processor

package
v0.7.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 8, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

Package processor orchestrates the import and query workflows.

Import workflow:

  1. Parse scanner JSON output
  2. Auto-detect scanner format via converter registry
  3. Convert to normalized Vulnerability structures
  4. Deduplicate by SHA256 hash of exposure+package+version
  5. Store via target importer

Query workflow:

  1. Validate query options
  2. Determine query type (images, digests, exposure, packages, etc.)
  3. Execute via target querier
  4. Format output (JSON or SARIF)

Example import: 

opts := &processor.ImportOptions{
    Source: "docker.io/redis:latest",
    File:   "grype-output.json",
    Target: "sqlite://vulns.db",
}
err := processor.Import(ctx, opts)

Example query: 

opts := &query.Options{
    Image:  "docker.io/redis",
    Target: "sqlite://vulns.db",
    Format: query.FormatJSON,
}
result, err := processor.QueryWithContext(ctx, opts)

Index

Constants

View Source 
const (
	FormatUnknown   Format = iota
	FormatGrypeJSON        // grype JSON format
	FormatTrivyJSON        // trivy JSON format
	FormatSnykJSON         // snyk JSON format

	FormatUnknownName   = "unknown"
	FormatGrypeJSONName = "grype"
	FormatTrivyJSONName = "trivy"
	FormatSnykJSONName  = "snyk"
)

Variables

This section is empty.

Functions

func GetConverterNames added in v0.7.0 

func GetConverterNames() []string

GetConverterNames returns the names of all available converters.

func GetFormatNames deprecated 

func GetFormatNames() []string

GetFormatNames returns the names of the supported source formats.

Deprecated: Use GetConverterNames() instead.

func Import added in v0.5.0 

func Import(opt *ImportOptions) error

Import imports the vulnerability report to the target data store.

func ImportWithContext added in v0.7.0 

func ImportWithContext(ctx context.Context, opt *ImportOptions) error

ImportWithContext imports the vulnerability report to the target data store with context support.

func Query added in v0.5.0 

func Query(opt *query.Options) error

Query queries the vulnerability data from the target data store.

func QueryWithContext added in v0.7.0 

func QueryWithContext(ctx context.Context, opt *query.Options) error

QueryWithContext queries the vulnerability data with context support.

Types

type Format deprecated 

type Format int64

Format represents the source format.

Deprecated: Use converter.Registry.Detect() instead.

func GetFormats deprecated 

func GetFormats() []Format

GetFormats returns the supported source formats.

Deprecated: Use GetConverterNames() instead.

func ParseFormat 

func ParseFormat(s string) (Format, error)

ParseFormat parses the source format.

func (Format) String 

func (f Format) String() string

String returns the string representation of the source format.

type Hashible 

type Hashible interface {
	GetID() string
}

type ImportOptions added in v0.5.0 

type ImportOptions struct {
	// Source is the URI of the image from which the report was generated.
	Source string

	// File path to the vulnerability report to import.
	File string

	// Scanners is the list of scanners to use.
	Scanners string

	// Target is the target data store uri.
	Target string

	// FormatType is the type of the format (e.g. json, yaml, etc.).
	//
	// Deprecated: Use detectedConverter instead.
	FormatType Format
	// contains filtered or unexported fields
}

ImportOptions represents the input options.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.