readers

package

v1.12.21 Latest Latest Go to latest Published: Jan 31, 2026 License: Apache-2.0 Imports: 33 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/safedep/vet

Links

Documentation ¶

Overview ¶

Package readers implement the various supported package manifest readers. It defines an independent contract for implementing and reading packages from one or more package manifest files. For more details, refer TDD

Index ¶

func NewContainerImageReader(imageRef string, config ContainerImageReaderConfig) (*containerImageReader, error)
func NewGithubReader(client *github.Client, config GitHubReaderConfig) (*githubReader, error)
func NewSkillReader(client *github.Client, config SkillReaderConfig) (*skillReader, error)
func NewVSIXExtReader(distributions []string) (*vsixExtReader, error)
func NewVSIXExtReaderFromDefaultDistributions() (*vsixExtReader, error)
type BrewReaderConfig
type ContainerImageReaderConfig
- func DefaultContainerImageReaderConfig() ContainerImageReaderConfig
type DirectoryReaderConfig
type GitHubReaderConfig
type GithubOrgReaderConfig
type LockfileReaderConfig
type PackageManifestHandlerFn
type PackageManifestReader
type PackageReader
- func NewManifestModelReader(manifest *models.PackageManifest) PackageReader
type PurlReaderConfig
type SkillReaderConfig

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewContainerImageReader ¶ added in v1.11.0

func NewContainerImageReader(imageRef string, config ContainerImageReaderConfig) (*containerImageReader, error)

NewContainerImageReader fetches images using config and creates containerImageReader

func NewGithubReader ¶ added in v1.3.0

func NewGithubReader(client *github.Client,
	config GitHubReaderConfig,
) (*githubReader, error)

NewGithubReader creates a PackageManifestReader that can be used to read one or more `github_urls` interpreted as `lockfileAs`. When `lockfileAs` is empty the parser auto-detects the format based on file name. This reader fails and returns an error on first error encountered while parsing github_urls

func NewSkillReader ¶ added in v1.12.17

func NewSkillReader(client *github.Client, config SkillReaderConfig) (*skillReader, error)

NewSkillReader creates a PackageManifestReader for Agent Skills Skills are represented as GitHub repositories and treated as GitHub Actions packages for the purpose of malware analysis

func NewVSIXExtReader ¶ added in v1.12.0

func NewVSIXExtReader(distributions []string) (*vsixExtReader, error)

func NewVSIXExtReaderFromDefaultDistributions ¶ added in v1.12.0

func NewVSIXExtReaderFromDefaultDistributions() (*vsixExtReader, error)

Types ¶

type BrewReaderConfig ¶ added in v1.12.5

type BrewReaderConfig struct{}

type ContainerImageReaderConfig ¶ added in v1.11.0

type ContainerImageReaderConfig struct {
	// Pull image from remote registry if not found locally
	RemoteImageFetch bool
}

func DefaultContainerImageReaderConfig ¶ added in v1.11.0

func DefaultContainerImageReaderConfig() ContainerImageReaderConfig

type DirectoryReaderConfig ¶ added in v1.7.0

type DirectoryReaderConfig struct {
	// Path to enumerate
	Path string

	// Exclusions are glob patterns to ignore paths
	Exclusions []string

	// Explicitly walk for the given manifest type. If this is empty
	// directory reader will automatically try to find the suitable
	// parser for a given file
	ManifestTypeOverride string
}

type GitHubReaderConfig ¶ added in v1.8.1

type GitHubReaderConfig struct {
	Urls                         []string
	LockfileAs                   string
	SkipGitHubDependencyGraphAPI bool
}

type GithubOrgReaderConfig ¶ added in v1.4.0

type GithubOrgReaderConfig struct {
	OrganizationURL        string
	IncludeArchived        bool
	MaxRepositories        int
	SkipDependencyGraphAPI bool
	ExcludeRepos           []string
	PrivateOnly            bool
	IncludeForks           bool
}

type LockfileReaderConfig ¶ added in v1.12.0

type LockfileReaderConfig struct {
	Lockfiles  []string
	LockfileAs string

	// Exclusions are glob patterns to ignore paths
	Exclusions []string
}

type PackageManifestHandlerFn ¶ added in v1.4.0

type PackageManifestHandlerFn func(*models.PackageManifest, PackageReader) error

type PackageManifestReader ¶

type PackageManifestReader interface {
	Name() string
	EnumManifests(func(*models.PackageManifest, PackageReader) error) error
	ApplicationName() (string, error)
}

Contract for implementing package manifest readers such as lockfile parser, SBOM parser etc. Reader should stop enumeration and return error if handler returns an error

func NewBrewReader ¶ added in v1.12.5

func NewBrewReader(config BrewReaderConfig) (PackageManifestReader, error)

func NewDirectoryReader ¶ added in v1.0.0

func NewDirectoryReader(config DirectoryReaderConfig) (PackageManifestReader, error)

NewDirectoryReader creates a PackageManifestReader that can scan a directory for package manifests while honoring exclusion rules. This reader will log and ignore parser failure. But it will fail in case the manifest handler returns an error. Exclusion strings are treated as glob patterns and applied on the absolute file path discovered while talking the directory.

func NewGithubOrgReader ¶ added in v1.4.0

func NewGithubOrgReader(client *github.Client,
	config *GithubOrgReaderConfig,
) (PackageManifestReader, error)

NewGithubOrgReader creates a PackageManifestReader which enumerates a Github org, identifying repositories and scanning them using [githubReader]

func NewJsonDumpReader ¶ added in v1.0.0

func NewJsonDumpReader(path string) (PackageManifestReader, error)

NewJsonDumpReader creates a PackageManifestReader to read JSON dumps from the given directory path. The JSON files in the directory must be generated with `--json-dump-dir` scan option. This reader will fail on first error while scanning and loading JSON manifests from file

func NewLockfileReader ¶ added in v1.0.0

func NewLockfileReader(config LockfileReaderConfig) (PackageManifestReader, error)

NewLockfileReader creates a PackageManifestReader that can be used to read one or more `lockfiles` interpreted as `lockfileAs`. When `lockfileAs` is empty the parser auto-detects the format based on file name. This reader fails and returns an error on first error encountered while parsing lockfiles

func NewPurlReader ¶ added in v1.3.0

func NewPurlReader(purlString string, config PurlReaderConfig,
	versionResolver registry.PackageVersionResolver,
) (PackageManifestReader, error)

type PackageReader ¶

type PackageReader interface {
	EnumPackages(func(*models.Package) error) error
}

Contract for implementing a package reader. Enumerator should fail and return error if handler fails

func NewManifestModelReader ¶

func NewManifestModelReader(manifest *models.PackageManifest) PackageReader

NewManifestModelReader creates a PackageReader for a manifest model that enforces global exceptions policy to ignore packages based on policy It returns a PackageReader that can be used to enumerate all packages in the given manifest.

type PurlReaderConfig ¶ added in v1.10.0

type PurlReaderConfig struct {
	AutoResolveMissingVersions bool
}

type SkillReaderConfig ¶ added in v1.12.17

type SkillReaderConfig struct {
	// Skill specification in format: owner/repo or https://github.com/owner/repo
	SkillSpec string
}

SkillReaderConfig configures the skill reader

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL