nodejs

package
v1.5.49 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 5, 2026 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Overview

Package nodejs contains components for interrogating nodejs packages in container layers.

Index

Constants

View Source 
const (
	// PURLType is the type of package URL for Node.js packages.
	PURLType = "npm"
)

Variables

View Source 
var (
	Repository = claircore.Repository{
		Name: repository,
		URI:  "https://www.npmjs.com/",
	}
)

Functions

func GeneratePURL added in v1.5.49 

func GeneratePURL(ctx context.Context, ir *claircore.IndexRecord) (packageurl.PackageURL, error)

GeneratePURL generates a Node.js PURL for a given claircore.IndexRecord. Example: pkg:npm/express@4.18.2

func NewCoalescer 

func NewCoalescer(_ context.Context) (indexer.Coalescer, error)

func NewEcosystem 

func NewEcosystem(_ context.Context) *indexer.Ecosystem

NewEcosystem provides the set of scanners for the nodejs ecosystem.

func ParsePURL added in v1.5.49 

func ParsePURL(ctx context.Context, purl packageurl.PackageURL) ([]*claircore.IndexRecord, error)

ParsePURL parses a Node.js PURL into a list of [claircore.IndexRecord]s. The matcher needs the NormalizedVersion to be set.

Types

type Matcher 

type Matcher struct{}

Matcher attempts to correlate discovered nodejs packages with reported vulnerabilities.

func (*Matcher) Filter 

func (*Matcher) Filter(record *claircore.IndexRecord) bool

Filter implements driver.Matcher.

func (*Matcher) Name 

func (*Matcher) Name() string

Name implements driver.Matcher.

func (*Matcher) Query 

func (*Matcher) Query() []driver.MatchConstraint

Query implements driver.Matcher.

func (*Matcher) VersionAuthoritative 

func (*Matcher) VersionAuthoritative() bool

func (*Matcher) VersionFilter 

func (*Matcher) VersionFilter()

func (*Matcher) Vulnerable 

func (*Matcher) Vulnerable(_ context.Context, _ *claircore.IndexRecord, _ *claircore.Vulnerability) (bool, error)

Vulnerable implements driver.Matcher.

type Scanner 

type Scanner struct{}

Scanner implements the scanner.PackageScanner interface.

It looks for files that seem like package.json and looks at the metadata recorded there.

The zero value is ready to use.

func (*Scanner) DefaultRepository 

func (*Scanner) DefaultRepository(_ context.Context) *claircore.Repository

DefaultRepository implements indexer.DefaultRepoScanner.

func (*Scanner) Kind 

func (*Scanner) Kind() string

Kind implements scanner.VersionedScanner.

func (*Scanner) Name 

func (*Scanner) Name() string

Name implements scanner.VersionedScanner.

func (*Scanner) Scan 

func (s *Scanner) Scan(ctx context.Context, layer *claircore.Layer) ([]*claircore.Package, error)

Scan attempts to find package.json files and record the package information there.

A return of (nil, nil) is expected if there's nothing found.

func (*Scanner) Version 

func (*Scanner) Version() string

Version implements scanner.VersionedScanner.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.