEvent 

func (c FirstPartyVulnController) CreateEvent(ctx shared.Context) error

@Summary Create first-party vulnerability event @Tags Vulnerabilities @Security CookieAuth @Security PATAuth @Security BearerAuth @Param vulnID path string true "Vulnerability ID" @Param body body object true "Event data" @Success 200 {object} dtos.DetailedFirstPartyVulnDTO @Router /vulns/{vulnID}/events [post]

func (FirstPartyVulnController) ListByOrgPaged 

func (c FirstPartyVulnController) ListByOrgPaged(ctx shared.Context) error

@Summary List first-party vulnerabilities by organization @Tags Vulnerabilities @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param search query string false "Search term" @Success 200 {object} object @Router /organizations/{organization}/vulns [get]

func (FirstPartyVulnController) ListByProjectPaged 

func (c FirstPartyVulnController) ListByProjectPaged(ctx shared.Context) error

@Summary List first-party vulnerabilities by project @Tags Vulnerabilities @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param search query string false "Search term" @Success 200 {object} object @Router /organizations/{organization}/projects/{projectSlug}/vulns [get]

func (FirstPartyVulnController) ListPaged 

func (c FirstPartyVulnController) ListPaged(ctx shared.Context) error

@Summary List first-party vulnerabilities by asset version @Tags Vulnerabilities @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param search query string false "Search term" @Success 200 {object} object @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/vulns [get]

func (FirstPartyVulnController) Mitigate 

func (c FirstPartyVulnController) Mitigate(ctx shared.Context) error

func (FirstPartyVulnController) Read 

func (c FirstPartyVulnController) Read(ctx shared.Context) error

@Summary Get first-party vulnerability details @Tags Vulnerabilities @Security CookieAuth @Security PATAuth @Security BearerAuth @Param vulnID path string true "Vulnerability ID" @Success 200 {object} dtos.DetailedFirstPartyVulnDTO @Router /vulns/{vulnID} [get]

func (FirstPartyVulnController) Sarif 

func (c FirstPartyVulnController) Sarif(ctx shared.Context) error

@Summary Get first-party vulnerabilities as SARIF @Tags Vulnerabilities @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Success 200 {object} object @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/vulns.sarif [get]

type FirstPartyVulnStatus 

type FirstPartyVulnStatus struct {
	StatusType              string                           `json:"status"`
	Justification           string                           `json:"justification"`
	MechanicalJustification dtos.MechanicalJustificationType `json:"mechanicalJustification"`
}

type InToToController 

type InToToController struct {
	// contains filtered or unexported fields
}

func NewInToToController 

func NewInToToController(repository shared.InTotoLinkRepository, supplyChainRepository shared.SupplyChainRepository, assetVersionRepository shared.AssetVersionRepository, patRepository shared.PersonalAccessTokenRepository, patService shared.PersonalAccessTokenService, inTotoVerifierService shared.InTotoVerifierService) *InToToController

func (*InToToController) Create 

func (a *InToToController) Create(ctx shared.Context) error

func (*InToToController) Read 

func (a *InToToController) Read(ctx shared.Context) error

func (*InToToController) RootLayout 

func (a *InToToController) RootLayout(ctx shared.Context) error

func (*InToToController) VerifySupplyChain 

func (a *InToToController) VerifySupplyChain(ctx shared.Context) error

type IntegrationController 

type IntegrationController struct {
	// contains filtered or unexported fields
}

func NewIntegrationController 

func NewIntegrationController(gitlabOauth2Integration map[string]*gitlabint.GitlabOauth2Config) *IntegrationController

func (*IntegrationController) AutoSetup 

func (c *IntegrationController) AutoSetup(ctx shared.Context) error

func (*IntegrationController) DeleteGitLabAccessToken 

func (c *IntegrationController) DeleteGitLabAccessToken(ctx shared.Context) error

func (*IntegrationController) DeleteJiraAccessToken 

func (c *IntegrationController) DeleteJiraAccessToken(ctx shared.Context) error

func (*IntegrationController) FinishInstallation 

func (c *IntegrationController) FinishInstallation(ctx shared.Context) error

func (*IntegrationController) GitLabOauth2Callback 

func (c *IntegrationController) GitLabOauth2Callback(ctx shared.Context) error

@Summary GitLab OAuth2 callback @Tags Integrations @Security CookieAuth @Param integrationName path string true "Integration name" @Success 200 @Router /oauth2/gitlab/callback/{integrationName} [get]

func (*IntegrationController) GitLabOauth2Login 

func (c *IntegrationController) GitLabOauth2Login(ctx shared.Context) error

@Summary GitLab OAuth2 login @Tags Integrations @Security CookieAuth @Param integrationName path string true "Integration name" @Success 200 @Router /oauth2/gitlab/{integrationName} [get]

func (*IntegrationController) HandleWebhook 

func (c *IntegrationController) HandleWebhook(ctx shared.Context) error

func (*IntegrationController) ListRepositories 

func (c *IntegrationController) ListRepositories(ctx shared.Context) error

@Summary List repositories from integrations @Tags Integrations @Security CookieAuth @Security PATAuth @Security BearerAuth @Success 200 {array} object @Router /integrations/repositories [get]

func (*IntegrationController) TestAndSaveGitlabIntegration 

func (c *IntegrationController) TestAndSaveGitlabIntegration(ctx shared.Context) error

func (*IntegrationController) TestAndSaveJiraIntegration 

func (c *IntegrationController) TestAndSaveJiraIntegration(ctx shared.Context) error

type LicenseRiskController 

type LicenseRiskController struct {
	// contains filtered or unexported fields
}

func NewLicenseRiskController 

func NewLicenseRiskController(licenseOverwriteRepository shared.LicenseRiskRepository, LicenseRiskService shared.LicenseRiskService) *LicenseRiskController

func (LicenseRiskController) Create 

func (controller LicenseRiskController) Create(ctx shared.Context) error

func (LicenseRiskController) CreateEvent 

func (controller LicenseRiskController) CreateEvent(ctx shared.Context) error

func (LicenseRiskController) GetComponentOverwriteForAssetVersion 

func (controller LicenseRiskController) GetComponentOverwriteForAssetVersion(ctx context.Context, assetID uuid.UUID, assetVersionName string, pURL string) (models.LicenseRisk, error)

func (LicenseRiskController) ListPaged 

func (controller LicenseRiskController) ListPaged(ctx shared.Context) error

func (LicenseRiskController) MakeFinalLicenseDecision 

func (controller LicenseRiskController) MakeFinalLicenseDecision(ctx shared.Context) error

func (LicenseRiskController) Mitigate 

func (controller LicenseRiskController) Mitigate(ctx shared.Context) error

func (LicenseRiskController) Read 

func (controller LicenseRiskController) Read(ctx shared.Context) error

type LicenseRiskStatus 

type LicenseRiskStatus struct {
	StatusType              string                           `json:"status"`
	Justification           string                           `json:"justification"`
	MechanicalJustification dtos.MechanicalJustificationType `json:"mechanicalJustification"`
}

type OrgController 

type OrgController struct {
	// contains filtered or unexported fields
}

func NewOrganizationController 

func NewOrganizationController(repository shared.OrganizationRepository, orgService shared.OrgService, rbacProvider shared.RBACProvider, projectService shared.ProjectService, invitationRepository shared.InvitationRepository) *OrgController

func (*OrgController) AcceptInvitation 

func (controller *OrgController) AcceptInvitation(ctx shared.Context) error

@Summary Accept organization invitation @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param body body dtos.AcceptInvitationRequest true "Request body" @Success 200 @Router /accept-invitation [post]

func (*OrgController) AdminSettings added in v1.4.0 

func (controller *OrgController) AdminSettings(ctx shared.Context) error

@Summary Get organization admin settings @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Success 200 {object} dtos.OrgSettingsDTO @Router /organizations/{organization}/settings [get]

func (*OrgController) ChangeRole 

func (controller *OrgController) ChangeRole(ctx shared.Context) error

@Summary Change member role @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param userID path string true "User ID" @Param body body dtos.OrgChangeRoleRequest true "Request body" @Success 200 @Router /organizations/{organization}/members/{userID} [put]

func (*OrgController) ContentTree 

func (controller *OrgController) ContentTree(ctx shared.Context) error

@Summary Get organization content tree @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Success 200 {object} object @Router /organizations/{organization}/content-tree [get]

func (*OrgController) Create 

func (controller *OrgController) Create(ctx shared.Context) error

@Summary Create organization @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param body body dtos.OrgCreateRequest true "Request body" @Success 200 {object} models.Org @Router /organizations [post]

func (*OrgController) Delete 

func (controller *OrgController) Delete(ctx shared.Context) error

@Summary Delete organization @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Success 200 @Router /organizations/{organization} [delete]

func (*OrgController) GetConfigFile 

func (controller *OrgController) GetConfigFile(ctx shared.Context) error

@Summary Get organization config file @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param config-file path string true "Config file ID" @Produce text/plain @Success 200 {string} string "Config file content" @Router /organizations/{organization}/config-files/{config-file}/ [get]

func (*OrgController) InviteMember 

func (controller *OrgController) InviteMember(ctx shared.Context) error

@Summary Invite member to organization @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param body body dtos.InviteRequest true "Request body" @Success 200 {object} models.Invitation @Router /organizations/{organization}/members [post]

func (*OrgController) List 

func (controller *OrgController) List(ctx shared.Context) error

@Summary List organizations @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Success 200 {array} models.Org @Router /organizations [get]

func (*OrgController) Members 

func (controller *OrgController) Members(ctx shared.Context) error

@Summary List organization members @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Success 200 {array} object @Router /organizations/{organization}/members [get]

func (*OrgController) Metrics 

func (controller *OrgController) Metrics(ctx shared.Context) error

@Summary Get organization metrics @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Success 200 {object} object{ownerId=string} @Router /organizations/{organization}/metrics [get]

func (*OrgController) Read 

func (controller *OrgController) Read(ctx shared.Context) error

@Summary Get organization details @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Success 200 {object} dtos.OrgDetailsDTO @Router /organizations/{organization} [get]

func (*OrgController) RemoveMember 

func (controller *OrgController) RemoveMember(ctx shared.Context) error

@Summary Remove member from organization @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param userID path string true "User ID" @Success 200 @Router /organizations/{organization}/members/{userID} [delete]

func (*OrgController) Update 

func (controller *OrgController) Update(ctx shared.Context) error

@Summary Update organization @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param body body dtos.OrgPatchRequest true "Request body" @Success 200 {object} dtos.OrgDetailsDTO @Router /organizations/{organization} [patch]

func (*OrgController) UpdateConfigFile added in v1.2.0 

func (controller *OrgController) UpdateConfigFile(ctx shared.Context) error

@Summary Update organization config file @Tags Organizations @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param config-file path string true "Config file ID" @Param body body string true "Config file content" @Produce text/plain @Success 200 {string} string "Updated config file content" @Router /organizations/{organization}/config-files/{config-file}/ [put]

type PatController 

type PatController struct {
	// contains filtered or unexported fields
}

func NewPatController 

func NewPatController(service shared.PersonalAccessTokenService, repository shared.PersonalAccessTokenRepository) *PatController

func (*PatController) Create 

func (p *PatController) Create(c shared.Context) error

@Summary Create personal access token @Tags Authentication @Security CookieAuth @Param body body dtos.PatCreateRequest true "Request body" @Success 200 {object} object{createdAt=string,description=string,userID=string,pubKey=string,fingerprint=string,scopes=string,id=string} @Router /pats [post]

func (*PatController) Delete 

func (p *PatController) Delete(c shared.Context) error

@Summary Delete personal access token @Tags Authentication @Security CookieAuth @Security PATAuth @Security BearerAuth @Param tokenID path string true "Token ID" @Success 200 @Router /pats/{tokenID} [delete]

func (*PatController) List 

func (p *PatController) List(c shared.Context) error

@Summary List personal access tokens @Tags Authentication @Security CookieAuth @Security PATAuth @Security BearerAuth @Success 200 {array} dtos.PATDTO @Router /pats [get]

func (*PatController) RevokeByPrivateKey 

func (p *PatController) RevokeByPrivateKey(c shared.Context) error

@Summary Revoke PAT by private key @Tags Authentication @Param body body dtos.RevokeByPrivateKeyRequest true "Request body" @Success 200 @Router /pats/revoke-by-private-key [post]

type PolicyController 

type PolicyController struct {
	// contains filtered or unexported fields
}

func NewPolicyController 

func NewPolicyController(policyRepository shared.PolicyRepository, projectRepository shared.ProjectRepository) *PolicyController

func (*PolicyController) CreatePolicy 

func (c *PolicyController) CreatePolicy(ctx shared.Context) error

func (*PolicyController) DeletePolicy 

func (c *PolicyController) DeletePolicy(ctx shared.Context) error

func (*PolicyController) DisablePolicyForProject 

func (c *PolicyController) DisablePolicyForProject(ctx shared.Context) error

func (*PolicyController) EnablePolicyForProject 

func (c *PolicyController) EnablePolicyForProject(ctx shared.Context) error

func (*PolicyController) GetOrganizationPolicies 

func (c *PolicyController) GetOrganizationPolicies(ctx shared.Context) error

func (*PolicyController) GetPolicy 

func (c *PolicyController) GetPolicy(ctx shared.Context) error

func (*PolicyController) GetProjectPolicies 

func (c *PolicyController) GetProjectPolicies(ctx shared.Context) error

func (*PolicyController) UpdatePolicy 

func (c *PolicyController) UpdatePolicy(ctx shared.Context) error

type ProjectController 

type ProjectController struct {
	// contains filtered or unexported fields
}

func NewProjectController 

func NewProjectController(repository shared.ProjectRepository, assetRepository shared.AssetRepository, projectService shared.ProjectService, webhookRepository shared.WebhookIntegrationRepository) *ProjectController

func (*ProjectController) ChangeRole 

func (ProjectController *ProjectController) ChangeRole(c shared.Context) error

func (*ProjectController) Create 

func (ProjectController *ProjectController) Create(ctx shared.Context) error

@Summary Create project @Tags Projects @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param body body dtos.ProjectCreateRequest true "Request body" @Success 200 {object} models.Project @Router /organizations/{organization}/projects [post]

func (*ProjectController) Delete 

func (ProjectController *ProjectController) Delete(c shared.Context) error

@Summary Delete project @Tags Projects @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Success 200 @Router /organizations/{organization}/projects/{projectSlug} [delete]

func (*ProjectController) GetConfigFile 

func (ProjectController *ProjectController) GetConfigFile(ctx shared.Context) error

@Summary Get project config file @Tags Projects @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param config-file path string true "Config file ID" @Produce text/plain @Success 200 {string} string "Config file content" @Router /organizations/{organization}/projects/{projectSlug}/config-files/{config-file}/ [get]

func (*ProjectController) InviteMembers 

func (ProjectController *ProjectController) InviteMembers(c shared.Context) error

@Summary Invite members to project @Tags Projects @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param body body dtos.ProjectInviteRequest true "Request body" @Success 200 @Router /organizations/{organization}/projects/{projectSlug}/members [post]

func (*ProjectController) List 

func (ProjectController *ProjectController) List(c shared.Context) error

@Summary List projects @Tags Projects @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Success 200 {array} models.Project @Router /organizations/{organization}/projects [get]

func (*ProjectController) ListSubProjectsAndAssets 

func (ProjectController *ProjectController) ListSubProjectsAndAssets(c shared.Context) error

func (*ProjectController) Members 

func (ProjectController *ProjectController) Members(c shared.Context) error

@Summary List project members @Tags Projects @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Success 200 {array} dtos.UserDTO @Router /organizations/{organization}/projects/{projectSlug}/members [get]

func (*ProjectController) Read 

func (ProjectController *ProjectController) Read(c shared.Context) error

@Summary Get project details @Tags Projects @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Success 200 {object} dtos.ProjectDetailsDTO @Router /organizations/{organization}/projects/{projectSlug} [get]

func (*ProjectController) RemoveMember 

func (ProjectController *ProjectController) RemoveMember(c shared.Context) error

func (*ProjectController) SearchProjectsWithSubProjectsAndAssets added in v1.4.0 

func (ProjectController *ProjectController) SearchProjectsWithSubProjectsAndAssets(c shared.Context) error

func (*ProjectController) Update 

func (ProjectController *ProjectController) Update(c shared.Context) error

@Summary Update project @Tags Projects @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param body body dtos.ProjectPatchRequest true "Request body" @Success 200 {object} dtos.ProjectDetailsDTO @Router /organizations/{organization}/projects/{projectSlug} [patch]

func (*ProjectController) UpdateConfigFile added in v1.2.0 

func (ProjectController *ProjectController) UpdateConfigFile(ctx shared.Context) error

@Summary Update project config file @Tags Projects @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param config-file path string true "Config file ID" @Param body body string true "Config file content" @Produce text/plain @Success 200 {string} string "Updated config file content" @Router /organizations/{organization}/projects/{projectSlug}/config-files/{config-file}/ [put]

type ReleaseController 

type ReleaseController struct {
	// contains filtered or unexported fields
}

func NewReleaseController 

func NewReleaseController(service shared.ReleaseService, avService shared.AssetVersionService, avRepo shared.AssetVersionRepository, dvRepo shared.DependencyVulnRepository, assetRepository shared.AssetRepository) *ReleaseController

func (*ReleaseController) AddItem 

func (h *ReleaseController) AddItem(c shared.Context) error

@Summary Add item to release @Tags Releases @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param releaseID path string true "Release ID" @Param body body dtos.ReleaseItemDTO true "Release item data" @Success 201 {object} dtos.ReleaseItemDTO @Router /organizations/{organization}/projects/{projectSlug}/releases/{releaseID}/items [post]

func (*ReleaseController) Create 

func (h *ReleaseController) Create(c shared.Context) error

@Summary Create release @Tags Releases @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param body body dtos.ReleaseCreateRequest true "Release data" @Success 201 {object} dtos.ReleaseDTO @Router /organizations/{organization}/projects/{projectSlug}/releases [post]

func (*ReleaseController) Delete 

func (h *ReleaseController) Delete(c shared.Context) error

@Summary Delete release @Tags Releases @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param releaseID path string true "Release ID" @Success 204 @Router /organizations/{organization}/projects/{projectSlug}/releases/{releaseID} [delete]

func (*ReleaseController) List 

func (h *ReleaseController) List(c shared.Context) error

@Summary List releases @Tags Releases @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param search query string false "Search term" @Success 200 {object} object @Router /organizations/{organization}/projects/{projectSlug}/releases [get]

func (*ReleaseController) ListCandidates 

func (h *ReleaseController) ListCandidates(c shared.Context) error

@Summary List release candidates @Tags Releases @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param releaseID query string false "Release ID" @Success 200 {object} dtos.CandidatesResponseDTO @Router /organizations/{organization}/projects/{projectSlug}/releases/candidates [get]

func (*ReleaseController) Read 

func (h *ReleaseController) Read(c shared.Context) error

@Summary Get release details @Tags Releases @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param releaseID path string true "Release ID" @Success 200 {object} dtos.ReleaseDTO @Router /organizations/{organization}/projects/{projectSlug}/releases/{releaseID} [get]

func (*ReleaseController) RemoveItem 

func (h *ReleaseController) RemoveItem(c shared.Context) error

@Summary Remove item from release @Tags Releases @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param releaseID path string true "Release ID" @Param itemID path string true "Item ID" @Success 204 @Router /organizations/{organization}/projects/{projectSlug}/releases/{releaseID}/items/{itemID} [delete]

func (*ReleaseController) SBOMJSON 

func (h *ReleaseController) SBOMJSON(c shared.Context) error

@Summary Get release SBOM as JSON @Tags Releases @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param releaseID path string true "Release ID" @Success 200 {object} object @Router /organizations/{organization}/projects/{projectSlug}/releases/{releaseID}/sbom.json [get]

func (*ReleaseController) SBOMXML 

func (h *ReleaseController) SBOMXML(c shared.Context) error

@Summary Get release SBOM as XML @Tags Releases @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param releaseID path string true "Release ID" @Success 200 {object} object @Router /organizations/{organization}/projects/{projectSlug}/releases/{releaseID}/sbom.xml [get]

func (*ReleaseController) Update 

func (h *ReleaseController) Update(c shared.Context) error

@Summary Update release @Tags Releases @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param releaseID path string true "Release ID" @Param body body dtos.ReleasePatchRequest true "Release data" @Success 200 {object} dtos.ReleaseDTO @Router /organizations/{organization}/projects/{projectSlug}/releases/{releaseID} [patch]

func (*ReleaseController) VEXJSON 

func (h *ReleaseController) VEXJSON(c shared.Context) error

@Summary Get release VEX as JSON @Tags Releases @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param releaseID path string true "Release ID" @Success 200 {object} object @Router /organizations/{organization}/projects/{projectSlug}/releases/{releaseID}/vex.json [get]

func (*ReleaseController) VEXXML 

func (h *ReleaseController) VEXXML(c shared.Context) error

@Summary Get release VEX as XML @Tags Releases @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param releaseID path string true "Release ID" @Success 200 {object} object @Router /organizations/{organization}/projects/{projectSlug}/releases/{releaseID}/vex.xml [get]

type ScanController 

type ScanController struct {
	shared.ScanService
	// mark public to let it be overridden in tests
	utils.FireAndForgetSynchronizer
	// contains filtered or unexported fields
}

func NewScanController 

func NewScanController(scanService shared.ScanService, assetVersionRepository shared.AssetVersionRepository, assetVersionService shared.AssetVersionService, statisticsService shared.StatisticsService, dependencyVulnService shared.DependencyVulnService, firstPartyVulnService shared.FirstPartyVulnService, artifactService shared.ArtifactService, dependencyVulnRepository shared.DependencyVulnRepository, synchronizer utils.FireAndForgetSynchronizer, vexRuleService shared.VEXRuleService, externalReferenceRepository shared.ExternalReferenceRepository, componentService shared.ComponentService, thirdPartyIntegration shared.IntegrationAggregate) *ScanController

func (*ScanController) DependencyVulnScan 

func (s *ScanController) DependencyVulnScan(c shared.Context, bom *cdx.BOM) (opened, closed, newState []models.DependencyVuln, assetVersion models.AssetVersion, err error)

func (*ScanController) FirstPartyVulnScan 

func (s *ScanController) FirstPartyVulnScan(ctx shared.Context) error

@Summary Scan for first-party vulnerabilities @Deprecated Use /api/v2/sarif-scan instead. @Tags Scanning @Security CookieAuth @Security PATAuth @Security BearerAuth @Param body body object true "SARIF scan result" @Param X-Asset-Ref header string false "Asset version name" @Param X-Tag header string false "Tag flag" @Param X-Asset-Default-Branch header string false "Default branch" @Param X-Scanner header string true "Scanner ID" @Success 200 {object} dtos.FirstPartyScanResponse @Router /sarif-scan [post]

func (*ScanController) FirstPartyVulnScanUnauthenticated added in v1.6.0 

func (s *ScanController) FirstPartyVulnScanUnauthenticated(c echo.Context) error

@Summary Scan for first-party vulnerabilities without authentication (scan-only, results are not saved) @Deprecated Use /api/v2/sarif-scan-unauthenticated instead. @Tags Scanning @Param body body object true "SARIF scan result" @Param X-Scanner header string true "Scanner ID" @Success 200 {object} dtos.FirstPartyScanResponse @Router /sarif-scan-unauthenticated [post]

func (*ScanController) SarifScanUnauthenticated added in v1.6.0 

func (s *ScanController) SarifScanUnauthenticated(c echo.Context) error

@Summary Scan SARIF without authentication and return enriched SARIF @Tags Scanning @Param body body object true "SARIF scan result" @Param X-Scanner header string true "Scanner ID" @Produce application/json @Success 200 {object} object "Enriched SARIF JSON" @Router /api/v2/sarif-scan-unauthenticated [post]

func (*ScanController) ScanDependencyVulnFromProject 

func (s *ScanController) ScanDependencyVulnFromProject(c shared.Context) error

@Summary Scan for dependency vulnerabilities @Deprecated Use /api/v2/scan instead. @Tags Scanning @Security CookieAuth @Security PATAuth @Security BearerAuth @Param body body object true "CycloneDX SBOM" @Param X-Asset-Ref header string false "Asset version name" @Param X-Artifact-Name header string false "Artifact name" @Param X-Tag header string false "Tag flag" @Param X-Asset-Default-Branch header string false "Default branch" @Param X-Origin header string false "Origin" @Param X-Scanner header string false "Scanner ID" @Success 200 {object} dtos.ScanResponse @Router /scan [post]

func (*ScanController) ScanDependencyVulnUnauthenticated added in v1.0.1 

func (s *ScanController) ScanDependencyVulnUnauthenticated(c echo.Context) error

@Summary Scan for dependency vulnerabilities without authentication (scan-only, results are not saved) @Deprecated Use /api/v2/scan-unauthenticated instead. @Tags Scanning @Param body body object true "CycloneDX SBOM" @Success 200 {object} dtos.ScanResponse @Router /scan-unauthenticated [post]

func (*ScanController) ScanDependencyVulnUnauthenticatedVex added in v1.6.0 

func (s *ScanController) ScanDependencyVulnUnauthenticatedVex(c echo.Context) error

@Summary Scan for dependency vulnerabilities without authentication, returns CycloneDX VEX @Tags Scanning @Param body body object true "CycloneDX SBOM" @Produce application/json @Success 200 {object} cyclonedx.BOM "CycloneDX VEX JSON" @Router /api/v2/scan-unauthenticated [post]

func (*ScanController) ScanSarifFile added in v1.6.0 

func (s *ScanController) ScanSarifFile(c shared.Context) error

@Summary Scan SARIF file and return enriched SARIF @Tags Scanning @Security CookieAuth @Security PATAuth @Security BearerAuth @Param body body object true "SARIF scan result" @Produce application/json @Success 200 {object} object "Enriched SARIF JSON" @Router /api/v2/sarif-scan [post]

func (*ScanController) ScanSbomFile 

func (s *ScanController) ScanSbomFile(c shared.Context) error

@Summary Scan SBOM file @Tags Scanning @Security CookieAuth @Security PATAuth @Security BearerAuth @Param file formData file true "SBOM file" @Param X-Origin header string false "Origin" @Success 200 {object} dtos.ScanResponse @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/sbom-file [post]

func (*ScanController) ScanSbomFileVex added in v1.6.0 

func (s *ScanController) ScanSbomFileVex(c shared.Context) error

@Summary Scan SBOM file and return CycloneDX VEX @Tags Scanning @Security CookieAuth @Security PATAuth @Security BearerAuth @Param body body cyclonedx.BOM true "CycloneDX SBOM" @Produce application/json @Success 200 {object} cyclonedx.BOM "CycloneDX VEX JSON" @Router /api/v2/scan [post]

func (ScanController) UploadVEX 

func (s ScanController) UploadVEX(ctx shared.Context) error

@Summary Upload VEX document @Tags Scanning @Security CookieAuth @Security PATAuth @Security BearerAuth @Param body body object true "CycloneDX VEX BOM" @Param X-Asset-Ref header string false "Asset version name" @Param X-Artifact-Name header string false "Artifact name" @Param X-Tag header string false "Tag flag" @Param X-Asset-Default-Branch header string false "Default branch" @Param X-Origin header string false "Origin" @Success 200 @Router /vex [post]

type StatisticsController 

type StatisticsController struct {
	// contains filtered or unexported fields
}

func NewStatisticsController 

func NewStatisticsController(statisticsService shared.StatisticsService, statisticsRepository shared.StatisticsRepository, assetVersionRepository shared.AssetVersionRepository, artifactRiskHistoryRepository shared.ArtifactRiskHistoryRepository) *StatisticsController

func (*StatisticsController) GetArtifactRiskHistory 

func (c *StatisticsController) GetArtifactRiskHistory(ctx shared.Context) error

@Summary Get risk history for an asset version @Tags Statistics @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName query string false "Restrict results to a specific artifact" @Param start query string true "Start date (YYYY-MM-DD)" @Param end query string true "End date (YYYY-MM-DD)" @Success 200 {array} dtos.RiskHistoryDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/stats/risk-history/ [get]

func (*StatisticsController) GetAverageFixingTimes added in v1.1.0 

func (c *StatisticsController) GetAverageFixingTimes(ctx shared.Context) error

@Summary Get average fixing times for an asset version @Tags Statistics @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName query string false "Restrict results to a specific artifact" @Success 200 {object} dtos.RemediationTimeAverages @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/stats/average-fixing-time/ [get]

func (*StatisticsController) GetAverageReleaseFixingTime 

func (c *StatisticsController) GetAverageReleaseFixingTime(ctx shared.Context) error

@Summary Get average remediation times for a release @Tags Statistics @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param releaseID path string true "Release ID" @Success 200 {object} dtos.RemediationTimeAverages @Router /organizations/{organization}/projects/{projectSlug}/releases/{releaseID}/stats/average-fixing-time/ [get]

func (*StatisticsController) GetCVESWithKnownExploits 

func (c *StatisticsController) GetCVESWithKnownExploits(ctx shared.Context) error

@Summary Get CVEs with known exploits for an asset @Tags Statistics @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Success 200 {array} models.CVE @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/number-of-exploits/ [get]

func (*StatisticsController) GetComponentRisk 

func (c *StatisticsController) GetComponentRisk(ctx shared.Context) error

@Summary Get component risk distribution for an asset version @Tags Statistics @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug" @Param artifactName query string false "Restrict results to a specific artifact" @Success 200 {object} object @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/stats/component-risk/ [get]

func (*StatisticsController) GetOrgStatistics added in v1.1.0 

func (c *StatisticsController) GetOrgStatistics(ctx shared.Context) error

@Summary Get organization statistics overview @Description Returns aggregated security statistics for an organization, including vulnerability distribution, top vulnerable projects/assets/artifacts, most used components, common CVEs, risk history, remediation metrics, and ecosystem usage. All queries are executed in parallel. @Tags Organizations @Produce json @Param organization path string true "Organization slug" @Param orgComponentsLimit query int false "Max number of top vulnerable projects/assets/artifacts to return (default: 5)" @Param topCVEsLimit query int false "Max number of top CVEs to return (default: 5)" @Param topComponentsLimit query int false "Max number of top components to return (default: 5)" @Param topEcosystemsLimit query int false "Max number of top ecosystems to return (default: 5)" @Success 200 {object} dtos.OrgOverview @Router /organizations/{organization}/stats/vuln-statistics/ [get]

func (*StatisticsController) GetReleaseRiskHistory 

func (c *StatisticsController) GetReleaseRiskHistory(ctx shared.Context) error

@Summary Get risk history for a release @Tags Statistics @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param releaseID path string true "Release ID" @Param start query string true "Start date (YYYY-MM-DD)" @Param end query string true "End date (YYYY-MM-DD)" @Success 200 {array} dtos.RiskHistoryDTO @Router /organizations/{organization}/projects/{projectSlug}/releases/{releaseID}/stats/risk-history/ [get]

type UpdateVEXRuleRequest 

type UpdateVEXRuleRequest struct {
	CVEID                   string                           `json:"cveId"`
	Justification           string                           `json:"justification"`
	MechanicalJustification dtos.MechanicalJustificationType `json:"mechanicalJustification"`
	PathPattern             []string                         `json:"pathPattern"`
	Enabled                 *bool                            `json:"enabled"` // Pointer to distinguish between not provided and false
}

type VEXRuleController 

type VEXRuleController struct {
	utils.FireAndForgetSynchronizer
	// contains filtered or unexported fields
}

func NewVEXRuleController 

func NewVEXRuleController(vexRuleService shared.VEXRuleService, statisticsService shared.StatisticsService, synchronizer utils.FireAndForgetSynchronizer) *VEXRuleController

func (*VEXRuleController) Create 

func (c *VEXRuleController) Create(ctx shared.Context) error

@Summary Create a VEX rule @Tags VEXRules @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug (ref)" @Param body body CreateVEXRuleRequest true "Rule data" @Success 201 {object} dtos.VEXRuleDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/vex-rules [post]

func (*VEXRuleController) Delete 

func (c *VEXRuleController) Delete(ctx shared.Context) error

@Summary Delete a VEX rule @Tags VEXRules @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug (ref)" @Param ruleId path string true "Rule ID" @Success 204 @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/vex-rules/{ruleId} [delete]

func (*VEXRuleController) Get 

func (c *VEXRuleController) Get(ctx shared.Context) error

@Summary Get a VEX rule @Tags VEXRules @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug (ref)" @Param ruleId path string true "Rule ID" @Success 200 {object} dtos.VEXRuleDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/vex-rules/{ruleId} [get]

func (*VEXRuleController) List 

func (c *VEXRuleController) List(ctx shared.Context) error

@Summary List VEX rules for an asset @Tags VEXRules @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug (ref)" @Param page query int false "Page number (default: 1)" @Param pageSize query int false "Page size (default: 10, max: 100)" @Param search query string false "Search term for CVE ID or justification" @Success 200 {object} object{pageSize=int,page=int,total=int64,data=[]dtos.VEXRuleDTO} @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/vex-rules [get]

func (*VEXRuleController) Reapply 

func (c *VEXRuleController) Reapply(ctx shared.Context) error

@Summary Reapply a VEX rule @Tags VEXRules @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug (ref)" @Param ruleId path string true "Rule ID" @Success 200 {object} dtos.VEXRuleDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/vex-rules/{ruleId}/reapply [post]

func (*VEXRuleController) Update 

func (c *VEXRuleController) Update(ctx shared.Context) error

@Summary Update a VEX rule @Tags VEXRules @Security CookieAuth @Security PATAuth @Security BearerAuth @Param organization path string true "Organization slug" @Param projectSlug path string true "Project slug" @Param assetSlug path string true "Asset slug" @Param assetVersionSlug path string true "Asset version slug (ref)" @Param ruleId path string true "Rule ID" @Param body body UpdateVEXRuleRequest true "Updated rule data" @Success 200 {object} dtos.VEXRuleDTO @Router /organizations/{organization}/projects/{projectSlug}/assets/{assetSlug}/refs/{assetVersionSlug}/vex-rules/{ruleId} [put]

type VulnDBController 

type VulnDBController struct {
	// contains filtered or unexported fields
}

func NewVulnDBController 

func NewVulnDBController(cveRepository shared.CveRepository, maliciousPackageChecker shared.MaliciousPackageChecker, affectedComponentRepository shared.AffectedComponentRepository, componentRepository shared.ComponentRepository, componentService shared.ComponentService, fixedVersionResolver shared.FixedVersionResolver, dependencyVulnRepository shared.DependencyVulnRepository) *VulnDBController

func (VulnDBController) GetCVEEcosystemDistribution added in v1.0.1 

func (c VulnDBController) GetCVEEcosystemDistribution(ctx shared.Context) error

return the number of vulnerabilities in affected packages per ecosystem

func (VulnDBController) ListIDsByCreationDate 

func (c VulnDBController) ListIDsByCreationDate(ctx shared.Context) error

returns a list of cve ids sorted by the creation date as well as the total amount of entries query parameter offset: offset the fetched data by the provided amount query parameter limit: limit the amount of entries in the data

func (VulnDBController) ListPaged 

func (c VulnDBController) ListPaged(ctx shared.Context) error

@Summary List all CVEs with pagination @Tags CVE Database @Description Get a paginated list of CVEs with optional filtering and sorting @Tags CVE @Produce json @Param page query int false "Page number" @Param limit query int false "Number of items per page" @Param sort query string false "Sort by field, e.g. 'sort[cve]=asc" @Param filter query string false "Filter query, e.g. 'filterQuery[cvss][is greater than]=4'" @Param confidentialityRequirements query string false "Confidentiality Requirements (low, medium, high), default is medium" @Param integrityRequirements query string false "Integrity Requirements (low, medium, high), default is medium" @Param availabilityRequirements query string false "Availability Requirements (low, medium, high), default is medium" @Success 200 {object} object{pageSize=int,page=int,total=int,data=[]models.CVE} "A paginated list of CVEs" @Failure 500 {object} object{message=string} "Internal server error" @Router /vulndb [get]

func (VulnDBController) PURLInspect 

func (c VulnDBController) PURLInspect(ctx shared.Context) error

@Summary Inspect a package URL (PURL) for vulnerabilities @Description Analyze a given PURL, determine its match context, and return affected components and related vulnerabilities @Tags VulnDB @Produce json @Param purl path string true "Package URL (PURL) to inspect" @Success 200 {object} object "Inspection result including PURL, match context, affected components, and vulnerabilities" @Failure 400 {object} object{message=string} "Invalid PURL provided" @Failure 500 {object} object{message=string} "Internal server error" @Router /vulndb/purl/{purl}/ [get]

func (VulnDBController) Read 

func (c VulnDBController) Read(ctx shared.Context) error

@Summary Get a specific CVE by ID @Tags CVE Database @Description Retrieve details of a specific CVE by its ID, including risk and vector calculations @Tags CVE @Produce json @Param cveID path string true "CVE ID" @Param confidentialityRequirements query string false "Confidentiality Requirements (low, medium, high), default is medium" @Param integrityRequirements query string false "Integrity Requirements (low, medium, high), default is medium" @Param availabilityRequirements query string false "Availability Requirements (low, medium, high), default is medium" @Success 200 {object} models.CVE "Details of the specified CVE" @Failure 500 {object} object{message=string} "Internal server error" @Router /vulndb/{cveID}/ [get]

type VulnEventController 

type VulnEventController struct {
	// contains filtered or unexported fields
}

func NewVulnEventController 

func NewVulnEventController(vulnEventRepository shared.VulnEventRepository, assetVersionRepository shared.AssetVersionRepository) *VulnEventController

func (VulnEventController) DeleteEventByID 

func (c VulnEventController) DeleteEventByID(ctx shared.Context) error

func (VulnEventController) ReadAssetEventsByVulnID 

func (c VulnEventController) ReadAssetEventsByVulnID(ctx shared.Context) error

func (VulnEventController) ReadEventsByAssetIDAndAssetVersionName 

func (c VulnEventController) ReadEventsByAssetIDAndAssetVersionName(ctx shared.Context) error

type WebhookController 

type WebhookController struct {
	// contains filtered or unexported fields
}

func NewWebhookController 

func NewWebhookController(webhookRepository shared.WebhookIntegrationRepository) *WebhookController

func (*WebhookController) CompareIssueStatesAndResolveDifferences 

func (w *WebhookController) CompareIssueStatesAndResolveDifferences(ctx context.Context, asset models.Asset, vulnsWithTickets []models.DependencyVuln) error

func (*WebhookController) CreateIssue 

func (w *WebhookController) CreateIssue(ctx context.Context, asset models.Asset, assetVersionName string, vuln models.Vuln, projectSlug string, orgSlug string, justification string, userID string, userAgent *string) error

func (*WebhookController) CreateLabels 

func (w *WebhookController) CreateLabels(ctx context.Context, asset models.Asset) error

func (*WebhookController) Delete 

func (w *WebhookController) Delete(ctx shared.Context) error

@Summary Delete webhook integration @Tags Webhooks @Security CookieAuth @Security PATAuth @Security BearerAuth @Param id path string true "Webhook ID" @Success 200 @Router /webhooks/{id} [delete]

func (*WebhookController) GetID 

func (w *WebhookController) GetID() shared.IntegrationID

func (*WebhookController) GetRoleInGroup 

func (w *WebhookController) GetRoleInGroup(ctx context.Context, userID string, providerID string, groupID string) (string, error)

func (*WebhookController) GetRoleInProject 

func (w *WebhookController) GetRoleInProject(ctx context.Context, userID string, providerID string, projectID string) (string, error)

func (*WebhookController) GetUsers 

func (w *WebhookController) GetUsers(org models.Org) []dtos.UserDTO

func (*WebhookController) HandleEvent 

func (w *WebhookController) HandleEvent(ctx context.Context, event any, userAgent *string) error

func (*WebhookController) HandleWebhook 

func (w *WebhookController) HandleWebhook(ctx shared.Context) error

func (*WebhookController) HasAccessToExternalEntityProvider 

func (w *WebhookController) HasAccessToExternalEntityProvider(ctx shared.Context, externalEntityProviderID string) (bool, error)

func (*WebhookController) ListGroups 

func (w *WebhookController) ListGroups(ctx context.Context, userID string, providerID string) ([]models.Project, []shared.Role, error)

func (*WebhookController) ListOrgs 

func (w *WebhookController) ListOrgs(ctx shared.Context) ([]models.Org, error)

func (*WebhookController) ListProjects 

func (w *WebhookController) ListProjects(ctx context.Context, userID string, providerID string, groupID string) ([]models.Asset, []shared.Role, error)

func (*WebhookController) ListRepositories 

func (w *WebhookController) ListRepositories(ctx shared.Context) ([]dtos.GitRepository, error)

func (*WebhookController) Save 

func (w *WebhookController) Save(ctx shared.Context) error

@Summary Create webhook integration @Tags Webhooks @Security CookieAuth @Security PATAuth @Security BearerAuth @Param body body object true "Webhook data" @Success 200 {object} dtos.WebhookIntegrationDTO @Router /webhooks [post]

func (*WebhookController) Test 

func (w *WebhookController) Test(ctx shared.Context) error

@Summary Test webhook integration @Tags Webhooks @Security CookieAuth @Security PATAuth @Security BearerAuth @Param body body object true "Test webhook data" @Success 200 {object} object{message=string,payloadType=string} @Router /webhooks/test [post]

func (*WebhookController) Update 

func (w *WebhookController) Update(ctx shared.Context) error

@Summary Update webhook integration @Tags Webhooks @Security CookieAuth @Security PATAuth @Security BearerAuth @Param body body object true "Webhook data" @Success 200 {object} dtos.WebhookIntegrationDTO @Router /webhooks [put]

func (*WebhookController) UpdateIssue 

func (w *WebhookController) UpdateIssue(ctx context.Context, asset models.Asset, assetVersionSlug string, vuln models.Vuln, userAgent *string) error

func (*WebhookController) WantsToHandleWebhook 

func (w *WebhookController) WantsToHandleWebhook(ctx shared.Context) bool

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.