Documentation
¶
Overview ¶
Package scan contains reusable scan utilities shared by CLI commands.
Index ¶
- func BuildGraphFragmentExport(result *engine.DepScanResult) graphfrag.GraphFragmentExport
- func CountFindings(report *entities.InterimReport) int
- func DetectEcosystem(target string) string
- func DetectRootModule(targetDir, ecosystem string) string
- func ExportCallGraph(path, format string, result *engine.DepScanResult) error
- func ExportGraphFragment(path, format string, result *engine.DepScanResult) error
- func ParseDuration(s string) (time.Duration, error)
- func PrintSummary(outputPath string, filesCount, findingsCount int) error
- func ValidateFlags(target string, opts ValidationOptions) ([]string, error)
- type ValidationOptions
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BuildGraphFragmentExport ¶ added in v0.6.0
func BuildGraphFragmentExport(result *engine.DepScanResult) graphfrag.GraphFragmentExport
BuildGraphFragmentExport projects a dependency scan result onto the public graph-fragment export schema.
func CountFindings ¶
func CountFindings(report *entities.InterimReport) int
CountFindings counts total cryptographic assets across all findings.
func DetectEcosystem ¶
DetectEcosystem checks the target directory for known manifest files and returns the corresponding ecosystem name ("go", "python", "java", "rust"). Returns empty string if no ecosystem is detected.
Polyglot resolution: when a pyproject.toml declares a Python package (via [project] / [tool.*] / PEP 517 build backend), it wins over Cargo.toml — this captures Python packages that embed Rust via PyO3, maturin or setuptools-rust (pyca/cryptography, pydantic-core, orjson, polars, ...). Polyglot conflicts outside the Python↔Rust pair are not disambiguated here; they keep the original precedence (Go → Java → Rust → Python fallback).
func DetectRootModule ¶
DetectRootModule returns a best-effort root module/package name for callgraph export. It is manifest-based when possible and falls back to the target directory name.
func ExportCallGraph ¶
func ExportCallGraph(path, format string, result *engine.DepScanResult) error
ExportCallGraph writes a finding-centric call graph export (schema v4.3).
func ExportGraphFragment ¶ added in v0.6.0
func ExportGraphFragment(path, format string, result *engine.DepScanResult) error
ExportGraphFragment writes the dependency scan result's call graph as a graph-fragment export in the requested format.
func ParseDuration ¶
ParseDuration parses a duration string supporting standard Go formats plus: - "d" for days (e.g., "30d" = 720 hours) - "w" for weeks (e.g., "2w" = 336 hours)
Standard formats (ns, us, ms, s, m, h) are parsed by time.ParseDuration.
func PrintSummary ¶
PrintSummary displays scan summary in a user-friendly format.
func ValidateFlags ¶
func ValidateFlags(target string, opts ValidationOptions) ([]string, error)
ValidateFlags validates scan inputs and returns normalized language hints.
Types ¶
type ValidationOptions ¶
type ValidationOptions struct {
RuleFiles []string
RuleDirs []string
NoRemoteRules bool
Scanner string
AllowedScanners []string
Interfile bool
InterfileScanner string
Format string
SupportedFormats []string
Languages []string
ScanDependencies bool
ExportCallgraph string
}
ValidationOptions contains scan flag values required for validation.
Source Files