query

package
v0.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 9, 2026 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Overview

Package query provides types and utilities for querying vulnerability data.

Query types support hierarchical exploration of stored vulnerabilities:

  • Images: list all scanned images
  • Digests: list all digests for an image
  • Exposure: list vulnerabilities for an image/digest
  • Packages: list packages affected by a specific CVE
  • TimeSeries: vulnerability counts over time
  • CommonVulns: CVEs shared across multiple images

Output formats:

  • FormatJSON: standard JSON output (default)
  • FormatSARIF: SARIF 2.1.0 for GitHub Code Scanning integration

Example usage: 

opts := &query.Options{
    Image:  "docker.io/redis",
    Digest: "sha256:abc123...",
    Target: "sqlite://vulns.db",
    Format: query.FormatJSON,
}
if err := opts.Validate(); err != nil {
    // handle error
}
queryType, _ := opts.GetQuery() // auto-detects query type

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func HasUniqueExposureSeverityScore added in v0.5.6 

func HasUniqueExposureSeverityScore(list []*ExposureResult) bool

HasUniqueSeverity returns true if scanners report different severities for the same CVE. This is used by --diff to show only CVEs where scanners disagree on severity classification.

Types

type CommonVulnInfo added in v0.7.0 

type CommonVulnInfo struct {
	Severity       string   `json:"severity"`
	Score          float32  `json:"score"`
	AffectedImages []string `json:"affected_images"`
}

CommonVulnInfo represents information about a common vulnerability.

type CommonVulnsResult added in v0.7.0 

type CommonVulnsResult struct {
	Images []string                   `json:"images"`
	Common map[string]*CommonVulnInfo `json:"common"`
}

CommonVulnsResult represents vulnerabilities shared across multiple images.

type DigestSummaryResult 

type DigestSummaryResult struct {
	// Exposures is the number of exposures for that image digest.
	Exposures int `json:"exposures"`

	// Sources is the number of sources for that image digest.
	Sources int `json:"sources"`

	// Packages is the number of packages for that image digest.
	Packages int `json:"packages"`

	// HighScore is the highest score for that image digest.
	HighScore float32 `json:"high_score"`

	// First is the first time the image was discovered.
	First time.Time `json:"first_discovered"`

	// Last is the last time the image was discovered.
	Last time.Time `json:"last_discovered"`
}

type ExposureResult 

type ExposureResult struct {
	// Source is the source of the vulnerability.
	Source string `json:"source"`

	// Severity is the vulnerability severity.
	Severity string `json:"severity,omitempty"`

	// Score is the vulnerability score.
	Score float32 `json:"score,omitempty"`

	// Last is the last time the image was discovered.
	Last time.Time `json:"last_discovered"`
}

type ImageExposureResult 

type ImageExposureResult struct {
	// Image is the image result.
	Image string `json:"image"`

	// Digest is the image digest.
	Digest string `json:"digest"`

	// Exposures is the list of exposures.
	Exposures map[string][]*ExposureResult `json:"exposures"`
}

type ImageResult 

type ImageResult struct {
	// Versions represents the different versions of the image.
	Versions map[string]*DigestSummaryResult `json:"versions"`
}

type Options 

type Options struct {
	// Image is the URI of the image from which the report was generated.
	Image string

	// Digest is the sha:256 digest of the image.
	Digest string

	// Exposure is the CVE ID to query.
	Exposure string

	// Target is the target data store uri.
	Target string

	// DiffsOnly indicates if only diffs should be returned.
	DiffsOnly bool

	// Format is the output format (json, sarif).
	Format OutputFormat

	// QueryType is the explicit query type (optional, auto-detected if not set).
	QueryType Query

	// Images is a list of images for cross-image queries.
	Images []string

	// StartDate is the start date for time-series queries.
	StartDate string

	// EndDate is the end date for time-series queries.
	EndDate string
}

Options represents the input options.

func (*Options) GetQuery 

func (o *Options) GetQuery() (Query, error)

GetQuery returns the query type.

func (*Options) String 

func (o *Options) String() string

func (*Options) Validate 

func (o *Options) Validate() error

Validate validates the options.

type OutputFormat added in v0.7.0 

type OutputFormat int64

OutputFormat represents the output format for query results. 

const (
	FormatJSON OutputFormat = iota
	FormatSARIF
)

func ParseOutputFormat added in v0.7.0 

func ParseOutputFormat(s string) OutputFormat

ParseOutputFormat parses an output format from a string.

func (OutputFormat) String added in v0.7.0 

func (f OutputFormat) String() string

String returns the string representation of the output format.

type PackageExposureResult 

type PackageExposureResult struct {
	// Image is the image result.
	Image string `json:"image"`

	// Digest is the image digest.
	Digest string `json:"digest"`

	// Exposure is the exposure.
	Exposure string `json:"exposure"`

	// Packages is the list of packages.
	Packages []*PackageResult `json:"packages"`
}

type PackageResult 

type PackageResult struct {
	// Source is the source of the vulnerability.
	Source string `json:"source"`

	// Package is the package name.
	Package string `json:"package"`

	// Version is the package version.
	Version string `json:"version"`

	// Severity is the vulnerability severity.
	Severity string `json:"severity,omitempty"`

	// Score is the vulnerability score.
	Score float32 `json:"score,omitempty"`

	// Last is the last time the image was discovered.
	Last time.Time `json:"last_discovered"`
}

type Query 

type Query int64

Type represents the query type. 

const (
	// TypeImage represents the image query type.
	Undefined Query = iota
	Images
	Digests
	Exposure
	Packages
	TimeSeries  // Vulnerability count over time for an image
	CommonVulns // CVEs shared across multiple images
)

func (Query) String 

func (q Query) String() string

String returns the string representation of the query type.

type TimeSeriesDataPoint added in v0.7.0 

type TimeSeriesDataPoint struct {
	Date     string `json:"date"`
	Total    int    `json:"total"`
	Critical int    `json:"critical"`
	High     int    `json:"high"`
	Medium   int    `json:"medium"`
	Low      int    `json:"low"`
}

TimeSeriesDataPoint represents vulnerability counts for a specific date.

type TimeSeriesResult added in v0.7.0 

type TimeSeriesResult struct {
	Image      string                 `json:"image"`
	DataPoints []*TimeSeriesDataPoint `json:"data_points"`
}

TimeSeriesResult represents vulnerability counts over time for an image.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.