Documentation
¶
Overview ¶
Package scanossapi provides primitives to interact with the openapi HTTP API.
Code generated by github.com/oapi-codegen/oapi-codegen/v2 version v2.4.1 DO NOT EDIT.
Index ¶
- type AttributionFile
- type AttributionItem
- type AttributionResponse
- type BadRequest
- type BatchRequest
- type BatchStatus
- type BatchStatusStatus
- type CVSS
- type CallArgument
- type CallNode
- type CallNodeOwnerVisibility
- type CallNodeVisibility
- type CallSite
- type Component
- type ComponentAlgorithms
- type ComponentAlgorithmsInRange
- type ComponentCpesInfo
- type ComponentData
- type ComponentHealth
- type ComponentHealthStatus
- type ComponentHints
- type ComponentHintsInRange
- type ComponentLicenseInfo
- type ComponentLicenseResponse
- type ComponentLifecycleStatus
- type ComponentLocation
- type ComponentLocationInfo
- type ComponentReachabilityRequest
- type ComponentReachabilityResponse
- type ComponentRequest
- type ComponentResult
- type ComponentSchemas
- type ComponentSearchHit
- type ComponentStatusResult
- type ComponentVersion
- type ComponentVersionLicense
- type ComponentVersionStatus
- type ComponentVersionsInRange
- type ComponentVersionsResponse
- type ComponentVulnerabilityInfo
- type ComponentsLicenseResponse
- type ComponentsSearchResponse
- type ComponentsStatusResponse
- type ContentIdPath
- type CopyrightDetection
- type CopyrightEvidenceFile
- type CopyrightEvidenceItem
- type CopyrightEvidenceResponse
- type CopyrightHolder
- type CopyrightHoldersItem
- type CopyrightHoldersResponse
- type CpesResponse
- type CryptoAlgorithm
- type CryptoAlgorithmsInRangeResponse
- type CryptoAlgorithmsResponse
- type CryptoAsset
- type CryptoAssetSource
- type CryptoEntryPoint
- type CryptoEntryPointOwnerVisibility
- type CryptoEntryPointVisibility
- type CryptoFinderMetadata
- type CryptoHint
- type CryptoHintsInRangeResponse
- type CryptoHintsResponse
- type CryptoVersionsInRangeResponse
- type DataFlowSource
- type DataFlowSourceType
- type DepTreeReachabilityRequest
- type DepTreeReachabilityResponse
- type DependenciesResolveResponse
- type Dependency
- type DependencyLicense
- type DetectorEnum
- type EPSS
- type EndLineQuery
- type EngineUnavailable
- type ErrorBody
- type ErrorBodyStatus
- type EvidenceRange
- type FileResult
- type FileResultMatchType
- type Finding
- type GeoContributorsResponse
- type GeoCuratedLocation
- type GeoDeclaredLocation
- type GeoLocation
- type GeoOriginResponse
- type GetComponentReachabilityJSONRequestBody
- type GetComponentStatusParams
- type GetComponentStatusParamsOnVersionNotFound
- type GetComponentVersionsParams
- type GetFileContentParams
- type GetLicensesComponentParams
- type GetLicensesComponentParamsOnVersionNotFound
- type GetLicensesDetailsParams
- type GetLicensesObligationsParams
- type GetMetadataContentParams
- type GetNoticeContentParams
- type GetReachabilityForDepTreeJSONRequestBody
- type GetScanRawParams
- type GetV3CryptographyAlgorithmsParams
- type GetV3CryptographyAlgorithmsParamsOnVersionNotFound
- type GetV3CryptographyAlgorithmsRangeParams
- type GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound
- type GetV3CryptographyAlgorithmsVersionsRangeParams
- type GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound
- type GetV3CryptographyHintsParams
- type GetV3CryptographyHintsParamsOnVersionNotFound
- type GetV3CryptographyHintsRangeParams
- type GetV3CryptographyHintsRangeParamsOnVersionNotFound
- type GetV3DependenciesDependenciesParams
- type GetV3DependenciesDependenciesParamsOnVersionNotFound
- type GetV3GeoprovenanceCountriesParams
- type GetV3GeoprovenanceCountriesParamsOnVersionNotFound
- type GetV3GeoprovenanceOriginParams
- type GetV3GeoprovenanceOriginParamsOnVersionNotFound
- type GetV3VulnerabilitiesCpesParams
- type GetV3VulnerabilitiesCpesParamsOnVersionNotFound
- type GetV3VulnerabilitiesVulnerabilitiesParams
- type GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound
- type InfoCode
- type InternalError
- type KnowledgeBase
- type LicenseDetails
- type LicenseDetailsResponse
- type LicenseDetection
- type LicenseEvidenceFile
- type LicenseEvidenceItem
- type LicenseEvidenceResponse
- type LicenseInfo
- type LineRange
- type LookupStatusResponse
- type LookupStatusResponseStatus
- type MatchResult
- type MatchedOperation
- type MatchedOperationKind
- type NotFound
- type OSADLInfo
- type ObligationsResponse
- type PayloadTooLarge
- type PostComponentsStatusJSONRequestBody
- type PostCopyrightEvidenceJSONRequestBody
- type PostCopyrightHoldersJSONRequestBody
- type PostLicenseAttributionJSONRequestBody
- type PostLicenseEvidenceJSONRequestBody
- type PostLicensesComponentsJSONRequestBody
- type PostScanBatchParams
- type PostScanComponentsJSONRequestBody
- type PostScanComponentsParams
- type PostScanDirectMultipartBody
- type PostScanDirectMultipartRequestBody
- type PostScanSnippetsParams
- type PostScanSnippetsTextBody
- type PostScanSnippetsTextRequestBody
- type PostV3CryptographyAlgorithmsJSONRequestBody
- type PostV3CryptographyAlgorithmsRangeJSONRequestBody
- type PostV3CryptographyAlgorithmsVersionsRangeJSONRequestBody
- type PostV3CryptographyHintsJSONRequestBody
- type PostV3CryptographyHintsRangeJSONRequestBody
- type PostV3DependenciesDependenciesJSONRequestBody
- type PostV3DependenciesTransitiveJSONRequestBody
- type PostV3GeoprovenanceCountriesJSONRequestBody
- type PostV3GeoprovenanceOriginJSONRequestBody
- type PostV3VulnerabilitiesCpesJSONRequestBody
- type PostV3VulnerabilitiesVulnerabilitiesJSONRequestBody
- type PurlQuery
- type RangeConflict
- type RawScanResult
- type ReachableFinding
- type ReachableSupportingCall
- type ReadinessResponse
- type ReadinessResponseStatus
- type Request
- type RequirementQuery
- type SPDXInfo
- type ScanComponentsResponse
- type ScanEnvelope
- type ScanEnvelopeStatus
- type ScanExpired
- type ScanNotFound
- type ScanRawMatch
- type ScanRawResponse
- type ScanResult
- type ScanSbom
- type ScanServer
- type SearchComponentsParams
- type SearchCriteria
- type SearchCriteriaOnVersionNotFound
- type SearchMaxResults
- type SearchOnVersionNotFound
- type SearchShowRelated
- type SearchShowURL
- type SnippetCandidate
- type SnippetGroup
- type SnippetResponse
- type SourceEnum
- type SourceLocation
- type StartLineQuery
- type StatusResponse
- type StatusResponseStatus
- type SupportingCall
- type Timeout
- type TransitiveDependency
- type TransitiveRequest
- type TransitiveResponse
- type VulnerabilitiesResponse
- type Vulnerability
- type VulnerabilitySource
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AttributionFile ¶
type AttributionFile struct {
// AttributionUrl URL to the full content of the attribution file.
AttributionUrl string `json:"attribution_url"`
// File Relative path of the attribution file within the component.
File string `json:"file"`
// FileId MD5 of the content — the same hash that is the last path segment
// of `attribution_url`.
FileId string `json:"file_id"`
}
AttributionFile defines model for AttributionFile.
type AttributionItem ¶
type AttributionItem struct {
AttributionFiles *[]AttributionFile `json:"attribution_files,omitempty"`
// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
// (a nearest-version was substituted); the others mark failures.
InfoCode *InfoCode `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Purl string `json:"purl"`
Requirement *string `json:"requirement,omitempty"`
// Url Present only when `search.show_url` is set (placeholder — not yet populated).
Url *string `json:"url,omitempty"`
// Version Concrete version resolved from `requirement`.
Version *string `json:"version,omitempty"`
}
AttributionItem defines model for AttributionItem.
type AttributionResponse ¶
type AttributionResponse struct {
Components []AttributionItem `json:"components"`
Status BatchStatus `json:"status"`
}
AttributionResponse defines model for AttributionResponse.
type BatchRequest ¶
type BatchRequest struct {
Components []Request `json:"components"`
// Search Optional request-level search configuration applied to every component
// in the batch (for GET endpoints the same knobs are query params). All
// fields are optional; the defaults disable every fallback (strict version
// matching, no related results). Honored by endpoints that support search
// criteria — currently `/v3/license/evidence`.
Search *SearchCriteria `json:"search,omitempty"`
}
BatchRequest defines model for BatchRequest.
type BatchStatus ¶
type BatchStatus struct {
Message string `json:"message"`
Status BatchStatusStatus `json:"status"`
}
BatchStatus defines model for BatchStatus.
type BatchStatusStatus ¶
type BatchStatusStatus string
BatchStatusStatus defines model for BatchStatus.Status.
const ( BatchStatusStatusERROR BatchStatusStatus = "ERROR" BatchStatusStatusPARTIALSUCCESS BatchStatusStatus = "PARTIAL_SUCCESS" BatchStatusStatusSUCCESS BatchStatusStatus = "SUCCESS" )
Defines values for BatchStatusStatus.
type CVSS ¶
type CVSS struct {
// Cvss CVSS vector string
Cvss *string `json:"cvss,omitempty"`
CvssScore *float32 `json:"cvss_score,omitempty"`
CvssSeverity *string `json:"cvss_severity,omitempty"`
}
CVSS defines model for CVSS.
type CallArgument ¶
type CallArgument struct {
// ArgumentExpression The exact argument expression as written in source.
ArgumentExpression string `json:"argument_expression"`
ParameterIndex int32 `json:"parameter_index"`
SourceNodes *[]DataFlowSource `json:"source_nodes,omitempty"`
// Type Argument type inferred at the call site.
Type string `json:"type"`
// VariableName Variable name at the call site; empty for literals/expressions.
VariableName *string `json:"variable_name,omitempty"`
}
CallArgument One argument passed at a call site with full data-flow provenance.
type CallNode ¶
type CallNode struct {
CanonicalSignature string `json:"canonical_signature"`
// EntryCall The call site where one node in a chain invokes the next.
// Present on every chain node except the entry-point node.
EntryCall *CallSite `json:"entry_call,omitempty"`
FilePath *string `json:"file_path,omitempty"`
FunctionName string `json:"function_name"`
// IsFinal Present and true only on the last frame of each emitted call chain.
IsFinal *bool `json:"is_final,omitempty"`
OwnerVisibility *CallNodeOwnerVisibility `json:"owner_visibility,omitempty"`
ParameterTypes []string `json:"parameter_types"`
ReturnType string `json:"return_type"`
StartLine *int32 `json:"start_line,omitempty"`
Visibility *CallNodeVisibility `json:"visibility,omitempty"`
}
CallNode One function/method in a call chain. The first node in a chain is the entry point; subsequent nodes carry `entry_call` describing the invocation that reached them. In API responses, the final node in each emitted `call_chains[]` path is marked with `is_final: true`.
type CallNodeOwnerVisibility ¶
type CallNodeOwnerVisibility string
CallNodeOwnerVisibility defines model for CallNode.OwnerVisibility.
const ( CallNodeOwnerVisibilityPackagePrivate CallNodeOwnerVisibility = "package-private" CallNodeOwnerVisibilityPrivate CallNodeOwnerVisibility = "private" CallNodeOwnerVisibilityProtected CallNodeOwnerVisibility = "protected" CallNodeOwnerVisibilityPublic CallNodeOwnerVisibility = "public" )
Defines values for CallNodeOwnerVisibility.
type CallNodeVisibility ¶
type CallNodeVisibility string
CallNodeVisibility defines model for CallNode.Visibility.
const ( CallNodeVisibilityPackagePrivate CallNodeVisibility = "package-private" CallNodeVisibilityPrivate CallNodeVisibility = "private" CallNodeVisibilityProtected CallNodeVisibility = "protected" CallNodeVisibilityPublic CallNodeVisibility = "public" )
Defines values for CallNodeVisibility.
type CallSite ¶
type CallSite struct {
CanonicalSignature string `json:"canonical_signature"`
// FilePath File where the call expression appears.
FilePath string `json:"file_path"`
// FunctionName FQN of the invoked function.
FunctionName string `json:"function_name"`
Line int32 `json:"line"`
ParameterTypes []string `json:"parameter_types"`
Parameters *[]CallArgument `json:"parameters,omitempty"`
ReturnType string `json:"return_type"`
}
CallSite The call site where one node in a chain invokes the next. Present on every chain node except the entry-point node.
type Component ¶
type Component struct {
Name *string `json:"name,omitempty"`
Purl *string `json:"purl,omitempty"`
Url *string `json:"url,omitempty"`
Versions *[]ComponentVersion `json:"versions,omitempty"`
}
Component defines model for Component.
type ComponentAlgorithms ¶
type ComponentAlgorithms struct {
Algorithms *[]CryptoAlgorithm `json:"algorithms,omitempty"`
// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
// (a nearest-version was substituted); the others mark failures.
InfoCode *InfoCode `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Purl *string `json:"purl,omitempty"`
Requirement *string `json:"requirement,omitempty"`
Version *string `json:"version,omitempty"`
}
ComponentAlgorithms defines model for ComponentAlgorithms.
type ComponentAlgorithmsInRange ¶
type ComponentAlgorithmsInRange struct {
Algorithms *[]CryptoAlgorithm `json:"algorithms,omitempty"`
// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
// (a nearest-version was substituted); the others mark failures.
InfoCode *InfoCode `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Purl *string `json:"purl,omitempty"`
Versions *[]string `json:"versions,omitempty"`
}
ComponentAlgorithmsInRange defines model for ComponentAlgorithmsInRange.
type ComponentCpesInfo ¶
type ComponentCpesInfo struct {
Cpes *[]string `json:"cpes,omitempty"`
InfoCode *string `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Purl *string `json:"purl,omitempty"`
Requirement *string `json:"requirement,omitempty"`
Version *string `json:"version,omitempty"`
}
ComponentCpesInfo defines model for ComponentCpesInfo.
type ComponentData ¶
type ComponentData struct {
// ActualMinedVersion Present only when the requested exact version was not present in
// `component_crypto_findings` and the server resolved to the highest mined version
// in the same `major.minor` bucket, treating it as a representative for
// the requested version. Absent on exact matches and on range-constraint
// resolutions (those echo the original constraint in `requirement`).
ActualMinedVersion *string `json:"actual_mined_version,omitempty"`
// CryptoEntryPoints Per-block projection of the merged callgraph's `crypto_entry_points[]`
// (callgraph 6.x schema), narrowed to entries whose `reachable_findings`
// intersect this block's surviving assets. Passed through as raw JSON.
// Populated only when `include_crypto_entry_points: true`.
//
// This field **replaced** the legacy `entry_point_index` present in
// callgraph schemas prior to 6.x.
CryptoEntryPoints *[]CryptoEntryPoint `json:"crypto_entry_points,omitempty"`
// FindingCount Total cryptographic_assets count across all findings[] in this
// block. POST-PRUNE — when a filter is active, reflects surviving
// assets, NOT the unfiltered universe.
FindingCount int32 `json:"finding_count"`
Findings []Finding `json:"findings"`
Purl string `json:"purl"`
// Requirement Echo of the request requirement string when known.
Requirement *string `json:"requirement,omitempty"`
// Schemas Source crypto-finder schema versions for this component block.
Schemas *ComponentSchemas `json:"schemas,omitempty"`
// SupportingCalls Deduped object-lifecycle calls (e.g. IV generation, key-size
// initialisation) referenced by surviving assets in this block.
// Passed through as raw JSON from the merged callgraph 6.x
// `supporting_calls[]`. Populated only when
// `include_supporting_calls: true`.
//
// Each entry is identified by `supporting_id`, which is the
// foreign key referenced from:
// - `cryptographic_asset.supporting_call_ids[]` (per-asset breadcrumb)
// - `crypto_entry_points[].reachable_supporting_calls[].supporting_id`
SupportingCalls *[]SupportingCall `json:"supporting_calls,omitempty"`
Version string `json:"version"`
}
ComponentData Per-component reachability block. Each `data[]` element corresponds to one component:
- For `/component`, `data` has length 1 — the target with all merged transitive findings collapsed in (own + indirect already discriminated by `cryptographic_asset.source`).
- For `/dep-tree`, `data` has one element per supplied dep, each carrying that dep's OWN findings (per-dep, not merged across deps).
`metadata` is passed through verbatim from crypto-finder's findings schema. `call_chains` follows crypto-finder's callgraph 6.x schema, with this API adding `is_final: true` to each chain's final frame.
type ComponentHealth ¶
type ComponentHealth struct {
// Detail Error message or extra context (present on error / when relevant).
Detail *string `json:"detail,omitempty"`
Status ComponentHealthStatus `json:"status"`
}
ComponentHealth Status of one dependency in the readiness response.
type ComponentHealthStatus ¶
type ComponentHealthStatus string
ComponentHealthStatus defines model for ComponentHealth.Status.
const ( ComponentHealthStatusDisabled ComponentHealthStatus = "disabled" ComponentHealthStatusError ComponentHealthStatus = "error" ComponentHealthStatusOk ComponentHealthStatus = "ok" )
Defines values for ComponentHealthStatus.
type ComponentHints ¶
type ComponentHints struct {
Hints *[]CryptoHint `json:"hints,omitempty"`
// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
// (a nearest-version was substituted); the others mark failures.
InfoCode *InfoCode `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Purl *string `json:"purl,omitempty"`
Requirement *string `json:"requirement,omitempty"`
Version *string `json:"version,omitempty"`
}
ComponentHints defines model for ComponentHints.
type ComponentHintsInRange ¶
type ComponentHintsInRange struct {
Hints *[]CryptoHint `json:"hints,omitempty"`
// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
// (a nearest-version was substituted); the others mark failures.
InfoCode *InfoCode `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Purl *string `json:"purl,omitempty"`
Versions *[]string `json:"versions,omitempty"`
}
ComponentHintsInRange defines model for ComponentHintsInRange.
type ComponentLicenseInfo ¶
type ComponentLicenseInfo struct {
InfoCode *string `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Licenses *[]LicenseInfo `json:"licenses,omitempty"`
Purl *string `json:"purl,omitempty"`
Requirement *string `json:"requirement,omitempty"`
// Statement License IDs joined with " AND ".
Statement *string `json:"statement,omitempty"`
Url *string `json:"url,omitempty"`
Version *string `json:"version,omitempty"`
}
ComponentLicenseInfo Per-component license result. `info_code` is one of `REQUIREMENT_NOT_MET`, `VERSION_NOT_FOUND`, `NO_INFO` (absent on an exact match).
type ComponentLicenseResponse ¶
type ComponentLicenseResponse struct {
// Component Per-component license result. `info_code` is one of
// `REQUIREMENT_NOT_MET`, `VERSION_NOT_FOUND`, `NO_INFO` (absent on an exact
// match).
Component *ComponentLicenseInfo `json:"component,omitempty"`
// Status Outcome of a licenses-service call (papi common StatusResponse).
Status *LookupStatusResponse `json:"status,omitempty"`
}
ComponentLicenseResponse defines model for ComponentLicenseResponse.
type ComponentLifecycleStatus ¶
type ComponentLifecycleStatus struct {
FirstIndexedDate *string `json:"first_indexed_date,omitempty"`
// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
// (a nearest-version was substituted); the others mark failures.
InfoCode *InfoCode `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
LastIndexedDate *string `json:"last_indexed_date,omitempty"`
RepositoryStatus *string `json:"repository_status,omitempty"`
Status *string `json:"status,omitempty"`
StatusChangeDate *string `json:"status_change_date,omitempty"`
}
ComponentLifecycleStatus defines model for ComponentLifecycleStatus.
type ComponentLocation ¶
type ComponentLocation struct {
// InfoCode INVALID_PURL | NO_INFO | TOO_MANY_CONTRIBUTORS
InfoCode *string `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Locations *[]GeoLocation `json:"locations,omitempty"`
Purl *string `json:"purl,omitempty"`
}
ComponentLocation defines model for ComponentLocation.
type ComponentLocationInfo ¶
type ComponentLocationInfo struct {
CuratedLocations *[]GeoCuratedLocation `json:"curated_locations,omitempty"`
DeclaredLocations *[]GeoDeclaredLocation `json:"declared_locations,omitempty"`
// InfoCode INVALID_PURL | NO_INFO | TOO_MANY_CONTRIBUTORS
InfoCode *string `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Purl *string `json:"purl,omitempty"`
}
ComponentLocationInfo defines model for ComponentLocationInfo.
type ComponentReachabilityRequest ¶
type ComponentReachabilityRequest struct {
// EntryPointSignatures Optional exact-match filter on entry-point canonical signatures.
// When non-empty, `assets[]` is **restricted to findings reachable
// from at least one supplied entry point**. Findings unreachable
// from any supplied entry are REMOVED entirely from `assets[]` —
// they do NOT appear as `reachable=false` entries. An empty array
// (or absent field) means no filter; all findings are returned.
// Signatures that matched zero call chains are listed in
// `unmatched_signatures` at the top level of the response
// (diagnostic for typos).
EntryPointSignatures *[]string `json:"entry_point_signatures,omitempty"`
// IncludeCallChains When true, decorates each asset with its `call_chains[]` array
// (raw callgraph 6.x frame arrays) and the `reachable` bool.
// Default false produces a pure CBOM response (findings without
// reachability decoration). Independent of `entry_point_signatures`
// (which controls whether assets are PRUNED to reachable ones).
// Independent of `include_crypto_entry_points` and
// `include_supporting_calls`.
IncludeCallChains *bool `json:"include_call_chains,omitempty"`
// IncludeCryptoEntryPoints When true, populates `crypto_entry_points[]` at the top level
// of each `ComponentData` block — the public reachability surface
// (entry-point functions with their `reachable_findings[]`).
// This is the projection that **replaced** the legacy
// `entry_point_index` field.
// Independent of `include_call_chains` and `include_supporting_calls`.
IncludeCryptoEntryPoints *bool `json:"include_crypto_entry_points,omitempty"`
// IncludeRawCallgraph When true, `callgraph` at the top level of the response carries
// the unfiltered merged callgraph.
IncludeRawCallgraph *bool `json:"include_raw_callgraph,omitempty"`
// IncludeSupportingCalls When true, populates `supporting_calls[]` at the top level of
// each `ComponentData` block (deduped object-lifecycle calls such
// as IV generation and key-size initialisation) AND attaches
// `supporting_call_ids[]` to each `cryptographic_asset` whose
// finding graph references supporting calls. Each
// `supporting_call_id` resolves to a `supporting_calls[].supporting_id`
// in the same block.
// Independent of `include_call_chains` and `include_crypto_entry_points`.
IncludeSupportingCalls *bool `json:"include_supporting_calls,omitempty"`
// MaxChainsPerAsset Per-asset cap on `call_chains[]` length. Hard cap 128.
// `0` (the default) means no cap — all chains are returned. Use a
// positive integer to limit chains per asset. Values above 128 are
// rejected with HTTP 400.
MaxChainsPerAsset *int32 `json:"max_chains_per_asset,omitempty"`
Purl string `json:"purl"`
// Requirement Version constraint. Accepts exact versions (`1.5.2`, `=1.5.2`) or
// SemVer constraint expressions (`>=1.5.0`, `^1.5.0`, `~1.5.0`,
// `>=1.5.0,<2.0.0`). The leading `=` is optional. For range
// expressions, the server resolves to the highest mined version
// satisfying the constraint; no match → `VERSION_NOT_FOUND`.
Requirement *string `json:"requirement,omitempty"`
}
ComponentReachabilityRequest defines model for ComponentReachabilityRequest.
type ComponentReachabilityResponse ¶
type ComponentReachabilityResponse struct {
// Callgraph Raw merged callgraph as JSON, populated only when the request set
// `include_raw_callgraph: true`. Shape matches crypto-finder
// callgraph schema 6.x verbatim.
Callgraph *map[string]interface{} `json:"callgraph,omitempty"`
Data *[]ComponentData `json:"data,omitempty"`
// InfoCode One of:
// - `READY` — reachability data computed successfully.
// - `INVALID_PURL` — the supplied PURL could not be parsed.
// - `INVALID_SEMVER` — the requirement is structurally invalid.
// - `COMPONENT_NOT_FOUND` — the purl has no mining results at any version.
// - `VERSION_NOT_FOUND` — no mined version matches the supplied requirement.
// - `NO_INFO` — reachability data unavailable (stitch failed or timed out).
InfoCode string `json:"info_code"`
InfoMessage *string `json:"info_message,omitempty"`
// RulesVersion Echoed on READY — the rules_version active for this row.
RulesVersion *string `json:"rules_version,omitempty"`
// Status Top-level outcome for the request as a whole.
Status StatusResponse `json:"status"`
// UnmatchedSignatures Signatures from `entry_point_signatures` that matched zero chains.
UnmatchedSignatures *[]string `json:"unmatched_signatures,omitempty"`
}
ComponentReachabilityResponse Response envelope for `/component`. Top-level shape: `{data, info_code, info_message, rules_version, status, unmatched_signatures, callgraph}`.
`data` is an array of length 1 — the target component block with all merged transitive findings collapsed in (own + indirect, discriminated by `cryptographic_asset.source`). Component identity (`purl`, `version`, `requirement`) lives inside `data[0]`, not at the top level.
`unmatched_signatures` and `callgraph` live at the TOP LEVEL.
Each `data[]` block optionally carries `crypto_entry_points[]` and `supporting_calls[]` when the corresponding opt-in flags are set.
type ComponentRequest ¶
type ComponentRequest struct {
// Purl Package URL identifying the component.
Purl string `json:"purl"`
// Requirement Version constraint when the PURL has no explicit version. Accepts:
// - Exact versions with or without leading `=`: `1.15`, `=1.15`
// - SemVer constraint expressions: `>=1.10,<1.16`, `^1.5.0`, `~1.5.0`
//
// For range expressions, the server resolves to the highest mined
// version that satisfies the constraint. Maven non-SemVer qualifiers
// (e.g. `1.5.2.RELEASE`) are accepted as exact literals.
Requirement *string `json:"requirement,omitempty"`
}
ComponentRequest Identifies one component by PURL and optional version constraint.
type ComponentResult ¶
type ComponentResult struct {
Component string `json:"component,omitempty"`
File string `json:"file,omitempty"`
Purls []string `json:"purls,omitempty"`
Rank int `json:"rank,omitempty"`
ReleaseDate string `json:"release_date,omitempty"`
Url string `json:"url,omitempty"`
Vendor string `json:"vendor,omitempty"`
Version string `json:"version,omitempty"`
}
ComponentResult A resolved component in a batchScanner report, keyed by url_hash in `ScanResult.components`. Open to extra upstream fields.
type ComponentSchemas ¶
type ComponentSchemas struct {
Callgraph *string `json:"callgraph,omitempty"`
Findings *string `json:"findings,omitempty"`
}
ComponentSchemas Source crypto-finder schema versions for this component block.
type ComponentSearchHit ¶
type ComponentSearchHit struct {
Name *string `json:"name,omitempty"`
Purl *string `json:"purl,omitempty"`
// Url Project URL reconstructed from mine_id (may be empty).
Url *string `json:"url,omitempty"`
}
ComponentSearchHit defines model for ComponentSearchHit.
type ComponentStatusResult ¶
type ComponentStatusResult struct {
ComponentStatus *ComponentLifecycleStatus `json:"component_status,omitempty"`
Name *string `json:"name,omitempty"`
Purl *string `json:"purl,omitempty"`
Requirement *string `json:"requirement,omitempty"`
VersionStatus *ComponentVersionStatus `json:"version_status,omitempty"`
}
ComponentStatusResult defines model for ComponentStatusResult.
type ComponentVersion ¶
type ComponentVersion struct {
// Date Release date as reported by the upstream registry.
Date *string `json:"date,omitempty"`
Licenses *[]ComponentVersionLicense `json:"licenses,omitempty"`
Version *string `json:"version,omitempty"`
}
ComponentVersion defines model for ComponentVersion.
type ComponentVersionLicense ¶
type ComponentVersionLicense struct {
IsSpdxApproved *bool `json:"is_spdx_approved,omitempty"`
Name *string `json:"name,omitempty"`
SpdxId *string `json:"spdx_id,omitempty"`
Url *string `json:"url,omitempty"`
}
ComponentVersionLicense defines model for ComponentVersionLicense.
type ComponentVersionStatus ¶
type ComponentVersionStatus struct {
IndexedDate *string `json:"indexed_date,omitempty"`
// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
// (a nearest-version was substituted); the others mark failures.
InfoCode *InfoCode `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
// RepositoryStatus Raw status string reported by the registry.
RepositoryStatus *string `json:"repository_status,omitempty"`
// Status Canonical lifecycle (active / removed / deprecated / deleted).
Status *string `json:"status,omitempty"`
StatusChangeDate *string `json:"status_change_date,omitempty"`
Version *string `json:"version,omitempty"`
}
ComponentVersionStatus defines model for ComponentVersionStatus.
type ComponentVersionsInRange ¶
type ComponentVersionsInRange struct {
// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
// (a nearest-version was substituted); the others mark failures.
InfoCode *InfoCode `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Purl *string `json:"purl,omitempty"`
VersionsWith *[]string `json:"versions_with,omitempty"`
VersionsWithout *[]string `json:"versions_without,omitempty"`
}
ComponentVersionsInRange defines model for ComponentVersionsInRange.
type ComponentVersionsResponse ¶
type ComponentVersionsResponse struct {
Component Component `json:"component"`
Status BatchStatus `json:"status"`
}
ComponentVersionsResponse defines model for ComponentVersionsResponse.
type ComponentVulnerabilityInfo ¶
type ComponentVulnerabilityInfo struct {
InfoCode *string `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Purl *string `json:"purl,omitempty"`
Requirement *string `json:"requirement,omitempty"`
Version *string `json:"version,omitempty"`
Vulnerabilities *[]Vulnerability `json:"vulnerabilities,omitempty"`
}
ComponentVulnerabilityInfo defines model for ComponentVulnerabilityInfo.
type ComponentsLicenseResponse ¶
type ComponentsLicenseResponse struct {
Components *[]ComponentLicenseInfo `json:"components,omitempty"`
// Status Outcome of a licenses-service call (papi common StatusResponse).
Status *LookupStatusResponse `json:"status,omitempty"`
}
ComponentsLicenseResponse defines model for ComponentsLicenseResponse.
type ComponentsSearchResponse ¶
type ComponentsSearchResponse struct {
Components []ComponentSearchHit `json:"components"`
Status BatchStatus `json:"status"`
}
ComponentsSearchResponse defines model for ComponentsSearchResponse.
type ComponentsStatusResponse ¶
type ComponentsStatusResponse struct {
Components []ComponentStatusResult `json:"components"`
Status BatchStatus `json:"status"`
}
ComponentsStatusResponse defines model for ComponentsStatusResponse.
type CopyrightDetection ¶
type CopyrightDetection struct {
// Copyright Detected copyright statement (verbatim).
Copyright string `json:"copyright"`
// Detector Name of the detector that produced the evidence.
Detector DetectorEnum `json:"detector"`
// Evidence Line range or byte range of the evidence, depending on the server's
// license-hints backend: 1-based inclusive **line numbers** with the
// default `postgres` backend, or **byte offsets** with the `ldb` backend.
// The content endpoints slice `?start=&end=` by the same unit.
Evidence EvidenceRange `json:"evidence"`
// Holder Holder parsed out of the raw statement (years / boilerplate
// removed). Optional — absent when it could not be parsed.
Holder *string `json:"holder,omitempty"`
// Source Origin/category of the evidence. Today only `header_declared`,
// `notice_declared` and `metadata_declared` are emitted (derived from
// the file path); `spdx_tag` and `project_declared` are reserved for a
// richer signal.
Source SourceEnum `json:"source"`
}
CopyrightDetection defines model for CopyrightDetection.
type CopyrightEvidenceFile ¶
type CopyrightEvidenceFile struct {
Detections []CopyrightDetection `json:"detections"`
File string `json:"file"`
FileId string `json:"file_id"`
}
CopyrightEvidenceFile defines model for CopyrightEvidenceFile.
type CopyrightEvidenceItem ¶
type CopyrightEvidenceItem struct {
Files *[]CopyrightEvidenceFile `json:"files,omitempty"`
// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
// (a nearest-version was substituted); the others mark failures.
InfoCode *InfoCode `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Purl string `json:"purl"`
Requirement *string `json:"requirement,omitempty"`
// Url Present only when `search.show_url` is set (placeholder — not yet populated).
Url *string `json:"url,omitempty"`
Version *string `json:"version,omitempty"`
}
CopyrightEvidenceItem defines model for CopyrightEvidenceItem.
type CopyrightEvidenceResponse ¶
type CopyrightEvidenceResponse struct {
Components []CopyrightEvidenceItem `json:"components"`
Status BatchStatus `json:"status"`
}
CopyrightEvidenceResponse defines model for CopyrightEvidenceResponse.
type CopyrightHolder ¶
type CopyrightHolder struct {
// Count Number of detections referencing this holder.
Count int `json:"count"`
Holder string `json:"holder"`
}
CopyrightHolder defines model for CopyrightHolder.
type CopyrightHoldersItem ¶
type CopyrightHoldersItem struct {
Holders *[]CopyrightHolder `json:"holders,omitempty"`
// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
// (a nearest-version was substituted); the others mark failures.
InfoCode *InfoCode `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Purl string `json:"purl"`
Requirement *string `json:"requirement,omitempty"`
// Url Present only when `search.show_url` is set (placeholder — not yet populated).
Url *string `json:"url,omitempty"`
Version *string `json:"version,omitempty"`
}
CopyrightHoldersItem defines model for CopyrightHoldersItem.
type CopyrightHoldersResponse ¶
type CopyrightHoldersResponse struct {
Components []CopyrightHoldersItem `json:"components"`
Status BatchStatus `json:"status"`
}
CopyrightHoldersResponse defines model for CopyrightHoldersResponse.
type CpesResponse ¶
type CpesResponse struct {
Components []ComponentCpesInfo `json:"components"`
Status BatchStatus `json:"status"`
}
CpesResponse defines model for CpesResponse.
type CryptoAlgorithm ¶
type CryptoAlgorithm struct {
Algorithm *string `json:"algorithm,omitempty"`
Strength *string `json:"strength,omitempty"`
}
CryptoAlgorithm defines model for CryptoAlgorithm.
type CryptoAlgorithmsInRangeResponse ¶
type CryptoAlgorithmsInRangeResponse struct {
Components []ComponentAlgorithmsInRange `json:"components"`
Status BatchStatus `json:"status"`
}
CryptoAlgorithmsInRangeResponse defines model for CryptoAlgorithmsInRangeResponse.
type CryptoAlgorithmsResponse ¶
type CryptoAlgorithmsResponse struct {
Components []ComponentAlgorithms `json:"components"`
Status BatchStatus `json:"status"`
}
CryptoAlgorithmsResponse defines model for CryptoAlgorithmsResponse.
type CryptoAsset ¶
type CryptoAsset struct {
// CallChains Ordered call chains from entry points to this asset, following
// crypto-finder's callgraph 6.x schema. Each element is an array of
// call-chain frame objects (see `CallNode`); this API adds
// `is_final: true` to each chain's last frame. Present only when the
// reachability endpoint was called with `include_call_chains: true`.
CallChains *[][]CallNode `json:"call_chains,omitempty"`
EndLine int32 `json:"end_line"`
// FindingId Stable hash of the detection. Use as primary key.
FindingId string `json:"finding_id"`
// Match Exact source line that triggered the detection.
Match string `json:"match"`
// Metadata Pass-through metadata block as emitted by crypto-finder's findings
// envelope (v1.3). The shape is owned by crypto-finder, not by this
// service. Keys are CAMEL CASE (e.g. `assetType`, `algorithmName`,
// `protocolName`, `materialType`). `assetType` is the discriminator
// used by consumers that want to branch on the variant. All other keys
// are optional and depend on the variant — for `assetType: algorithm`
// you'll see `algorithmName`, `algorithmFamily`, `algorithmPrimitive`,
// `algorithmMode`, `algorithmPadding`, `algorithmParameterSetIdentifier`;
// for `assetType: protocol` you'll see `protocolName`, `protocolStrength`;
// for `assetType: certificate` you'll see `certificateFormat`,
// `certificateAlgorithm`, `certificateType`, `certificateStoreType`;
// for `assetType: related-crypto-material` you'll see `materialType`,
// `materialAlgorithm`, `materialFormat`, `materialSize`.
// Schema evolution (new fields, new variants) is forward-compatible —
// this service does NOT re-curate or translate metadata.
Metadata CryptoFinderMetadata `json:"metadata"`
// Oid RFC 5280 / CBOM Object Identifier when applicable.
Oid *string `json:"oid,omitempty"`
// Reachable True iff at least one entry point reaches this asset. Present
// only when the reachability endpoint was called with
// `include_call_chains: true`.
Reachable *bool `json:"reachable,omitempty"`
Source CryptoAssetSource `json:"source"`
StartLine int32 `json:"start_line"`
// SupportingCallIds Foreign-key breadcrumb to the block-level `supporting_calls[]`
// array. Each string value is a `supporting_calls[].supporting_id`.
// Present only when `include_supporting_calls: true` and this
// asset's finding graph references supporting calls.
SupportingCallIds *[]string `json:"supporting_call_ids,omitempty"`
}
CryptoAsset One cryptographic operation detected in source code — thin pass-through over the crypto-finder findings.json `cryptographic_assets[]` entry.
`metadata` is the verbatim crypto-finder block (camelCase keys; see `CryptoFinderMetadata`). This service does NOT split it into typed sub-objects. Consumers branch on `metadata.assetType`.
`reachable` and `call_chains` are populated ONLY when `include_call_chains: true`. `call_chains` follows crypto-finder's callgraph 6.x schema (each chain is an ordered array of `CallNode` frame objects), with this API adding `is_final: true` to each chain's last frame. `supporting_call_ids` is populated ONLY when `include_supporting_calls: true`.
type CryptoAssetSource ¶
type CryptoAssetSource string
CryptoAssetSource defines model for CryptoAsset.Source.
const ( Direct CryptoAssetSource = "direct" Indirect CryptoAssetSource = "indirect" )
Defines values for CryptoAssetSource.
type CryptoEntryPoint ¶
type CryptoEntryPoint struct {
CanonicalSignature string `json:"canonical_signature"`
Class string `json:"class"`
DisplaySymbol *string `json:"display_symbol,omitempty"`
// FunctionKey Stable internal key for this function in the callgraph.
FunctionKey string `json:"function_key"`
FunctionName string `json:"function_name"`
Method string `json:"method"`
OwnerVisibility *CryptoEntryPointOwnerVisibility `json:"owner_visibility,omitempty"`
ParameterTypes *[]string `json:"parameter_types,omitempty"`
ReachableFindings []ReachableFinding `json:"reachable_findings"`
// ReachableSupportingCalls Supporting calls reachable from this entry point.
ReachableSupportingCalls *[]ReachableSupportingCall `json:"reachable_supporting_calls,omitempty"`
ReturnType *string `json:"return_type,omitempty"`
Visibility *CryptoEntryPointVisibility `json:"visibility,omitempty"`
}
CryptoEntryPoint One entry-point function that can reach one or more cryptographic operations, as emitted by the callgraph 6.x `crypto_entry_points[]` array. Passed through as raw JSON from the merged callgraph. Populated only when `include_crypto_entry_points: true`.
This is the projection that **replaced** the legacy `entry_point_index` field present in callgraph schemas prior to 6.x.
type CryptoEntryPointOwnerVisibility ¶
type CryptoEntryPointOwnerVisibility string
CryptoEntryPointOwnerVisibility defines model for CryptoEntryPoint.OwnerVisibility.
const ( CryptoEntryPointOwnerVisibilityPackagePrivate CryptoEntryPointOwnerVisibility = "package-private" CryptoEntryPointOwnerVisibilityPrivate CryptoEntryPointOwnerVisibility = "private" CryptoEntryPointOwnerVisibilityProtected CryptoEntryPointOwnerVisibility = "protected" CryptoEntryPointOwnerVisibilityPublic CryptoEntryPointOwnerVisibility = "public" )
Defines values for CryptoEntryPointOwnerVisibility.
type CryptoEntryPointVisibility ¶
type CryptoEntryPointVisibility string
CryptoEntryPointVisibility defines model for CryptoEntryPoint.Visibility.
const ( CryptoEntryPointVisibilityPackagePrivate CryptoEntryPointVisibility = "package-private" CryptoEntryPointVisibilityPrivate CryptoEntryPointVisibility = "private" CryptoEntryPointVisibilityProtected CryptoEntryPointVisibility = "protected" CryptoEntryPointVisibilityPublic CryptoEntryPointVisibility = "public" )
Defines values for CryptoEntryPointVisibility.
type CryptoFinderMetadata ¶
type CryptoFinderMetadata struct {
Api *string `json:"api,omitempty"`
// AssetType Discriminator (camelCase from crypto-finder). Known values:
// `algorithm`, `protocol`, `certificate`, `related-crypto-material`.
// Unknown values are forwarded verbatim.
AssetType *string `json:"assetType,omitempty"`
Library *string `json:"library,omitempty"`
Provider *string `json:"provider,omitempty"`
AdditionalProperties map[string]interface{} `json:"-"`
}
CryptoFinderMetadata Pass-through metadata block as emitted by crypto-finder's findings envelope (v1.3). The shape is owned by crypto-finder, not by this service. Keys are CAMEL CASE (e.g. `assetType`, `algorithmName`, `protocolName`, `materialType`). `assetType` is the discriminator used by consumers that want to branch on the variant. All other keys are optional and depend on the variant — for `assetType: algorithm` you'll see `algorithmName`, `algorithmFamily`, `algorithmPrimitive`, `algorithmMode`, `algorithmPadding`, `algorithmParameterSetIdentifier`; for `assetType: protocol` you'll see `protocolName`, `protocolStrength`; for `assetType: certificate` you'll see `certificateFormat`, `certificateAlgorithm`, `certificateType`, `certificateStoreType`; for `assetType: related-crypto-material` you'll see `materialType`, `materialAlgorithm`, `materialFormat`, `materialSize`. Schema evolution (new fields, new variants) is forward-compatible — this service does NOT re-curate or translate metadata.
func (CryptoFinderMetadata) Get ¶
func (a CryptoFinderMetadata) Get(fieldName string) (value interface{}, found bool)
Getter for additional properties for CryptoFinderMetadata. Returns the specified element and whether it was found
func (CryptoFinderMetadata) MarshalJSON ¶
func (a CryptoFinderMetadata) MarshalJSON() ([]byte, error)
Override default JSON handling for CryptoFinderMetadata to handle AdditionalProperties
func (*CryptoFinderMetadata) Set ¶
func (a *CryptoFinderMetadata) Set(fieldName string, value interface{})
Setter for additional properties for CryptoFinderMetadata
func (*CryptoFinderMetadata) UnmarshalJSON ¶
func (a *CryptoFinderMetadata) UnmarshalJSON(b []byte) error
Override default JSON handling for CryptoFinderMetadata to handle AdditionalProperties
type CryptoHint ¶
type CryptoHint struct {
Category *string `json:"category,omitempty"`
Description *string `json:"description,omitempty"`
Id *string `json:"id,omitempty"`
Name *string `json:"name,omitempty"`
Purl *string `json:"purl,omitempty"`
Url *string `json:"url,omitempty"`
}
CryptoHint defines model for CryptoHint.
type CryptoHintsInRangeResponse ¶
type CryptoHintsInRangeResponse struct {
Components []ComponentHintsInRange `json:"components"`
Status BatchStatus `json:"status"`
}
CryptoHintsInRangeResponse defines model for CryptoHintsInRangeResponse.
type CryptoHintsResponse ¶
type CryptoHintsResponse struct {
Components []ComponentHints `json:"components"`
Status BatchStatus `json:"status"`
}
CryptoHintsResponse defines model for CryptoHintsResponse.
type CryptoVersionsInRangeResponse ¶
type CryptoVersionsInRangeResponse struct {
Components []ComponentVersionsInRange `json:"components"`
Status BatchStatus `json:"status"`
}
CryptoVersionsInRangeResponse defines model for CryptoVersionsInRangeResponse.
type DataFlowSource ¶
type DataFlowSource struct {
// CallTarget FQN of the callee for CALL_RESULT sources.
CallTarget *string `json:"call_target,omitempty"`
// DeclaredType Declared type of the source symbol.
DeclaredType *string `json:"declared_type,omitempty"`
Location SourceLocation `json:"location"`
// Name Variable / field / parameter name.
Name *string `json:"name,omitempty"`
// ParameterIndex 0-based parameter index. Set on PARAMETER.
ParameterIndex *int32 `json:"parameter_index,omitempty"`
SourceNodes *[]DataFlowSource `json:"source_nodes,omitempty"`
Type DataFlowSourceType `json:"type"`
// Value Source-code expression / literal text.
Value *string `json:"value,omitempty"`
}
DataFlowSource One step in the data-flow chain producing an argument value at a call site. `type` discriminates which fields are meaningful:
| type | name | declared_type | parameter_index | value | call_target | |---------------|------|---------------|-----------------|-------|-------------| | PARAMETER | ✓ | ✓ | ✓ | | | | VARIABLE | ✓ | ✓ | | | | | FIELD | ✓ | ✓ | | | | | CALL_RESULT | | | | ✓ | ✓ | | EXPRESSION | | | | ✓ | | | VALUE | | | | ✓ | | | LITERAL | | | | ✓ | |
`source_nodes` is recursive: each source can be itself sourced from prior sources, forming a full taint chain back to the value's origin.
type DataFlowSourceType ¶
type DataFlowSourceType string
DataFlowSourceType defines model for DataFlowSource.Type.
const ( CALLRESULT DataFlowSourceType = "CALL_RESULT" EXPRESSION DataFlowSourceType = "EXPRESSION" FIELD DataFlowSourceType = "FIELD" LITERAL DataFlowSourceType = "LITERAL" PARAMETER DataFlowSourceType = "PARAMETER" VALUE DataFlowSourceType = "VALUE" VARIABLE DataFlowSourceType = "VARIABLE" )
Defines values for DataFlowSourceType.
type DepTreeReachabilityRequest ¶
type DepTreeReachabilityRequest struct {
// Dependencies Flat list of every (purl, version) to be stitched. Every entry
// MUST carry a version, either as an exact pin (`=1.5.2`) or as a
// SemVer constraint expression (`>=1.0`, `^2.0`, `~1.5`).
// Range constraints resolve to the highest mined version satisfying
// the constraint. The server does NOT auto-resolve transitive deps.
Dependencies []ComponentRequest `json:"dependencies"`
// EntryPointSignatures Optional exact-match filter on entry-point canonical signatures.
// When non-empty, `findings[]` is **restricted to assets reachable
// from at least one supplied entry point**. Findings unreachable
// from any supplied entry are REMOVED entirely —
// they do NOT appear as `reachable=false` entries. An empty array
// (or absent field) means no filter; all findings are returned.
// Signatures that matched zero call chains are listed in
// `unmatched_signatures` at the top level of the response
// (diagnostic for typos).
EntryPointSignatures *[]string `json:"entry_point_signatures,omitempty"`
// IncludeCallChains When true, decorates each asset with its `call_chains[]` array
// (raw callgraph 6.x frame arrays) and the `reachable` bool.
// Default false produces a pure CBOM response (findings without
// reachability decoration). Independent of `entry_point_signatures`
// (which controls whether assets are PRUNED to reachable ones).
// Independent of `include_crypto_entry_points` and
// `include_supporting_calls`.
IncludeCallChains *bool `json:"include_call_chains,omitempty"`
// IncludeCryptoEntryPoints When true, populates `crypto_entry_points[]` at the top level
// of each `ComponentData` block — the public reachability surface
// (entry-point functions with their `reachable_findings[]`).
// This is the projection that **replaced** the legacy
// `entry_point_index` field.
// Independent of `include_call_chains` and `include_supporting_calls`.
IncludeCryptoEntryPoints *bool `json:"include_crypto_entry_points,omitempty"`
IncludeRawCallgraph *bool `json:"include_raw_callgraph,omitempty"`
// IncludeSupportingCalls When true, populates `supporting_calls[]` at the top level of
// each `ComponentData` block (deduped object-lifecycle calls such
// as IV generation and key-size initialisation) AND attaches
// `supporting_call_ids[]` to each `cryptographic_asset` whose
// finding graph references supporting calls. Each
// `supporting_call_id` resolves to a `supporting_calls[].supporting_id`
// in the same block.
// Independent of `include_call_chains` and `include_crypto_entry_points`.
IncludeSupportingCalls *bool `json:"include_supporting_calls,omitempty"`
// MaxChainsPerAsset Per-asset cap on `call_chains[]` length. `0` (the default) = no cap.
// Positive integer sets a per-asset limit. Hard cap 128.
MaxChainsPerAsset *int32 `json:"max_chains_per_asset,omitempty"`
}
DepTreeReachabilityRequest Request body for dep-tree reachability. There is no `root` field — the dependency tree IS the unit. Supply the flat list of dependencies to stitch; no application identity is required.
type DepTreeReachabilityResponse ¶
type DepTreeReachabilityResponse struct {
// Callgraph Raw merged callgraph as JSON, populated only when
// `include_raw_callgraph: true`. Shape: crypto-finder callgraph
// 6.x verbatim.
Callgraph *map[string]interface{} `json:"callgraph,omitempty"`
Data *[]ComponentData `json:"data,omitempty"`
// InfoCode One of:
// - `READY` — reachability data computed successfully.
// - `INVALID_PURL` — a supplied PURL could not be parsed.
// - `INVALID_SEMVER` — a requirement is structurally invalid
// (e.g. empty string) or is a valid constraint but no mined
// version satisfies it (version not in catalog).
// - `INVALID_REQUEST` — the request is structurally invalid in a
// way not covered by `INVALID_PURL` or `INVALID_SEMVER`
// (e.g. empty `dependencies` array).
// - `NO_INFO` — reachability data unavailable (one or more deps
// unmined, stitch failed, or request timed out). When caused by
// missing deps, `missing_components` lists the unsatisfied entries.
InfoCode string `json:"info_code"`
InfoMessage *string `json:"info_message,omitempty"`
// MissingComponents Subset of the request's `dependencies` that the service could not
// satisfy from mining data. Each entry carries the resolved
// `(purl, version)` pair — version is the value after stripping the
// leading `=` from the original requirement. Present only when
// `info_code=NO_INFO` and the cause was unmined or callgraph-less
// dependencies.
MissingComponents *[]struct {
Purl string `json:"purl"`
Version string `json:"version"`
} `json:"missing_components,omitempty"`
// RulesVersion Highest `rules_version` among the dependency rows that contributed
// to this response. Dependencies may have been mined at different
// points in time under different rules_versions; this field reports
// the most recent contributor (by mining `created_at`), NOT a
// uniform "all deps under this version" guarantee. Use this when
// comparing two dep-tree responses to detect whether new rules
// have landed since the last call. Present only when `info_code=READY`.
RulesVersion *string `json:"rules_version,omitempty"`
// Status Top-level outcome for the request as a whole.
Status StatusResponse `json:"status"`
// UnmatchedSignatures Signatures from `entry_point_signatures` that matched zero chains
// across the merged callgraph.
UnmatchedSignatures *[]string `json:"unmatched_signatures,omitempty"`
}
DepTreeReachabilityResponse Response envelope for dep-tree reachability. Top-level shape: `{data, info_code, info_message, missing_components, rules_version, status, unmatched_signatures, callgraph}`.
There is no `root` field — the dependency tree is self-contained. `data` is an array with one `ComponentData` block per supplied dep. Each block carries that dep's own findings (per-dep, not merged across deps). Component identity (`purl`, `version`, `requirement`) lives inside each `data[]` element, not at the top level.
`unmatched_signatures` and `callgraph` live at the TOP LEVEL.
type DependenciesResolveResponse ¶
type DependenciesResolveResponse struct {
Components []Dependency `json:"components"`
Status BatchStatus `json:"status"`
}
DependenciesResolveResponse defines model for DependenciesResolveResponse.
type Dependency ¶
type Dependency struct {
Comment *string `json:"comment,omitempty"`
Component *string `json:"component,omitempty"`
// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
// (a nearest-version was substituted); the others mark failures.
InfoCode *InfoCode `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Licenses *[]DependencyLicense `json:"licenses,omitempty"`
Purl *string `json:"purl,omitempty"`
Requirement *string `json:"requirement,omitempty"`
Url *string `json:"url,omitempty"`
Version *string `json:"version,omitempty"`
}
Dependency defines model for Dependency.
type DependencyLicense ¶
type DependencyLicense struct {
IsSpdxApproved *bool `json:"is_spdx_approved,omitempty"`
Name *string `json:"name,omitempty"`
SpdxId *string `json:"spdx_id,omitempty"`
Url *string `json:"url,omitempty"`
}
DependencyLicense defines model for DependencyLicense.
type DetectorEnum ¶
type DetectorEnum string
DetectorEnum Name of the detector that produced the evidence.
const ( Licenseclassifier DetectorEnum = "licenseclassifier" Nomos DetectorEnum = "nomos" Scancode DetectorEnum = "scancode" Scanoss DetectorEnum = "scanoss" Spdx DetectorEnum = "spdx" )
Defines values for DetectorEnum.
type EPSS ¶
type EPSS struct {
Percentile *float32 `json:"percentile,omitempty"`
Probability *float32 `json:"probability,omitempty"`
}
EPSS defines model for EPSS.
type EngineUnavailable ¶
type EngineUnavailable = ErrorBody
EngineUnavailable defines model for EngineUnavailable.
type ErrorBody ¶
type ErrorBody struct {
Error struct {
// Code Stable machine-readable error identifier. Possible values:
// - INVALID_BODY, INVALID_QUERY, INVALID_MD5, INVALID_RANGE
// - EMPTY_BATCH
// - INVALID_PURL, COMPONENT_NOT_FOUND, VERSION_NOT_FOUND
// - NOTICE_NOT_FOUND, FILE_NOT_FOUND, MZ_READ_FAILED
// - TIMEOUT, INTERNAL_ERROR
Code string `json:"code"`
Message string `json:"message"`
} `json:"error"`
Status ErrorBodyStatus `json:"status"`
Timestamp time.Time `json:"timestamp"`
}
ErrorBody defines model for ErrorBody.
type ErrorBodyStatus ¶
type ErrorBodyStatus string
ErrorBodyStatus defines model for ErrorBody.Status.
const (
ErrorBodyStatusError ErrorBodyStatus = "error"
)
Defines values for ErrorBodyStatus.
type EvidenceRange ¶
type EvidenceRange struct {
// End Inclusive end (line or byte offset); 0 means whole-file evidence
End int `json:"end"`
// EvidenceUrl URL to the fragment backing the detection. The base endpoint is
// chosen from the detection `source`:
// * `notice_declared` → /v3/notice-contents/{id}
// * `header_declared`, `spdx_tag` → /v3/file-contents/{id}
// * `metadata_declared` → /v3/metadata-contents/{id}
// The `start`/`end` query string is omitted when both are 0.
EvidenceUrl *string `json:"evidence_url,omitempty"`
// Start Inclusive start (line or byte offset); 0 means whole-file evidence
Start int `json:"start"`
}
EvidenceRange Line range or byte range of the evidence, depending on the server's license-hints backend: 1-based inclusive **line numbers** with the default `postgres` backend, or **byte offsets** with the `ldb` backend. The content endpoints slice `?start=&end=` by the same unit.
type FileResult ¶
type FileResult struct {
// FileHash MD5 of the matched file: equals `source_hash` for a `file` match, the matched OSS file's MD5 for a `snippet` match (differs from `source_hash`), and empty for a `none` match.
FileHash string `json:"file_hash"`
// MatchType Full-file match, partial (snippet) match, or no match.
MatchType FileResultMatchType `json:"match_type"`
// Matches Matched KB entries for this file.
Matches []MatchResult `json:"matches"`
// Path The scanned file path.
Path string `json:"path"`
// SourceHash MD5 of the input file (from the WFP).
SourceHash string `json:"source_hash"`
}
FileResult One scanned-file entry in a batchScanner report.
type FileResultMatchType ¶
type FileResultMatchType string
FileResultMatchType Full-file match, partial (snippet) match, or no match.
const ( File FileResultMatchType = "file" None FileResultMatchType = "none" Snippet FileResultMatchType = "snippet" )
Defines values for FileResultMatchType.
type Finding ¶
type Finding struct {
CryptographicAssets []CryptoAsset `json:"cryptographic_assets"`
FilePath string `json:"file_path"`
Language string `json:"language"`
}
Finding File-level grouping mirroring crypto-finder's findings.json `findings[]` entry. One Finding carries one file's `cryptographic_assets[]`.
type GeoContributorsResponse ¶
type GeoContributorsResponse struct {
ComponentsLocations []ComponentLocationInfo `json:"components_locations"`
Status BatchStatus `json:"status"`
}
GeoContributorsResponse defines model for GeoContributorsResponse.
type GeoCuratedLocation ¶
type GeoCuratedLocation struct {
Count *int `json:"count,omitempty"`
Country *string `json:"country,omitempty"`
}
GeoCuratedLocation defines model for GeoCuratedLocation.
type GeoDeclaredLocation ¶
type GeoDeclaredLocation struct {
Location *string `json:"location,omitempty"`
// Type owner | contributor
Type *string `json:"type,omitempty"`
}
GeoDeclaredLocation defines model for GeoDeclaredLocation.
type GeoLocation ¶
type GeoLocation struct {
Name *string `json:"name,omitempty"`
Percentage *float32 `json:"percentage,omitempty"`
}
GeoLocation defines model for GeoLocation.
type GeoOriginResponse ¶
type GeoOriginResponse struct {
ComponentsLocations []ComponentLocation `json:"components_locations"`
Status BatchStatus `json:"status"`
}
GeoOriginResponse defines model for GeoOriginResponse.
type GetComponentReachabilityJSONRequestBody ¶
type GetComponentReachabilityJSONRequestBody = ComponentReachabilityRequest
GetComponentReachabilityJSONRequestBody defines body for GetComponentReachability for application/json ContentType.
type GetComponentStatusParams ¶
type GetComponentStatusParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
// Requirement Optional version requirement (e.g. `v5.4.5`)
Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`
// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in results (placeholder — data source TBD).
ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`
// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
OnVersionNotFound *GetComponentStatusParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}
GetComponentStatusParams defines parameters for GetComponentStatus.
type GetComponentStatusParamsOnVersionNotFound ¶
type GetComponentStatusParamsOnVersionNotFound string
GetComponentStatusParamsOnVersionNotFound defines parameters for GetComponentStatus.
const ( GetComponentStatusParamsOnVersionNotFoundShowAny GetComponentStatusParamsOnVersionNotFound = "show_any" GetComponentStatusParamsOnVersionNotFoundShowClosestGt GetComponentStatusParamsOnVersionNotFound = "show_closest_gt" GetComponentStatusParamsOnVersionNotFoundShowClosestLt GetComponentStatusParamsOnVersionNotFound = "show_closest_lt" GetComponentStatusParamsOnVersionNotFoundShowLatest GetComponentStatusParamsOnVersionNotFound = "show_latest" GetComponentStatusParamsOnVersionNotFoundStrict GetComponentStatusParamsOnVersionNotFound = "strict" )
Defines values for GetComponentStatusParamsOnVersionNotFound.
type GetComponentVersionsParams ¶
type GetComponentVersionsParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
Limit *int `form:"limit,omitempty" json:"limit,omitempty"`
}
GetComponentVersionsParams defines parameters for GetComponentVersions.
type GetFileContentParams ¶
type GetFileContentParams struct {
// Start 1-based inclusive start line. Defaults to 1 when omitted.
Start *StartLineQuery `form:"start,omitempty" json:"start,omitempty"`
// End 1-based inclusive end line. Defaults to last line when omitted.
End *EndLineQuery `form:"end,omitempty" json:"end,omitempty"`
}
GetFileContentParams defines parameters for GetFileContent.
type GetLicensesComponentParams ¶
type GetLicensesComponentParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
// Requirement Optional version requirement (e.g. `v5.4.5`)
Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`
// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in results (placeholder — data source TBD).
ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`
// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
OnVersionNotFound *GetLicensesComponentParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}
GetLicensesComponentParams defines parameters for GetLicensesComponent.
type GetLicensesComponentParamsOnVersionNotFound ¶
type GetLicensesComponentParamsOnVersionNotFound string
GetLicensesComponentParamsOnVersionNotFound defines parameters for GetLicensesComponent.
const ( GetLicensesComponentParamsOnVersionNotFoundShowAny GetLicensesComponentParamsOnVersionNotFound = "show_any" GetLicensesComponentParamsOnVersionNotFoundShowClosestGt GetLicensesComponentParamsOnVersionNotFound = "show_closest_gt" GetLicensesComponentParamsOnVersionNotFoundShowClosestLt GetLicensesComponentParamsOnVersionNotFound = "show_closest_lt" GetLicensesComponentParamsOnVersionNotFoundShowLatest GetLicensesComponentParamsOnVersionNotFound = "show_latest" GetLicensesComponentParamsOnVersionNotFoundStrict GetLicensesComponentParamsOnVersionNotFound = "strict" )
Defines values for GetLicensesComponentParamsOnVersionNotFound.
type GetLicensesDetailsParams ¶
type GetLicensesDetailsParams struct {
// Id SPDX license identifier (e.g. `MIT`, `GPL-2.0-only`).
Id string `form:"id" json:"id"`
}
GetLicensesDetailsParams defines parameters for GetLicensesDetails.
type GetLicensesObligationsParams ¶
type GetLicensesObligationsParams struct {
// Id SPDX license identifier (e.g. `MIT`, `GPL-2.0-only`).
Id string `form:"id" json:"id"`
}
GetLicensesObligationsParams defines parameters for GetLicensesObligations.
type GetMetadataContentParams ¶
type GetMetadataContentParams struct {
// Start 1-based inclusive start line. Defaults to 1 when omitted.
Start *StartLineQuery `form:"start,omitempty" json:"start,omitempty"`
// End 1-based inclusive end line. Defaults to last line when omitted.
End *EndLineQuery `form:"end,omitempty" json:"end,omitempty"`
}
GetMetadataContentParams defines parameters for GetMetadataContent.
type GetNoticeContentParams ¶
type GetNoticeContentParams struct {
// Start 1-based inclusive start line. Defaults to 1 when omitted.
Start *StartLineQuery `form:"start,omitempty" json:"start,omitempty"`
// End 1-based inclusive end line. Defaults to last line when omitted.
End *EndLineQuery `form:"end,omitempty" json:"end,omitempty"`
}
GetNoticeContentParams defines parameters for GetNoticeContent.
type GetReachabilityForDepTreeJSONRequestBody ¶
type GetReachabilityForDepTreeJSONRequestBody = DepTreeReachabilityRequest
GetReachabilityForDepTreeJSONRequestBody defines body for GetReachabilityForDepTree for application/json ContentType.
type GetScanRawParams ¶
type GetScanRawParams struct {
Md5 string `form:"md5" json:"md5"`
}
GetScanRawParams defines parameters for GetScanRaw.
type GetV3CryptographyAlgorithmsParams ¶
type GetV3CryptographyAlgorithmsParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
// Requirement Optional version requirement (e.g. `v5.4.5`)
Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`
// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in results (placeholder — data source TBD).
ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`
// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
OnVersionNotFound *GetV3CryptographyAlgorithmsParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}
GetV3CryptographyAlgorithmsParams defines parameters for GetV3CryptographyAlgorithms.
type GetV3CryptographyAlgorithmsParamsOnVersionNotFound ¶
type GetV3CryptographyAlgorithmsParamsOnVersionNotFound string
GetV3CryptographyAlgorithmsParamsOnVersionNotFound defines parameters for GetV3CryptographyAlgorithms.
const ( GetV3CryptographyAlgorithmsParamsOnVersionNotFoundShowAny GetV3CryptographyAlgorithmsParamsOnVersionNotFound = "show_any" GetV3CryptographyAlgorithmsParamsOnVersionNotFoundShowClosestGt GetV3CryptographyAlgorithmsParamsOnVersionNotFound = "show_closest_gt" GetV3CryptographyAlgorithmsParamsOnVersionNotFoundShowClosestLt GetV3CryptographyAlgorithmsParamsOnVersionNotFound = "show_closest_lt" GetV3CryptographyAlgorithmsParamsOnVersionNotFoundShowLatest GetV3CryptographyAlgorithmsParamsOnVersionNotFound = "show_latest" GetV3CryptographyAlgorithmsParamsOnVersionNotFoundStrict GetV3CryptographyAlgorithmsParamsOnVersionNotFound = "strict" )
Defines values for GetV3CryptographyAlgorithmsParamsOnVersionNotFound.
type GetV3CryptographyAlgorithmsRangeParams ¶
type GetV3CryptographyAlgorithmsRangeParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
// Requirement Optional version requirement (e.g. `v5.4.5`)
Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`
// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in results (placeholder — data source TBD).
ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`
// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
OnVersionNotFound *GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}
GetV3CryptographyAlgorithmsRangeParams defines parameters for GetV3CryptographyAlgorithmsRange.
type GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound ¶
type GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound string
GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound defines parameters for GetV3CryptographyAlgorithmsRange.
const ( GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFoundShowAny GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound = "show_any" GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFoundShowClosestGt GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound = "show_closest_gt" GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFoundShowClosestLt GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound = "show_closest_lt" GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFoundShowLatest GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound = "show_latest" GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFoundStrict GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound = "strict" )
Defines values for GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound.
type GetV3CryptographyAlgorithmsVersionsRangeParams ¶
type GetV3CryptographyAlgorithmsVersionsRangeParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
// Requirement Optional version requirement (e.g. `v5.4.5`)
Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`
// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in results (placeholder — data source TBD).
ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`
// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
OnVersionNotFound *GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}
GetV3CryptographyAlgorithmsVersionsRangeParams defines parameters for GetV3CryptographyAlgorithmsVersionsRange.
type GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound ¶
type GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound string
GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound defines parameters for GetV3CryptographyAlgorithmsVersionsRange.
const ( GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFoundShowAny GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound = "show_any" GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFoundShowClosestGt GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound = "show_closest_gt" GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFoundShowClosestLt GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound = "show_closest_lt" GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFoundShowLatest GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound = "show_latest" GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFoundStrict GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound = "strict" )
Defines values for GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound.
type GetV3CryptographyHintsParams ¶
type GetV3CryptographyHintsParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
// Requirement Optional version requirement (e.g. `v5.4.5`)
Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`
// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in results (placeholder — data source TBD).
ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`
// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
OnVersionNotFound *GetV3CryptographyHintsParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}
GetV3CryptographyHintsParams defines parameters for GetV3CryptographyHints.
type GetV3CryptographyHintsParamsOnVersionNotFound ¶
type GetV3CryptographyHintsParamsOnVersionNotFound string
GetV3CryptographyHintsParamsOnVersionNotFound defines parameters for GetV3CryptographyHints.
const ( GetV3CryptographyHintsParamsOnVersionNotFoundShowAny GetV3CryptographyHintsParamsOnVersionNotFound = "show_any" GetV3CryptographyHintsParamsOnVersionNotFoundShowClosestGt GetV3CryptographyHintsParamsOnVersionNotFound = "show_closest_gt" GetV3CryptographyHintsParamsOnVersionNotFoundShowClosestLt GetV3CryptographyHintsParamsOnVersionNotFound = "show_closest_lt" GetV3CryptographyHintsParamsOnVersionNotFoundShowLatest GetV3CryptographyHintsParamsOnVersionNotFound = "show_latest" GetV3CryptographyHintsParamsOnVersionNotFoundStrict GetV3CryptographyHintsParamsOnVersionNotFound = "strict" )
Defines values for GetV3CryptographyHintsParamsOnVersionNotFound.
type GetV3CryptographyHintsRangeParams ¶
type GetV3CryptographyHintsRangeParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
// Requirement Optional version requirement (e.g. `v5.4.5`)
Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`
// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in results (placeholder — data source TBD).
ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`
// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
OnVersionNotFound *GetV3CryptographyHintsRangeParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}
GetV3CryptographyHintsRangeParams defines parameters for GetV3CryptographyHintsRange.
type GetV3CryptographyHintsRangeParamsOnVersionNotFound ¶
type GetV3CryptographyHintsRangeParamsOnVersionNotFound string
GetV3CryptographyHintsRangeParamsOnVersionNotFound defines parameters for GetV3CryptographyHintsRange.
const ( GetV3CryptographyHintsRangeParamsOnVersionNotFoundShowAny GetV3CryptographyHintsRangeParamsOnVersionNotFound = "show_any" GetV3CryptographyHintsRangeParamsOnVersionNotFoundShowClosestGt GetV3CryptographyHintsRangeParamsOnVersionNotFound = "show_closest_gt" GetV3CryptographyHintsRangeParamsOnVersionNotFoundShowClosestLt GetV3CryptographyHintsRangeParamsOnVersionNotFound = "show_closest_lt" GetV3CryptographyHintsRangeParamsOnVersionNotFoundShowLatest GetV3CryptographyHintsRangeParamsOnVersionNotFound = "show_latest" GetV3CryptographyHintsRangeParamsOnVersionNotFoundStrict GetV3CryptographyHintsRangeParamsOnVersionNotFound = "strict" )
Defines values for GetV3CryptographyHintsRangeParamsOnVersionNotFound.
type GetV3DependenciesDependenciesParams ¶
type GetV3DependenciesDependenciesParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
// Requirement Optional version requirement (e.g. `v5.4.5`)
Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`
// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in results (placeholder — data source TBD).
ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`
// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
OnVersionNotFound *GetV3DependenciesDependenciesParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}
GetV3DependenciesDependenciesParams defines parameters for GetV3DependenciesDependencies.
type GetV3DependenciesDependenciesParamsOnVersionNotFound ¶
type GetV3DependenciesDependenciesParamsOnVersionNotFound string
GetV3DependenciesDependenciesParamsOnVersionNotFound defines parameters for GetV3DependenciesDependencies.
const ( GetV3DependenciesDependenciesParamsOnVersionNotFoundShowAny GetV3DependenciesDependenciesParamsOnVersionNotFound = "show_any" GetV3DependenciesDependenciesParamsOnVersionNotFoundShowClosestGt GetV3DependenciesDependenciesParamsOnVersionNotFound = "show_closest_gt" GetV3DependenciesDependenciesParamsOnVersionNotFoundShowClosestLt GetV3DependenciesDependenciesParamsOnVersionNotFound = "show_closest_lt" GetV3DependenciesDependenciesParamsOnVersionNotFoundShowLatest GetV3DependenciesDependenciesParamsOnVersionNotFound = "show_latest" GetV3DependenciesDependenciesParamsOnVersionNotFoundStrict GetV3DependenciesDependenciesParamsOnVersionNotFound = "strict" )
Defines values for GetV3DependenciesDependenciesParamsOnVersionNotFound.
type GetV3GeoprovenanceCountriesParams ¶
type GetV3GeoprovenanceCountriesParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
// Requirement Optional version requirement (e.g. `v5.4.5`)
Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`
// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in results (placeholder — data source TBD).
ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`
// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
OnVersionNotFound *GetV3GeoprovenanceCountriesParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}
GetV3GeoprovenanceCountriesParams defines parameters for GetV3GeoprovenanceCountries.
type GetV3GeoprovenanceCountriesParamsOnVersionNotFound ¶
type GetV3GeoprovenanceCountriesParamsOnVersionNotFound string
GetV3GeoprovenanceCountriesParamsOnVersionNotFound defines parameters for GetV3GeoprovenanceCountries.
const ( GetV3GeoprovenanceCountriesParamsOnVersionNotFoundShowAny GetV3GeoprovenanceCountriesParamsOnVersionNotFound = "show_any" GetV3GeoprovenanceCountriesParamsOnVersionNotFoundShowClosestGt GetV3GeoprovenanceCountriesParamsOnVersionNotFound = "show_closest_gt" GetV3GeoprovenanceCountriesParamsOnVersionNotFoundShowClosestLt GetV3GeoprovenanceCountriesParamsOnVersionNotFound = "show_closest_lt" GetV3GeoprovenanceCountriesParamsOnVersionNotFoundShowLatest GetV3GeoprovenanceCountriesParamsOnVersionNotFound = "show_latest" GetV3GeoprovenanceCountriesParamsOnVersionNotFoundStrict GetV3GeoprovenanceCountriesParamsOnVersionNotFound = "strict" )
Defines values for GetV3GeoprovenanceCountriesParamsOnVersionNotFound.
type GetV3GeoprovenanceOriginParams ¶
type GetV3GeoprovenanceOriginParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
// Requirement Optional version requirement (e.g. `v5.4.5`)
Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`
// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in results (placeholder — data source TBD).
ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`
// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
OnVersionNotFound *GetV3GeoprovenanceOriginParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}
GetV3GeoprovenanceOriginParams defines parameters for GetV3GeoprovenanceOrigin.
type GetV3GeoprovenanceOriginParamsOnVersionNotFound ¶
type GetV3GeoprovenanceOriginParamsOnVersionNotFound string
GetV3GeoprovenanceOriginParamsOnVersionNotFound defines parameters for GetV3GeoprovenanceOrigin.
const ( GetV3GeoprovenanceOriginParamsOnVersionNotFoundShowAny GetV3GeoprovenanceOriginParamsOnVersionNotFound = "show_any" GetV3GeoprovenanceOriginParamsOnVersionNotFoundShowClosestGt GetV3GeoprovenanceOriginParamsOnVersionNotFound = "show_closest_gt" GetV3GeoprovenanceOriginParamsOnVersionNotFoundShowClosestLt GetV3GeoprovenanceOriginParamsOnVersionNotFound = "show_closest_lt" GetV3GeoprovenanceOriginParamsOnVersionNotFoundShowLatest GetV3GeoprovenanceOriginParamsOnVersionNotFound = "show_latest" GetV3GeoprovenanceOriginParamsOnVersionNotFoundStrict GetV3GeoprovenanceOriginParamsOnVersionNotFound = "strict" )
Defines values for GetV3GeoprovenanceOriginParamsOnVersionNotFound.
type GetV3VulnerabilitiesCpesParams ¶
type GetV3VulnerabilitiesCpesParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
// Requirement Optional version requirement (e.g. `v5.4.5`)
Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`
// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in results (placeholder — data source TBD).
ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`
// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
OnVersionNotFound *GetV3VulnerabilitiesCpesParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}
GetV3VulnerabilitiesCpesParams defines parameters for GetV3VulnerabilitiesCpes.
type GetV3VulnerabilitiesCpesParamsOnVersionNotFound ¶
type GetV3VulnerabilitiesCpesParamsOnVersionNotFound string
GetV3VulnerabilitiesCpesParamsOnVersionNotFound defines parameters for GetV3VulnerabilitiesCpes.
const ( GetV3VulnerabilitiesCpesParamsOnVersionNotFoundShowAny GetV3VulnerabilitiesCpesParamsOnVersionNotFound = "show_any" GetV3VulnerabilitiesCpesParamsOnVersionNotFoundShowClosestGt GetV3VulnerabilitiesCpesParamsOnVersionNotFound = "show_closest_gt" GetV3VulnerabilitiesCpesParamsOnVersionNotFoundShowClosestLt GetV3VulnerabilitiesCpesParamsOnVersionNotFound = "show_closest_lt" GetV3VulnerabilitiesCpesParamsOnVersionNotFoundShowLatest GetV3VulnerabilitiesCpesParamsOnVersionNotFound = "show_latest" GetV3VulnerabilitiesCpesParamsOnVersionNotFoundStrict GetV3VulnerabilitiesCpesParamsOnVersionNotFound = "strict" )
Defines values for GetV3VulnerabilitiesCpesParamsOnVersionNotFound.
type GetV3VulnerabilitiesVulnerabilitiesParams ¶
type GetV3VulnerabilitiesVulnerabilitiesParams struct {
// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
Purl PurlQuery `form:"purl" json:"purl"`
// Requirement Optional version requirement (e.g. `v5.4.5`)
Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`
// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in results (placeholder — data source TBD).
ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`
// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
OnVersionNotFound *GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}
GetV3VulnerabilitiesVulnerabilitiesParams defines parameters for GetV3VulnerabilitiesVulnerabilities.
type GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound ¶
type GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound string
GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound defines parameters for GetV3VulnerabilitiesVulnerabilities.
const ( GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFoundShowAny GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound = "show_any" GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFoundShowClosestGt GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound = "show_closest_gt" GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFoundShowClosestLt GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound = "show_closest_lt" GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFoundShowLatest GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound = "show_latest" GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFoundStrict GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound = "strict" )
Defines values for GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound.
type InfoCode ¶
type InfoCode string
InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational (a nearest-version was substituted); the others mark failures.
type KnowledgeBase ¶
type KnowledgeBase struct {
// DailyVersion Daily KB delta version.
DailyVersion string `json:"daily_version,omitempty"`
// MonthlyVersion Monthly KB snapshot version.
MonthlyVersion string `json:"monthly_version,omitempty"`
}
KnowledgeBase SCANOSS knowledge-base versions the scan ran against.
type LicenseDetails ¶
type LicenseDetails struct {
FullName *string `json:"full_name,omitempty"`
// Osadl OSADL compliance metadata for a license.
Osadl *OSADLInfo `json:"osadl,omitempty"`
// Spdx SPDX registry metadata for a license.
Spdx *SPDXInfo `json:"spdx,omitempty"`
}
LicenseDetails defines model for LicenseDetails.
type LicenseDetailsResponse ¶
type LicenseDetailsResponse struct {
License *LicenseDetails `json:"license,omitempty"`
// Status Outcome of a licenses-service call (papi common StatusResponse).
Status *LookupStatusResponse `json:"status,omitempty"`
}
LicenseDetailsResponse defines model for LicenseDetailsResponse.
type LicenseDetection ¶
type LicenseDetection struct {
Confidence float32 `json:"confidence"`
// Detector Name of the detector that produced the evidence.
Detector DetectorEnum `json:"detector"`
// Evidence Line range or byte range of the evidence, depending on the server's
// license-hints backend: 1-based inclusive **line numbers** with the
// default `postgres` backend, or **byte offsets** with the `ldb` backend.
// The content endpoints slice `?start=&end=` by the same unit.
Evidence EvidenceRange `json:"evidence"`
LicenseId string `json:"license_id"`
// Source Origin/category of the evidence. Today only `header_declared`,
// `notice_declared` and `metadata_declared` are emitted (derived from
// the file path); `spdx_tag` and `project_declared` are reserved for a
// richer signal.
Source SourceEnum `json:"source"`
}
LicenseDetection defines model for LicenseDetection.
type LicenseEvidenceFile ¶
type LicenseEvidenceFile struct {
Detections []LicenseDetection `json:"detections"`
File string `json:"file"`
// FileId MD5 of the file content (used as the content endpoint id).
FileId string `json:"file_id"`
}
LicenseEvidenceFile defines model for LicenseEvidenceFile.
type LicenseEvidenceItem ¶
type LicenseEvidenceItem struct {
Files *[]LicenseEvidenceFile `json:"files,omitempty"`
// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
// (a nearest-version was substituted); the others mark failures.
InfoCode *InfoCode `json:"info_code,omitempty"`
InfoMessage *string `json:"info_message,omitempty"`
Purl string `json:"purl"`
Requirement *string `json:"requirement,omitempty"`
// Url Present only when `search.show_url` is set (placeholder — not yet populated).
Url *string `json:"url,omitempty"`
// Version Concrete version resolved from `requirement`.
Version *string `json:"version,omitempty"`
}
LicenseEvidenceItem defines model for LicenseEvidenceItem.
type LicenseEvidenceResponse ¶
type LicenseEvidenceResponse struct {
Components []LicenseEvidenceItem `json:"components"`
Status BatchStatus `json:"status"`
}
LicenseEvidenceResponse defines model for LicenseEvidenceResponse.
type LicenseInfo ¶
type LicenseInfo struct {
FullName *string `json:"full_name,omitempty"`
Id *string `json:"id,omitempty"`
IsSpdxApproved *bool `json:"is_spdx_approved,omitempty"`
Url *string `json:"url,omitempty"`
}
LicenseInfo One resolved license of a component.
type LineRange ¶
type LineRange struct {
// EndLine Last line of the matched range.
EndLine int `json:"end_line"`
// StartLine First line of the matched range.
StartLine int `json:"start_line"`
}
LineRange A matched line range (inclusive) within a file.
type LookupStatusResponse ¶
type LookupStatusResponse struct {
Message *string `json:"message,omitempty"`
Status *LookupStatusResponseStatus `json:"status,omitempty"`
}
LookupStatusResponse Outcome of a licenses-service call (papi common StatusResponse).
type LookupStatusResponseStatus ¶
type LookupStatusResponseStatus string
LookupStatusResponseStatus defines model for LookupStatusResponse.Status.
const ( LookupStatusResponseStatusFAILED LookupStatusResponseStatus = "FAILED" LookupStatusResponseStatusSUCCEEDEDWITHWARNINGS LookupStatusResponseStatus = "SUCCEEDED_WITH_WARNINGS" LookupStatusResponseStatusSUCCESS LookupStatusResponseStatus = "SUCCESS" )
Defines values for LookupStatusResponseStatus.
type MatchResult ¶
type MatchResult struct {
// InputLineRanges Snippet matches only — matched line ranges in the input file.
InputLineRanges []LineRange `json:"input_line_ranges,omitempty"`
// MatchPercentage Snippet matches only; omitted for full-file matches.
MatchPercentage int `json:"match_percentage,omitempty"`
// OssFilePath Path of the matched file inside the OSS component.
OssFilePath string `json:"oss_file_path,omitempty"`
// OssLineRanges Snippet matches only — matched line ranges in the OSS file.
OssLineRanges []LineRange `json:"oss_line_ranges,omitempty"`
// UrlHash url_hash of the matched component release.
UrlHash string `json:"url_hash"`
}
MatchResult One matched KB entry for a scanned file.
type MatchedOperation ¶
type MatchedOperation struct {
Expression *string `json:"expression,omitempty"`
Kind MatchedOperationKind `json:"kind"`
Line int32 `json:"line"`
Symbol string `json:"symbol"`
}
MatchedOperation The cryptographic operation matched by a detection rule.
type MatchedOperationKind ¶
type MatchedOperationKind string
MatchedOperationKind defines model for MatchedOperation.Kind.
const ( Call MatchedOperationKind = "call" FieldAccess MatchedOperationKind = "field_access" Instantiation MatchedOperationKind = "instantiation" TypeUsage MatchedOperationKind = "type_usage" )
Defines values for MatchedOperationKind.
type OSADLInfo ¶
type OSADLInfo struct {
Compatibility *[]string `json:"compatibility,omitempty"`
CopyleftClause *bool `json:"copyleft_clause,omitempty"`
DependingCompatibility *[]string `json:"depending_compatibility,omitempty"`
Incompatibility *[]string `json:"incompatibility,omitempty"`
PatentHints *bool `json:"patent_hints,omitempty"`
}
OSADLInfo OSADL compliance metadata for a license.
type ObligationsResponse ¶
type ObligationsResponse struct {
// Obligations OSADL compliance metadata for a license.
Obligations *OSADLInfo `json:"obligations,omitempty"`
// Status Outcome of a licenses-service call (papi common StatusResponse).
Status *LookupStatusResponse `json:"status,omitempty"`
}
ObligationsResponse defines model for ObligationsResponse.
type PayloadTooLarge ¶
type PayloadTooLarge = ErrorBody
PayloadTooLarge defines model for PayloadTooLarge.
type PostComponentsStatusJSONRequestBody ¶
type PostComponentsStatusJSONRequestBody = BatchRequest
PostComponentsStatusJSONRequestBody defines body for PostComponentsStatus for application/json ContentType.
type PostCopyrightEvidenceJSONRequestBody ¶
type PostCopyrightEvidenceJSONRequestBody = BatchRequest
PostCopyrightEvidenceJSONRequestBody defines body for PostCopyrightEvidence for application/json ContentType.
type PostCopyrightHoldersJSONRequestBody ¶
type PostCopyrightHoldersJSONRequestBody = BatchRequest
PostCopyrightHoldersJSONRequestBody defines body for PostCopyrightHolders for application/json ContentType.
type PostLicenseAttributionJSONRequestBody ¶
type PostLicenseAttributionJSONRequestBody = BatchRequest
PostLicenseAttributionJSONRequestBody defines body for PostLicenseAttribution for application/json ContentType.
type PostLicenseEvidenceJSONRequestBody ¶
type PostLicenseEvidenceJSONRequestBody = BatchRequest
PostLicenseEvidenceJSONRequestBody defines body for PostLicenseEvidence for application/json ContentType.
type PostLicensesComponentsJSONRequestBody ¶
type PostLicensesComponentsJSONRequestBody = BatchRequest
PostLicensesComponentsJSONRequestBody defines body for PostLicensesComponents for application/json ContentType.
type PostScanBatchParams ¶
type PostScanBatchParams struct {
// XScanId Absent → Mode B (synchronous single-shot). Present → Mode A (chunked async): a client-generated canonical lowercase UUIDv7, sent on every block of the session.
XScanId *openapi_types.UUID `json:"X-Scan-Id,omitempty"`
// ContentRange Required in Mode A (`X-Scan-Id` present): byte range of this block, e.g. `bytes 0-8388607/26214400` (end inclusive, 0-based). Ignored in Mode B.
ContentRange *string `json:"Content-Range,omitempty"`
}
PostScanBatchParams defines parameters for PostScanBatch.
type PostScanComponentsJSONRequestBody ¶
type PostScanComponentsJSONRequestBody = ScanSbom
PostScanComponentsJSONRequestBody defines body for PostScanComponents for application/json ContentType.
type PostScanComponentsParams ¶
type PostScanComponentsParams struct {
// Urlhash One urlhash, or several comma-separated (`h1,h2,h3`).
Urlhash string `form:"urlhash" json:"urlhash"`
}
PostScanComponentsParams defines parameters for PostScanComponents.
type PostScanDirectMultipartBody ¶
type PostScanDirectMultipartBody struct {
File openapi_types.File `json:"file"`
}
PostScanDirectMultipartBody defines parameters for PostScanDirect.
type PostScanDirectMultipartRequestBody ¶
type PostScanDirectMultipartRequestBody PostScanDirectMultipartBody
PostScanDirectMultipartRequestBody defines body for PostScanDirect for multipart/form-data ContentType.
type PostScanSnippetsParams ¶
type PostScanSnippetsParams struct {
// Threshold Minimum match threshold (percent).
Threshold *int `form:"threshold,omitempty" json:"threshold,omitempty"`
}
PostScanSnippetsParams defines parameters for PostScanSnippets.
type PostScanSnippetsTextBody ¶
type PostScanSnippetsTextBody = string
PostScanSnippetsTextBody defines parameters for PostScanSnippets.
type PostScanSnippetsTextRequestBody ¶
type PostScanSnippetsTextRequestBody = PostScanSnippetsTextBody
PostScanSnippetsTextRequestBody defines body for PostScanSnippets for text/plain ContentType.
type PostV3CryptographyAlgorithmsJSONRequestBody ¶
type PostV3CryptographyAlgorithmsJSONRequestBody = BatchRequest
PostV3CryptographyAlgorithmsJSONRequestBody defines body for PostV3CryptographyAlgorithms for application/json ContentType.
type PostV3CryptographyAlgorithmsRangeJSONRequestBody ¶
type PostV3CryptographyAlgorithmsRangeJSONRequestBody = BatchRequest
PostV3CryptographyAlgorithmsRangeJSONRequestBody defines body for PostV3CryptographyAlgorithmsRange for application/json ContentType.
type PostV3CryptographyAlgorithmsVersionsRangeJSONRequestBody ¶
type PostV3CryptographyAlgorithmsVersionsRangeJSONRequestBody = BatchRequest
PostV3CryptographyAlgorithmsVersionsRangeJSONRequestBody defines body for PostV3CryptographyAlgorithmsVersionsRange for application/json ContentType.
type PostV3CryptographyHintsJSONRequestBody ¶
type PostV3CryptographyHintsJSONRequestBody = BatchRequest
PostV3CryptographyHintsJSONRequestBody defines body for PostV3CryptographyHints for application/json ContentType.
type PostV3CryptographyHintsRangeJSONRequestBody ¶
type PostV3CryptographyHintsRangeJSONRequestBody = BatchRequest
PostV3CryptographyHintsRangeJSONRequestBody defines body for PostV3CryptographyHintsRange for application/json ContentType.
type PostV3DependenciesDependenciesJSONRequestBody ¶
type PostV3DependenciesDependenciesJSONRequestBody = BatchRequest
PostV3DependenciesDependenciesJSONRequestBody defines body for PostV3DependenciesDependencies for application/json ContentType.
type PostV3DependenciesTransitiveJSONRequestBody ¶
type PostV3DependenciesTransitiveJSONRequestBody = TransitiveRequest
PostV3DependenciesTransitiveJSONRequestBody defines body for PostV3DependenciesTransitive for application/json ContentType.
type PostV3GeoprovenanceCountriesJSONRequestBody ¶
type PostV3GeoprovenanceCountriesJSONRequestBody = BatchRequest
PostV3GeoprovenanceCountriesJSONRequestBody defines body for PostV3GeoprovenanceCountries for application/json ContentType.
type PostV3GeoprovenanceOriginJSONRequestBody ¶
type PostV3GeoprovenanceOriginJSONRequestBody = BatchRequest
PostV3GeoprovenanceOriginJSONRequestBody defines body for PostV3GeoprovenanceOrigin for application/json ContentType.
type PostV3VulnerabilitiesCpesJSONRequestBody ¶
type PostV3VulnerabilitiesCpesJSONRequestBody = BatchRequest
PostV3VulnerabilitiesCpesJSONRequestBody defines body for PostV3VulnerabilitiesCpes for application/json ContentType.
type PostV3VulnerabilitiesVulnerabilitiesJSONRequestBody ¶
type PostV3VulnerabilitiesVulnerabilitiesJSONRequestBody = BatchRequest
PostV3VulnerabilitiesVulnerabilitiesJSONRequestBody defines body for PostV3VulnerabilitiesVulnerabilities for application/json ContentType.
type RawScanResult ¶
RawScanResult Native SCANOSS engine scan output: an object keyed by each scanned file path, each value an array of match candidates. Field set is the engine's, passed through verbatim — modelled here as free-form.
type ReachableFinding ¶
type ReachableFinding struct {
// ChainDepth Number of intermediate hops between the entry point and this finding.
ChainDepth int32 `json:"chain_depth"`
// FindingGraphRef Reference to the `finding_id` of the finding graph this was resolved from.
FindingGraphRef string `json:"finding_graph_ref"`
FindingId string `json:"finding_id"`
// MatchedOperation The cryptographic operation matched by a detection rule.
MatchedOperation MatchedOperation `json:"matched_operation"`
}
ReachableFinding One finding reachable from a crypto entry point.
type ReachableSupportingCall ¶
type ReachableSupportingCall struct {
ChainDepth int32 `json:"chain_depth"`
SupportingCallRef string `json:"supporting_call_ref"`
SupportingId string `json:"supporting_id"`
}
ReachableSupportingCall A supporting call reachable from a crypto entry point.
type ReadinessResponse ¶
type ReadinessResponse struct {
Checks map[string]ComponentHealth `json:"checks"`
Status ReadinessResponseStatus `json:"status"`
}
ReadinessResponse Readiness outcome. `status` is `ok` (200) when every critical dependency is healthy, else `not_ready` (503). `checks` maps each dependency name (database, reachability_db, ldb, notices_kb, sources_kb, metadata_kb) to its status.
type ReadinessResponseStatus ¶
type ReadinessResponseStatus string
ReadinessResponseStatus defines model for ReadinessResponse.Status.
const ( NotReady ReadinessResponseStatus = "not_ready" Ok ReadinessResponseStatus = "ok" )
Defines values for ReadinessResponseStatus.
type Request ¶
type Request struct {
// Purl Package URL
Purl string `json:"purl"`
// Requirement Optional version requirement
Requirement *string `json:"requirement,omitempty"`
}
Request defines model for Request.
type RequirementQuery ¶
type RequirementQuery = string
RequirementQuery defines model for RequirementQuery.
type SPDXInfo ¶
type SPDXInfo struct {
DetailsUrl *string `json:"details_url,omitempty"`
FullName *string `json:"full_name,omitempty"`
Id *string `json:"id,omitempty"`
IsDeprecated *bool `json:"is_deprecated,omitempty"`
IsFsfLibre *bool `json:"is_fsf_libre,omitempty"`
IsOsiApproved *bool `json:"is_osi_approved,omitempty"`
ReferenceUrl *string `json:"reference_url,omitempty"`
SeeAlso *[]string `json:"see_also,omitempty"`
}
SPDXInfo SPDX registry metadata for a license.
type ScanComponentsResponse ¶
type ScanComponentsResponse struct {
Results *[]struct {
Component *struct {
ReleaseDate *string `json:"release_date,omitempty"`
Version *string `json:"version,omitempty"`
} `json:"component,omitempty"`
UrlHash *string `json:"url_hash,omitempty"`
} `json:"results,omitempty"`
}
ScanComponentsResponse Engine component lookup. Carries a `results` array, one entry per resolved urlhash; entries across batched responses are concatenated.
type ScanEnvelope ¶
type ScanEnvelope struct {
// Error Populated only when status is `failed`.
Error string `json:"error,omitempty"`
// FilesTotal File count of the report, filled in on completion.
FilesTotal int `json:"files_total,omitempty"`
// Phase Current pipeline pass while scanning, e.g. 'Pass 1: scan files'.
Phase string `json:"phase,omitempty"`
// PhaseDone Items processed in the current phase.
PhaseDone int `json:"phase_done,omitempty"`
// PhaseTotal Total items in the current phase.
PhaseTotal int `json:"phase_total,omitempty"`
// ReceivedBytes Bytes received so far (Mode A upload; omitted when 0).
ReceivedBytes int `json:"received_bytes,omitempty"`
// Result Populated only when status is `completed`. The batchScanner report — byte-identical whether obtained synchronously (Mode B) or by polling an async session to completion (Mode A).
Result *ScanResult `json:"result,omitempty"`
// ScanId Canonical lowercase UUIDv7 session id. In Mode A this is the client-supplied id; in Mode B it is a server-generated id for traceability only (no session is created).
ScanId string `json:"scan_id"`
Status ScanEnvelopeStatus `json:"status"`
// TotalBytes Declared total upload size (Mode A; omitted when 0).
TotalBytes int `json:"total_bytes,omitempty"`
// UploadPercent Exact upload progress percent (Mode A; omitted when 0).
UploadPercent int `json:"upload_percent,omitempty"`
}
ScanEnvelope Unified status envelope returned by `POST /v3/wfp/scan` (both modes) and `GET /v3/wfp/scan/{id}`. Mode B returns it synchronously already at `status: completed`; Mode A returns it per block (`uploading`) and on each poll. Zero-valued fields are omitted, so an uploading session carries no scan counters and a running scan carries no result.
type ScanEnvelopeStatus ¶
type ScanEnvelopeStatus string
ScanEnvelopeStatus defines model for ScanEnvelope.Status.
const ( Completed ScanEnvelopeStatus = "completed" Expired ScanEnvelopeStatus = "expired" Failed ScanEnvelopeStatus = "failed" Queued ScanEnvelopeStatus = "queued" Scanning ScanEnvelopeStatus = "scanning" Uploading ScanEnvelopeStatus = "uploading" )
Defines values for ScanEnvelopeStatus.
type ScanRawMatch ¶
type ScanRawMatch struct {
Purl *string `json:"purl,omitempty"`
// Rank Engine match ordering; lower is a stronger match.
Rank *int `json:"rank,omitempty"`
UrlHashes *[]string `json:"url_hashes,omitempty"`
}
ScanRawMatch defines model for ScanRawMatch.
type ScanRawResponse ¶
type ScanRawResponse struct {
FileMd5 *string `json:"file_md5,omitempty"`
Matches *[]ScanRawMatch `json:"matches,omitempty"`
}
ScanRawResponse defines model for ScanRawResponse.
type ScanResult ¶
type ScanResult struct {
// Components Resolved components keyed by url_hash. Extra fields may be present.
Components map[string]ComponentResult `json:"components,omitempty"`
// Files One entry per scanned file (order is unspecified).
Files []FileResult `json:"files,omitempty"`
// Server Optional run/server metadata passed through from the batchScanner pipeline when present; omitted otherwise.
Server *ScanServer `json:"server,omitempty"`
}
ScanResult batchScanner multi-pass report: a `files` array of per-file match entries and a `components` map keyed by url_hash. Produced by /wfp/scan (not raw engine output).
type ScanSbom ¶
type ScanSbom struct {
Components *[]struct {
Purl *string `json:"purl,omitempty"`
} `json:"components,omitempty"`
}
ScanSbom Optional SBOM passed to the engine for context (`-s`).
type ScanServer ¶
type ScanServer struct {
// ApiVersion batchScanner API version.
ApiVersion string `json:"api_version,omitempty"`
// ElapsedMs Scan wall-clock time
ElapsedMs int `json:"elapsed_ms,omitempty"`
// Hostname Host that ran the scan.
Hostname string `json:"hostname,omitempty"`
KnowledgeBase *KnowledgeBase `json:"knowledge_base,omitempty"`
}
ScanServer Run/server metadata for the scan, produced by the batchScanner pipeline and passed through unchanged. Fields may be empty; open to extra passthrough fields.
type SearchComponentsParams ¶
type SearchComponentsParams struct {
// Search Free-form search term. Overrides `vendor`/`component` when present.
Search *string `form:"search,omitempty" json:"search,omitempty"`
Vendor *string `form:"vendor,omitempty" json:"vendor,omitempty"`
Component *string `form:"component,omitempty" json:"component,omitempty"`
// PurlType purl type (github, npm, pypi, gem, maven, …). Defaults to github.
PurlType *string `form:"purl_type,omitempty" json:"purl_type,omitempty"`
Limit *int `form:"limit,omitempty" json:"limit,omitempty"`
Offset *int `form:"offset,omitempty" json:"offset,omitempty"`
}
SearchComponentsParams defines parameters for SearchComponents.
type SearchCriteria ¶
type SearchCriteria struct {
// MaxResultsPerPurl Caps the per-purl result array in the output. 0 = no limit.
MaxResultsPerPurl *int `json:"max_results_per_purl,omitempty"`
// OnVersionNotFound Version fallback when the requested version has no data:
// `strict` (no fallback), `show_latest`, `show_closest_lt`,
// `show_closest_gt`, `show_any`. Not applied to range endpoints.
OnVersionNotFound *SearchCriteriaOnVersionNotFound `json:"on_version_not_found,omitempty"`
// ShowRelatedResults Enable the source-purl fallback lookup.
ShowRelatedResults *bool `json:"show_related_results,omitempty"`
// ShowUrl Include a `url` in each result (placeholder — data source TBD).
ShowUrl *bool `json:"show_url,omitempty"`
}
SearchCriteria Optional request-level search configuration applied to every component in the batch (for GET endpoints the same knobs are query params). All fields are optional; the defaults disable every fallback (strict version matching, no related results). Honored by endpoints that support search criteria — currently `/v3/license/evidence`.
type SearchCriteriaOnVersionNotFound ¶
type SearchCriteriaOnVersionNotFound string
SearchCriteriaOnVersionNotFound Version fallback when the requested version has no data: `strict` (no fallback), `show_latest`, `show_closest_lt`, `show_closest_gt`, `show_any`. Not applied to range endpoints.
const ( SearchCriteriaOnVersionNotFoundShowAny SearchCriteriaOnVersionNotFound = "show_any" SearchCriteriaOnVersionNotFoundShowClosestGt SearchCriteriaOnVersionNotFound = "show_closest_gt" SearchCriteriaOnVersionNotFoundShowClosestLt SearchCriteriaOnVersionNotFound = "show_closest_lt" SearchCriteriaOnVersionNotFoundShowLatest SearchCriteriaOnVersionNotFound = "show_latest" SearchCriteriaOnVersionNotFoundStrict SearchCriteriaOnVersionNotFound = "strict" )
Defines values for SearchCriteriaOnVersionNotFound.
type SearchMaxResults ¶
type SearchMaxResults = int
SearchMaxResults defines model for SearchMaxResults.
type SearchOnVersionNotFound ¶
type SearchOnVersionNotFound string
SearchOnVersionNotFound defines model for SearchOnVersionNotFound.
const ( SearchOnVersionNotFoundShowAny SearchOnVersionNotFound = "show_any" SearchOnVersionNotFoundShowClosestGt SearchOnVersionNotFound = "show_closest_gt" SearchOnVersionNotFoundShowClosestLt SearchOnVersionNotFound = "show_closest_lt" SearchOnVersionNotFoundShowLatest SearchOnVersionNotFound = "show_latest" SearchOnVersionNotFoundStrict SearchOnVersionNotFound = "strict" )
Defines values for SearchOnVersionNotFound.
type SearchShowRelated ¶
type SearchShowRelated = bool
SearchShowRelated defines model for SearchShowRelated.
type SnippetCandidate ¶
type SnippetCandidate struct {
FileMd5 *string `json:"file_md5,omitempty"`
Hits *int `json:"hits,omitempty"`
// InputLineRanges Comma-separated line ranges in the posted WFP, e.g. "12-148".
InputLineRanges *string `json:"input_line_ranges,omitempty"`
LinesMatched *int `json:"lines_matched,omitempty"`
MatchedPercent *int `json:"matched_percent,omitempty"`
// OssLineRanges Comma-separated line ranges in the KB component.
OssLineRanges *string `json:"oss_line_ranges,omitempty"`
}
SnippetCandidate defines model for SnippetCandidate.
type SnippetGroup ¶
type SnippetGroup struct {
Candidates *[]SnippetCandidate `json:"candidates,omitempty"`
GroupIndex *int `json:"group_index,omitempty"`
}
SnippetGroup defines model for SnippetGroup.
type SnippetResponse ¶
type SnippetResponse struct {
FileMd5 *string `json:"file_md5,omitempty"`
FilePath *string `json:"file_path,omitempty"`
FileSize *int `json:"file_size,omitempty"`
SnippetGroups *[]SnippetGroup `json:"snippet_groups,omitempty"`
TolerancePct *float32 `json:"tolerance_pct,omitempty"`
TotalLines *int `json:"total_lines,omitempty"`
}
SnippetResponse defines model for SnippetResponse.
type SourceEnum ¶
type SourceEnum string
SourceEnum Origin/category of the evidence. Today only `header_declared`, `notice_declared` and `metadata_declared` are emitted (derived from the file path); `spdx_tag` and `project_declared` are reserved for a richer signal.
const ( HeaderDeclared SourceEnum = "header_declared" MetadataDeclared SourceEnum = "metadata_declared" NoticeDeclared SourceEnum = "notice_declared" ProjectDeclared SourceEnum = "project_declared" SpdxTag SourceEnum = "spdx_tag" )
Defines values for SourceEnum.
type SourceLocation ¶
SourceLocation defines model for SourceLocation.
type StatusResponse ¶
type StatusResponse struct {
Message *string `json:"message,omitempty"`
Status *StatusResponseStatus `json:"status,omitempty"`
}
StatusResponse Top-level outcome for the request as a whole.
type StatusResponseStatus ¶
type StatusResponseStatus string
StatusResponseStatus defines model for StatusResponse.Status.
const ( FAILED StatusResponseStatus = "FAILED" SUCCEEDEDWITHWARNINGS StatusResponseStatus = "SUCCEEDED_WITH_WARNINGS" SUCCESS StatusResponseStatus = "SUCCESS" WARNING StatusResponseStatus = "WARNING" )
Defines values for StatusResponseStatus.
type SupportingCall ¶
type SupportingCall struct {
CanonicalSignature string `json:"canonical_signature"`
// Category Semantic category of this supporting call. Known values include
// `iv` (IV/nonce generation), `key` (key material setup), `param`
// (cipher parameter initialisation). New categories may be added
// as the schema evolves.
Category *string `json:"category,omitempty"`
DisplaySymbol *string `json:"display_symbol,omitempty"`
EndLine *int32 `json:"end_line,omitempty"`
FilePath *string `json:"file_path,omitempty"`
FunctionKey *string `json:"function_key,omitempty"`
FunctionName string `json:"function_name"`
StartLine *int32 `json:"start_line,omitempty"`
// SupportingId Stable ID for this supporting call. Primary key for the foreign-key relationship.
SupportingId string `json:"supporting_id"`
}
SupportingCall One deduped object-lifecycle call (e.g. IV generation, key-size setting) associated with a detected cryptographic operation. Entries in `supporting_calls[]` are referenced by `supporting_id` from: - `cryptographic_asset.supporting_call_ids[]` (per-asset breadcrumb) - `crypto_entry_points[].reachable_supporting_calls[].supporting_id`
Populated only when `include_supporting_calls: true`.
type TransitiveDependency ¶
type TransitiveDependency struct {
Purl *string `json:"purl,omitempty"`
Requirement *string `json:"requirement,omitempty"`
Version *string `json:"version,omitempty"`
}
TransitiveDependency defines model for TransitiveDependency.
type TransitiveRequest ¶
type TransitiveRequest struct {
Components []Request `json:"components"`
Depth *int `json:"depth,omitempty"`
Limit *int `json:"limit,omitempty"`
}
TransitiveRequest defines model for TransitiveRequest.
type TransitiveResponse ¶
type TransitiveResponse struct {
Dependencies *[]TransitiveDependency `json:"dependencies,omitempty"`
Status BatchStatus `json:"status"`
}
TransitiveResponse defines model for TransitiveResponse.
type VulnerabilitiesResponse ¶
type VulnerabilitiesResponse struct {
Components []ComponentVulnerabilityInfo `json:"components"`
Status BatchStatus `json:"status"`
}
VulnerabilitiesResponse defines model for VulnerabilitiesResponse.
type Vulnerability ¶
type Vulnerability struct {
Cve *string `json:"cve,omitempty"`
Cvss *[]CVSS `json:"cvss,omitempty"`
Epss *EPSS `json:"epss,omitempty"`
Id *string `json:"id,omitempty"`
Modified *string `json:"modified,omitempty"`
Published *string `json:"published,omitempty"`
Severity *string `json:"severity,omitempty"`
Source *VulnerabilitySource `json:"source,omitempty"`
Summary *string `json:"summary,omitempty"`
Url *string `json:"url,omitempty"`
}
Vulnerability defines model for Vulnerability.
type VulnerabilitySource ¶
type VulnerabilitySource string
VulnerabilitySource defines model for Vulnerability.Source.
const ( NVD VulnerabilitySource = "NVD" OSV VulnerabilitySource = "OSV" )
Defines values for VulnerabilitySource.