code

package

v1.14.0 Latest Latest Go to latest Published: Feb 25, 2026 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/safedep/vet

Links

Documentation ¶

Index ¶

type QueryRepository
- func NewQueryRepository(client *ent.Client) QueryRepository
type ReaderRepository
- func NewReaderRepository(client *ent.Client) (ReaderRepository, error)
type Scanner
- func NewScanner(config ScannerConfig, storage storage.Storage[*ent.Client]) (Scanner, error)
type ScannerCallbackRegistry
type ScannerConfig
type SignatureMatchData
type SignatureMatchFilter
type SignatureMatchQueryResult

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type QueryRepository ¶ added in v1.14.0

type QueryRepository interface {
	QuerySignatureMatches(ctx context.Context, filter SignatureMatchFilter) (*SignatureMatchQueryResult, error)
}

QueryRepository provides filtered, paginated queries for code scan data.

func NewQueryRepository ¶ added in v1.14.0

func NewQueryRepository(client *ent.Client) QueryRepository

NewQueryRepository creates a new QueryRepository backed by the given ent client.

type ReaderRepository ¶ added in v1.9.2

type ReaderRepository interface {
	GetDependencyUsageEvidencesByPackageName(context.Context, string) ([]*ent.DepsUsageEvidence, error)
	GetSignatureMatchesByPackageHint(context.Context, string) ([]*ent.CodeSignatureMatch, error)
	GetAllSignatureMatches(context.Context) ([]*ent.CodeSignatureMatch, error)
	GetApplicationSignatureMatches(context.Context) ([]*ent.CodeSignatureMatch, error)
}

Repository exposed to rest of the vet to query code analysis data persisted in the storage. This is a contract to the rest of the system

func NewReaderRepository ¶ added in v1.9.2

func NewReaderRepository(client *ent.Client) (ReaderRepository, error)

type Scanner ¶ added in v1.9.2

type Scanner interface {
	Scan(context.Context) error
}

Scanner defines the contract for implementing a code scanner. The purpose of code scanner is to scan configured directories for code files, parse them, process them with plugins, persist the plugin results. It should also expose the necessary callbacks for interactive applications to show progress to user.

func NewScanner ¶ added in v1.9.2

func NewScanner(config ScannerConfig, storage storage.Storage[*ent.Client]) (Scanner, error)

type ScannerCallbackRegistry ¶ added in v1.9.2

type ScannerCallbackRegistry struct {
	// On start of scan
	OnScanStart func() error

	// On end of scan
	OnScanEnd func() error

	// OnFileScanned fires for each file processed by the callgraph plugin.
	// It is fire-and-forget and must not block or fail the scan.
	OnFileScanned func(filePath string)

	// OnSignatureMatch fires for each individual signature match found.
	// It is fire-and-forget and must not block or fail the scan.
	OnSignatureMatch func(match *SignatureMatchData)
}

type ScannerConfig ¶ added in v1.9.2

type ScannerConfig struct {
	// First party application code directories
	AppDirectories []string

	// 3rd party imported code directories (e.g. Python virtual env, `node_modules` etc.)
	ImportDirectories []string

	// Regular expressions to exclude files or directories
	// from traversal
	ExcludePatterns []*regexp.Regexp

	// Languages to scan
	Languages []core.Language

	// Define callbacks if required
	Callbacks *ScannerCallbackRegistry

	// Plugin specific configuration
	SkipDependencyUsagePlugin bool

	// Signature matching configuration
	SkipSignatureMatching bool
	SignaturesToMatch     []*callgraphv1.Signature
}

ScannerConfig define configuration for the scanner

type SignatureMatchData ¶ added in v1.14.0

type SignatureMatchData struct {
	SignatureID          string
	SignatureVendor      string
	SignatureProduct     string
	SignatureService     string
	SignatureDescription string
	Tags                 []string
	FilePath             string
	Language             string
	Line                 uint
	Column               uint
	CalleeNamespace      string
	MatchedCall          string
	PackageHint          string // empty = app-level finding
}

SignatureMatchData holds the flattened data for a single signature match occurrence.

type SignatureMatchFilter ¶ added in v1.14.0

type SignatureMatchFilter struct {
	Tags          []string // OR: match has at least one of these tags
	Languages     []string // OR: match language is one of these
	Vendors       []string // OR: match vendor is one of these
	Products      []string // OR: match product is one of these
	Services      []string // OR: match service is one of these
	FileSubstring string   // case-insensitive substring match on file_path
	Limit         int      // max rows to return (0 = unlimited)
}

SignatureMatchFilter describes the filter criteria for querying signature matches from the database.

type SignatureMatchQueryResult ¶ added in v1.14.0

type SignatureMatchQueryResult struct {
	Matches    []*ent.CodeSignatureMatch
	TotalCount int
}

SignatureMatchQueryResult holds the query results along with the total count of matches (before limit is applied).

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL