rule

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 9, 2026 License: MIT Imports: 2 Imported by: 0

Documentation

Overview

Package rule defines rules and their results.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func FilterRules 

func FilterRules[T Rule](rules []T, filter *TargetFilter) []T

FilterRules returns only rules matching the filter. Returns all rules if filter is nil.

Types

type Applicability 

type Applicability struct {
	Platform  binary.Platform
	Compilers map[toolchain.Compiler]CompilerRequirement
}

Applicability defines which platforms and compilers a rule applies to.

type CompilerRequirement 

type CompilerRequirement struct {
	MinVersion     toolchain.Version
	DefaultVersion toolchain.Version
	Flag           string
}

CompilerRequirement specifies version and flag requirements for a compiler.

type CompilerTarget 

type CompilerTarget struct {
	Compiler   toolchain.Compiler
	MaxVersion *toolchain.Version
}

CompilerTarget specifies a compiler constraint for filtering rules.

type ELFRule 

type ELFRule interface {
	Rule
	Execute(bin *binary.ELFBinary) Result
}

ELFRule is a Rule that operates on ELF binaries.

type Finding 

type Finding struct {
	Result
	RuleID string
	Name   string
}

Finding is a Result with rule metadata attached.

type PlatformTarget 

type PlatformTarget struct {
	Architecture binary.Architecture
	MaxISA       *binary.ISA
}

PlatformTarget specifies an architecture constraint for filtering rules.

type Result 

type Result struct {
	Status  Status
	Message string
}

Result is the outcome of executing a rule.

type Rule 

type Rule interface {
	ID() string
	Name() string
	Description() string
	Applicability() Applicability
}

Rule is a check that can be executed against a binary.

type Status 

type Status int

Status indicates whether a rule passed, failed, or was skipped. 

const (
	StatusPassed Status = iota
	StatusFailed
	StatusSkipped
)

func (Status) String 

func (s Status) String() string

type TargetFilter 

type TargetFilter struct {
	Platforms []PlatformTarget
	Compilers []CompilerTarget
}

TargetFilter selects rules based on platform and compiler constraints.

Source Files

View all Source files

Directories

Path Synopsis
Package elf provides built-in ELF security hardening rules.
 Package elf provides built-in ELF security hardening rules.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.