GO-2024-2863: wolfictl leaks GitHub tokens to remote non-GitHub git servers in github.com/wolfi-dev/wolfictl

advisory

package

v0.0.1 Latest Latest Go to latest Published: Aug 4, 2023 License: Apache-2.0 Imports: 23 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/wolfi-dev/wolfictl

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func BuildDatabase(opts BuildDatabaseOptions) ([]byte, error)
func Create(req Request, opts CreateOptions) error
func Discover(opts DiscoverOptions) error
func Export(opts ExportOptions) (io.Reader, error)
func Latest(entries []advisoryconfigs.Entry) *advisoryconfigs.Entry
func Update(req Request, opts UpdateOptions) error
func Validate(opts ValidateOptions) *multierror.Error
type BuildDatabaseOptions
type CreateOptions
type DiscoverOptions
type ExportOptions
type Request
- func (req Request) Validate() error
type UpdateOptions
type ValidateOptions

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrNoPackageSecurityData = errors.New("no package security data found")

Functions ¶

func BuildDatabase ¶

func BuildDatabase(opts BuildDatabaseOptions) ([]byte, error)

BuildDatabase builds a security database from the given options.

func Create ¶

func Create(req Request, opts CreateOptions) error

Create creates a new advisory in the `advisories` section of the configuration at the provided path.

func Discover ¶

func Discover(opts DiscoverOptions) error

Discover searches for new vulnerabilities that match packages in a config index, and adds new advisories to configs for vulnerabilities that haven't been noted yet.

func Export ¶

func Export(opts ExportOptions) (io.Reader, error)

Export returns a reader of advisory data encoded as CSV.

func Latest ¶

func Latest(entries []advisoryconfigs.Entry) *advisoryconfigs.Entry

Latest returns the latest entry among the given set of entries for an advisory. If there are no entries, Latest returns nil.

func Update ¶

func Update(req Request, opts UpdateOptions) error

Update adds a new entry to an existing advisory (named by the vuln parameter) in the configuration at the provided path.

func Validate ¶

func Validate(opts ValidateOptions) *multierror.Error

Types ¶

type BuildDatabaseOptions ¶

type BuildDatabaseOptions struct {
	AdvisoryCfgIndices []*configs.Index[advisory.Document]

	URLPrefix string
	Archs     []string
	Repo      string
}

BuildDatabaseOptions contains the options for building a database.

type CreateOptions ¶

type CreateOptions struct {
	// AdvisoryCfgs is the Index of advisory configurations on which to operate.
	AdvisoryCfgs *configs.Index[advisory.Document]
}

CreateOptions configures the Create operation.

type DiscoverOptions ¶

type DiscoverOptions struct {
	// SelectedPackages is a list of packages to include in search. If empty, all packages will be included in search.
	SelectedPackages []string

	// BuildCfgs is the Index of build configurations on which to operate.
	BuildCfgs *configs.Index[config.Configuration]

	// AdvisoryCfgs is the Index of advisories on which to operate.
	AdvisoryCfgs *configs.Index[advisoryconfigs.Document]

	// PackageRepositoryURL is the URL to the distro's package repository (e.g. "https://packages.wolfi.dev/os").
	PackageRepositoryURL string

	// The Arches to select during discovery (e.g. "x86_64").
	Arches []string

	// VulnerabilityDetector is how Discover finds for vulnerabilities for packages.
	VulnerabilityDetector vuln.Detector
}

type ExportOptions ¶

type ExportOptions struct {
	AdvisoryCfgIndices []*configs.Index[advisory.Document]
}

type Request ¶

type Request struct {
	Package       string
	Vulnerability string
	Status        vex.Status
	Action        string
	Impact        string
	Justification vex.Justification
	FixedVersion  string
	Timestamp     time.Time
}

Request specifies the parameters for creating a new advisory or updating an existing advisory.

func (Request) Validate ¶

func (req Request) Validate() error

Validate returns an error if the Request is invalid.

type UpdateOptions ¶

type UpdateOptions struct {
	// AdvisoryCfgs is the Index of advisory configurations on which to operate.
	AdvisoryCfgs *configs.Index[advisory.Document]
}

UpdateOptions configures the Update operation.

type ValidateOptions ¶

type ValidateOptions struct {
	// BuildCfgs is the Index of build configurations on which to operate (not used yet).
	BuildCfgs *configs.Index[config.Configuration]

	// AdvisoryCfgs is the Index of advisories on which to operate.
	AdvisoryCfgs *configs.Index[advisoryconfigs.Document]

	// PackageRepositoryURL is the URL to the distro's package repository (e.g. "https://packages.wolfi.dev/os") (not used yet).
	PackageRepositoryURL string

	// The Arches to consider during validation (e.g. "x86_64") (not used yet).
	Arches []string
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
secdb

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL