Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

finding

package

Go to main page

Versions in this module

v0

v0.2.0

Apr 23, 2026

Changes in this version

+ var ErrBulkBudgetExceeded = errors.New("bulk operation budget exceeded for this hour")

+ var ErrBulkNegativeSize = errors.New("bulk request size must be positive")

+ var ErrBulkTooLarge = errors.New("bulk request exceeds size ceiling; requires operator approval")

+ var ErrPriorityFloodSuppressed = errors.New("tenant priority flood budget exceeded; downstream fan-out suppressed")

+ type AddCommentInput struct

+ AuthorID string

+ Content string

+ FindingID string

+ TenantID string

+ type AddStatusChangeCommentInput struct

+ AuthorID string

+ Content string

+ FindingID string

+ NewStatus string

+ OldStatus string

+ TenantID string

+ type ApproveStatusInput struct

+ ApprovalID string

+ ApprovedBy string

+ TenantID string

+ type AutoAssignToOwnersResult struct

+ Assigned int

+ ByOwner map[string]int

+ Unassigned int

+ type BulkAssignInput struct

+ AssignerID string

+ FindingIDs []string

+ UserID string

+ type BulkFixAppliedInput struct

+ Filter vulnerability.FindingFilter

+ IncludeRelatedCVEs bool

+ Note string

+ Reference string

+ type BulkFixAppliedResult struct

+ AssetsAffected int

+ ByCVE map[string]int

+ Skipped int

+ Updated int

+ type BulkGuard struct

+ func NewBulkGuard(cfg BulkGuardConfig) *BulkGuard

+ func (g *BulkGuard) CheckBulk(ctx context.Context, tenantID shared.ID, size int, operatorApproved bool) error

+ func (g *BulkGuard) UsageThisHour(tenantID shared.ID) int

+ type BulkGuardConfig struct

+ HourlyBudget int

+ Now func() time.Time

+ SizeCeiling int

+ type BulkUpdateResult struct

+ Errors []string

+ Failed int

+ Updated int

+ type BulkUpdateStatusInput struct

+ ActorID string

+ FindingIDs []string

+ Resolution string

+ Status string

+ type BurpIssue struct

+ Confidence string

+ Host string

+ IssueBackground string

+ IssueDetail string

+ Location string

+ Name string

+ Path string

+ RemediationBG string

+ RemediationDetail string

+ RequestResponse []struct{ ... }

+ SerialNumber string

+ Severity string

+ Type string

+ XMLName xml.Name

+ type BurpIssues struct

+ Issues []BurpIssue

+ XMLName xml.Name

+ type CachedCategory struct

+ Code string

+ Description string

+ DisplayOrder int

+ ID string

+ Icon string

+ Name string

+ type CachedFindingSource struct

+ CategoryCode string

+ CategoryID string

+ CategoryName string

+ Code string

+ Color string

+ Description string

+ DisplayOrder int

+ ID string

+ Icon string

+ IsSystem bool

+ Name string

+ type CachedFindingSources struct

+ ByCategory map[string][]int

+ ByCode map[string]int

+ CachedAt time.Time

+ Categories []*CachedCategory

+ Sources []*CachedFindingSource

+ type CancelApprovalInput struct

+ ApprovalID string

+ CanceledBy string

+ TenantID string

+ type ClassifyFindingInput struct

+ CVEID string

+ CVSSScore *float64

+ CVSSVector string

+ CWEIDs []string

+ OWASPIDs []string

+ type CompensatingControlLookup interface

+ GetEffectiveForAssets func(ctx context.Context, tenantID shared.ID, assetIDs []shared.ID) (map[shared.ID]float64, error)

+ type CreateFindingInput struct

+ AssetID string

+ BranchID string

+ ComponentID string

+ EndColumn int

+ EndLine int

+ FilePath string

+ Message string

+ RuleID string

+ ScanID string

+ Severity string

+ Snippet string

+ Source string

+ StartColumn int

+ StartLine int

+ TenantID string

+ ToolName string

+ ToolVersion string

+ VulnerabilityID string

+ type CreateVulnerabilityInput struct

+ CVEID string

+ CVSSScore *float64

+ CVSSVector string

+ Description string

+ EPSSPercentile *float64

+ EPSSScore *float64

+ ExploitAvailable bool

+ ExploitMaturity string

+ FixedVersions []string

+ Remediation string

+ Severity string

+ Title string

+ type EPSSData struct

+ Percentile float64

+ Score float64

+ type EPSSRepository interface

+ GetByCVEIDs func(ctx context.Context, cveIDs []string) (map[string]EPSSData, error)

+ type FindingActionsService struct

+ func NewFindingActionsService(findingRepo vulnerability.FindingRepository, ...) *FindingActionsService

+ func (s *FindingActionsService) AutoAssignToOwners(ctx context.Context, tenantID string, assignerID string, ...) (*AutoAssignToOwnersResult, error)

+ func (s *FindingActionsService) BulkFixApplied(ctx context.Context, tenantID string, userID string, input BulkFixAppliedInput) (*BulkFixAppliedResult, error)

+ func (s *FindingActionsService) BulkRejectByFilter(ctx context.Context, tenantID string, userID string, input RejectByFilterInput) (int64, error)

+ func (s *FindingActionsService) BulkRejectFix(ctx context.Context, tenantID string, userID string, findingIDs []string, ...) (*BulkUpdateResult, error)

+ func (s *FindingActionsService) BulkVerify(ctx context.Context, tenantID string, userID string, findingIDs []string, ...) (*BulkUpdateResult, error)

+ func (s *FindingActionsService) BulkVerifyByFilter(ctx context.Context, tenantID string, userID string, input VerifyByFilterInput) (int64, error)

+ func (s *FindingActionsService) GetRelatedCVEs(ctx context.Context, tenantID string, cveID string, ...) ([]vulnerability.RelatedCVE, error)

+ func (s *FindingActionsService) ListFindingGroups(ctx context.Context, tenantID string, groupBy string, ...) (pagination.Result[*vulnerability.FindingGroup], error)

+ func (s *FindingActionsService) RequestVerificationScan(ctx context.Context, tenantID, userID string, ...) (*RequestVerificationScanResult, error)

+ func (s *FindingActionsService) SetVerificationScanTrigger(trigger VerificationScanTrigger)

+ type FindingCommentService struct

+ func NewFindingCommentService(commentRepo vulnerability.FindingCommentRepository, ...) *FindingCommentService

+ func (s *FindingCommentService) AddComment(ctx context.Context, input AddCommentInput) (*vulnerability.FindingComment, error)

+ func (s *FindingCommentService) AddStatusChangeComment(ctx context.Context, input AddStatusChangeCommentInput) (*vulnerability.FindingComment, error)

+ func (s *FindingCommentService) CountFindingComments(ctx context.Context, findingID string) (int, error)

+ func (s *FindingCommentService) DeleteComment(ctx context.Context, tenantID, commentID, authorID string) error

+ func (s *FindingCommentService) GetComment(ctx context.Context, commentID string) (*vulnerability.FindingComment, error)

+ func (s *FindingCommentService) ListFindingComments(ctx context.Context, findingID string) ([]*vulnerability.FindingComment, error)

+ func (s *FindingCommentService) UpdateComment(ctx context.Context, tenantID, commentID, authorID string, ...) (*vulnerability.FindingComment, error)

+ type FindingImportService struct

+ func NewFindingImportService(repo vulnerability.FindingRepository, log *logger.Logger) *FindingImportService

+ func (s *FindingImportService) ImportBurpXML(ctx context.Context, tenantID, campaignID string, reader io.Reader) (*ImportResult, error)

+ func (s *FindingImportService) ImportCSV(ctx context.Context, tenantID, campaignID string, reader io.Reader) (*ImportResult, error)

+ type FindingLifecycleScheduler struct

+ func NewFindingLifecycleScheduler(findingRepo vulnerability.FindingRepository, tenantLister TenantLister, ...) *FindingLifecycleScheduler

+ func (s *FindingLifecycleScheduler) Start()

+ func (s *FindingLifecycleScheduler) Stop()

+ type FindingLifecycleSchedulerConfig struct

+ CheckInterval time.Duration

+ DefaultExpiryDays int

+ Enabled bool

+ func DefaultFindingLifecycleSchedulerConfig() FindingLifecycleSchedulerConfig

+ type FindingNotifier interface

+ NotifyNewFinding func(tenantID, title, body, severity, url string)

+ type FindingSourceCacheService struct

+ func NewFindingSourceCacheService(redisClient *redis.Client, repo findingsource.Repository, log *logger.Logger) (*FindingSourceCacheService, error)

+ func (s *FindingSourceCacheService) GetAll(ctx context.Context) (*CachedFindingSources, error)

+ func (s *FindingSourceCacheService) GetByCategory(ctx context.Context, categoryCode string) ([]*CachedFindingSource, error)

+ func (s *FindingSourceCacheService) GetByCode(ctx context.Context, code string) (*CachedFindingSource, error)

+ func (s *FindingSourceCacheService) GetCategories(ctx context.Context) ([]*CachedCategory, error)

+ func (s *FindingSourceCacheService) InvalidateAll(ctx context.Context) error

+ func (s *FindingSourceCacheService) IsValidCode(ctx context.Context, code string) (bool, error)

+ func (s *FindingSourceCacheService) Refresh(ctx context.Context) (*CachedFindingSources, error)

+ func (s *FindingSourceCacheService) WarmCache(ctx context.Context) error

+ type FindingSourceService struct

+ func NewFindingSourceService(repo findingsource.Repository, categoryRepo findingsource.CategoryRepository, ...) *FindingSourceService

+ func (s *FindingSourceService) GetCategory(ctx context.Context, categoryID string) (*findingsource.Category, error)

+ func (s *FindingSourceService) GetCategoryByCode(ctx context.Context, code string) (*findingsource.Category, error)

+ func (s *FindingSourceService) GetFindingSource(ctx context.Context, findingSourceID string) (*findingsource.FindingSource, error)

+ func (s *FindingSourceService) GetFindingSourceByCode(ctx context.Context, code string) (*findingsource.FindingSource, error)

+ func (s *FindingSourceService) IsValidSourceCode(ctx context.Context, code string) (bool, error)

+ func (s *FindingSourceService) ListActiveCategories(ctx context.Context) ([]*findingsource.Category, error)

+ func (s *FindingSourceService) ListActiveFindingSources(ctx context.Context) ([]*findingsource.FindingSource, error)

+ func (s *FindingSourceService) ListActiveFindingSourcesByCategory(ctx context.Context, categoryID string) ([]*findingsource.FindingSource, error)

+ func (s *FindingSourceService) ListActiveFindingSourcesWithCategory(ctx context.Context) ([]*findingsource.FindingSourceWithCategory, error)

+ func (s *FindingSourceService) ListCategories(ctx context.Context, filter findingsource.CategoryFilter, ...) (pagination.Result[*findingsource.Category], error)

+ func (s *FindingSourceService) ListFindingSources(ctx context.Context, filter findingsource.Filter, ...) (pagination.Result[*findingsource.FindingSource], error)

+ func (s *FindingSourceService) ListFindingSourcesWithCategory(ctx context.Context, filter findingsource.Filter, ...) (pagination.Result[*findingsource.FindingSourceWithCategory], error)

+ type GetFindingStatsInput struct

+ ActingUserID string

+ AssetID string

+ IsAdmin bool

+ TenantID string

+ type ImportResult struct

+ Created int

+ Errors int

+ Messages []string

+ Skipped int

+ Total int

+ type KEVData struct

+ DueDate *time.Time

+ Ransomware string

+ type KEVRepository interface

+ GetByCVEIDs func(ctx context.Context, cveIDs []string) (map[string]KEVData, error)

+ type ListFindingsInput struct

+ ActingUserID string

+ AssetID string

+ BranchID string

+ ComponentID string

+ ExcludeStatuses []string

+ FilePath string

+ IsAdmin bool

+ Page int

+ PerPage int

+ RuleID string

+ ScanID string

+ Search string

+ Severities []string

+ Sort string

+ Sources []string

+ Statuses []string

+ TenantID string

+ ToolName string

+ VulnerabilityID string

+ type ListVulnerabilitiesInput struct

+ CISAKEVOnly *bool

+ CVEIDs []string

+ ExploitAvailable *bool

+ MaxCVSS *float64

+ MinCVSS *float64

+ MinEPSS *float64

+ Page int

+ PerPage int

+ Search string

+ Severities []string

+ Sort string

+ Statuses []string

+ type PriorityAuditEntry struct

+ ActorID *shared.ID

+ FindingID shared.ID

+ NewClass vulnerability.PriorityClass

+ PreviousClass *vulnerability.PriorityClass

+ Reason string

+ RuleID *shared.ID

+ Source string

+ TenantID shared.ID

+ type PriorityAuditRepository interface

+ LogChange func(ctx context.Context, entry PriorityAuditEntry) error

+ type PriorityChangeEvent struct

+ At time.Time

+ FindingID shared.ID

+ NewClass vulnerability.PriorityClass

+ PreviousClass *vulnerability.PriorityClass

+ Reason string

+ RuleID *shared.ID

+ Source string

+ TenantID shared.ID

+ type PriorityChangePublisher interface

+ Publish func(ctx context.Context, event PriorityChangeEvent) error

+ type PriorityClassificationService struct

+ func NewPriorityClassificationService(findingRepo vulnerability.FindingRepository, assetRepo asset.Repository, ...) *PriorityClassificationService

+ func (s *PriorityClassificationService) ClassifyFinding(ctx context.Context, tenantID shared.ID, finding *vulnerability.Finding, ...) error

+ func (s *PriorityClassificationService) EnrichAndClassifyBatch(ctx context.Context, tenantID shared.ID, findings []*vulnerability.Finding, ...) error

+ func (s *PriorityClassificationService) SetChangePublisher(p PriorityChangePublisher)

+ func (s *PriorityClassificationService) SetControlLookup(lookup CompensatingControlLookup)

+ func (s *PriorityClassificationService) SetPriorityFloodGuard(g *PriorityFloodGuard)

+ type PriorityFloodConfig struct

+ MaxPerHour int

+ Now func() time.Time

+ ProtectedClass vulnerability.PriorityClass

+ type PriorityFloodGuard struct

+ func NewPriorityFloodGuard(cfg PriorityFloodConfig) *PriorityFloodGuard

+ func (g *PriorityFloodGuard) CurrentUsage(tenantID shared.ID) int

+ func (g *PriorityFloodGuard) Refund(tenantID shared.ID)

+ func (g *PriorityFloodGuard) ShouldFanOut(ctx context.Context, tenantID shared.ID, class vulnerability.PriorityClass) (bool, error)

+ type PriorityRuleRepository interface

+ ListActiveByTenant func(ctx context.Context, tenantID shared.ID) ([]*vulnerability.PriorityOverrideRule, error)

+ type RejectApprovalInput struct

+ ApprovalID string

+ Reason string

+ RejectedBy string

+ TenantID string

+ type RejectByFilterInput struct

+ Filter vulnerability.FindingFilter

+ Reason string

+ type RequestApprovalInput struct

+ ExpiresAt *string

+ FindingID string

+ Justification string

+ RequestedBy string

+ RequestedStatus string

+ TenantID string

+ type RequestVerificationScanInput struct

+ FindingID string

+ ScannerName string

+ WorkflowID string

+ type RequestVerificationScanResult struct

+ AssetID string

+ AssetName string

+ FindingID string

+ PipelineRunID string

+ ScanID string

+ type TenantLister interface

+ ListActiveTenantIDs func(ctx context.Context) ([]shared.ID, error)

+ type UpdateCommentInput struct

+ Content string

+ type UpdateFindingStatusInput struct

+ ActorID string

+ HasVerifyPermission bool

+ Resolution string

+ Status string

+ type UpdateVulnerabilityInput struct

+ CVSSScore *float64

+ CVSSVector *string

+ Description *string

+ EPSSPercentile *float64

+ EPSSScore *float64

+ ExploitAvailable *bool

+ ExploitMaturity *string

+ FixedVersions []string

+ Remediation *string

+ Severity *string

+ Status *string

+ Title *string

+ type VerificationScanTrigger interface

+ TriggerVerificationScan func(ctx context.Context, tenantID, createdBy, scannerName, workflowID string, ...) (pipelineRunID, scanID string, err error)

+ type VerifyByFilterInput struct

+ Filter vulnerability.FindingFilter

+ Note string

+ type VulnerabilityService struct

+ func NewVulnerabilityService(vulnRepo vulnerability.VulnerabilityRepository, ...) *VulnerabilityService

+ func (s *VulnerabilityService) AddFindingComment(ctx context.Context, tenantID, findingID, authorID, content string) (*vulnerability.FindingComment, error)

+ func (s *VulnerabilityService) ApproveStatus(ctx context.Context, input ApproveStatusInput) (*vulnerability.Approval, error)

+ func (s *VulnerabilityService) AssignFinding(ctx context.Context, findingID, tenantID, userID, assignerID string) (*vulnerability.Finding, error)

+ func (s *VulnerabilityService) BulkAssignFindings(ctx context.Context, tenantID string, input BulkAssignInput) (*BulkUpdateResult, error)

+ func (s *VulnerabilityService) BulkUpdateFindingStatus(ctx context.Context, tenantID shared.ID, ids []shared.ID, ...) error

+ func (s *VulnerabilityService) BulkUpdateFindingsStatus(ctx context.Context, tenantID string, input BulkUpdateStatusInput) (*BulkUpdateResult, error)

+ func (s *VulnerabilityService) CancelApproval(ctx context.Context, input CancelApprovalInput) (*vulnerability.Approval, error)

+ func (s *VulnerabilityService) ClassifyFinding(ctx context.Context, findingID, tenantID string, input ClassifyFindingInput) (*vulnerability.Finding, error)

+ func (s *VulnerabilityService) CountAssetFindings(ctx context.Context, tenantID string, assetID string) (int64, error)

+ func (s *VulnerabilityService) CountOpenAssetFindings(ctx context.Context, tenantID string, assetID string) (int64, error)

+ func (s *VulnerabilityService) CreateFinding(ctx context.Context, input CreateFindingInput) (*vulnerability.Finding, error)

+ func (s *VulnerabilityService) CreateVulnerability(ctx context.Context, input CreateVulnerabilityInput) (*vulnerability.Vulnerability, error)

+ func (s *VulnerabilityService) DeleteAssetFindings(ctx context.Context, tenantID string, assetID string) error

+ func (s *VulnerabilityService) DeleteFinding(ctx context.Context, findingID string, tenantID string) error

+ func (s *VulnerabilityService) DeleteFindingComment(ctx context.Context, tenantID, commentID, authorID string) error

+ func (s *VulnerabilityService) DeleteVulnerability(ctx context.Context, vulnID string) error

+ func (s *VulnerabilityService) GetFinding(ctx context.Context, tenantID, findingID string) (*vulnerability.Finding, error)

+ func (s *VulnerabilityService) GetFindingCountsByScanID(ctx context.Context, tenantID, scanID string) (vulnerability.SeverityCounts, error)

+ func (s *VulnerabilityService) GetFindingStats(ctx context.Context, tenantID string) (*vulnerability.FindingStats, error)

+ func (s *VulnerabilityService) GetFindingStatsWithScope(ctx context.Context, input GetFindingStatsInput) (*vulnerability.FindingStats, error)

+ func (s *VulnerabilityService) GetFindingWithScope(ctx context.Context, tenantID, findingID, actingUserID string, isAdmin bool) (*vulnerability.Finding, error)

+ func (s *VulnerabilityService) GetVulnerability(ctx context.Context, vulnID string) (*vulnerability.Vulnerability, error)

+ func (s *VulnerabilityService) GetVulnerabilityByCVE(ctx context.Context, cveID string) (*vulnerability.Vulnerability, error)

+ func (s *VulnerabilityService) ListAssetFindings(ctx context.Context, tenantID string, assetID string, sort string, ...) (pagination.Result[*vulnerability.Finding], error)

+ func (s *VulnerabilityService) ListFindingApprovals(ctx context.Context, tenantID, findingID string) ([]*vulnerability.Approval, error)

+ func (s *VulnerabilityService) ListFindingComments(ctx context.Context, findingID string) ([]*vulnerability.FindingComment, error)

+ func (s *VulnerabilityService) ListFindings(ctx context.Context, input ListFindingsInput) (pagination.Result[*vulnerability.Finding], error)

+ func (s *VulnerabilityService) ListPendingApprovals(ctx context.Context, tenantID string, page, perPage int) (pagination.Result[*vulnerability.Approval], error)

+ func (s *VulnerabilityService) ListVulnerabilities(ctx context.Context, input ListVulnerabilitiesInput) (pagination.Result[*vulnerability.Vulnerability], error)

+ func (s *VulnerabilityService) RejectApproval(ctx context.Context, input RejectApprovalInput) (*vulnerability.Approval, error)

+ func (s *VulnerabilityService) RequestApproval(ctx context.Context, input RequestApprovalInput) (*vulnerability.Approval, error)

+ func (s *VulnerabilityService) SetAITriageService(svc *aitriage.AITriageService)

+ func (s *VulnerabilityService) SetAccessControlRepository(repo accesscontrol.Repository)

+ func (s *VulnerabilityService) SetActivityService(svc *activity.FindingActivityService)

+ func (s *VulnerabilityService) SetApprovalRepository(repo vulnerability.ApprovalRepository)

+ func (s *VulnerabilityService) SetAssignmentEngine(engine *assignment.Engine)

+ func (s *VulnerabilityService) SetCommentRepository(repo vulnerability.FindingCommentRepository)

+ func (s *VulnerabilityService) SetDataFlowRepository(repo vulnerability.DataFlowRepository)

+ func (s *VulnerabilityService) SetFindingNotifier(notifier FindingNotifier)

+ func (s *VulnerabilityService) SetFindingTags(ctx context.Context, findingID, tenantID string, tags []string) (*vulnerability.Finding, error)

+ func (s *VulnerabilityService) SetOutboxService(db *sql.DB, svc *outbox.Service)

+ func (s *VulnerabilityService) SetUserNotificationService(svc *integration.NotificationService)

+ func (s *VulnerabilityService) SetUserRepository(repo user.Repository)

+ func (s *VulnerabilityService) TriageFinding(ctx context.Context, findingID, tenantID, userID, reason string) (*vulnerability.Finding, error)

+ func (s *VulnerabilityService) UnassignFinding(ctx context.Context, findingID, tenantID, actorID string) (*vulnerability.Finding, error)

+ func (s *VulnerabilityService) UpdateFindingComment(ctx context.Context, tenantID, commentID, authorID, content string) (*vulnerability.FindingComment, error)

+ func (s *VulnerabilityService) UpdateFindingSeverity(ctx context.Context, findingID, tenantID, severityStr, actorID string) (*vulnerability.Finding, error)

+ func (s *VulnerabilityService) UpdateFindingStatus(ctx context.Context, findingID string, tenantID string, ...) (*vulnerability.Finding, error)

+ func (s *VulnerabilityService) UpdateVulnerability(ctx context.Context, vulnID string, input UpdateVulnerabilityInput) (*vulnerability.Vulnerability, error)

+ func (s *VulnerabilityService) VerifyFinding(ctx context.Context, findingID, tenantID, userID string) (*vulnerability.Finding, error)