govulncheck

package

v0.11.0-pre.2 Latest Latest Go to latest Published: Dec 12, 2022 License: BSD-3-Clause Imports: 7 Imported by: 0

Documentation ¶

Overview ¶

Package govulncheck provides an experimental govulncheck API.

Index ¶

Variables
func LatestFixed(modulePath string, as []osv.Affected) string
func NewInMemoryCache(underlying vulnc.Cache) *inMemoryCache
type AnalysisMode
type CallStack
type Config
type Module
type Package
type Result
type StackFrame
type Vuln

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// Source reports vulnerabilities that affect the analyzed packages.
	Source = govulncheck.Source

	// DefaultCache constructs cache for a vulnerability database client.
	DefaultCache = govulncheck.DefaultCache
)

Functions ¶

func LatestFixed ¶

func LatestFixed(modulePath string, as []osv.Affected) string

LatestFixed returns the latest fixed version in the list of affected ranges, or the empty string if there are no fixed versions.

func NewInMemoryCache ¶ added in v0.11.0

func NewInMemoryCache(underlying vulnc.Cache) *inMemoryCache

NewInMemoryCache returns a new memory-based cache that decorates the provided cache (file-based, perhaps).

Types ¶

type AnalysisMode ¶ added in v0.11.0

type AnalysisMode string

const (
	ModeInvalid     AnalysisMode = "" // zero value
	ModeGovulncheck AnalysisMode = "govulncheck"
	ModeImports     AnalysisMode = "imports"
)

type CallStack ¶ added in v0.11.0

type CallStack = govulncheck.CallStack

CallStacks contains a representative call stack for each vulnerable symbol that is called.

type Config ¶ added in v0.11.0

type Config = govulncheck.Config

Config is the configuration for Main.

type Module ¶ added in v0.11.0

type Module = govulncheck.Module

Module represents a specific vulnerability relevant to a single module or package.

type Package ¶ added in v0.11.0

type Package = govulncheck.Package

Package is a Go package with known vulnerable symbols.

type Result ¶ added in v0.11.0

type Result struct {
	// Vulns contains all vulnerabilities that are called or imported by
	// the analyzed module.
	Vulns []*Vuln `json:",omitempty"`

	// Mode contains the source of the vulnerability info.
	// Clients of the gopls.fetch_vulncheck_result command may need
	// to interprete the vulnerabilities differently based on the
	// analysis mode. For example, Vuln without callstack traces
	// indicate a vulnerability that is not used if the result was
	// from 'govulncheck' analysis mode. On the other hand, Vuln
	// without callstack traces just implies the package with the
	// vulnerability is known to the workspace and we do not know
	// whether the vulnerable symbols are actually used or not.
	Mode AnalysisMode `json:",omitempty"`

	// AsOf describes when this Result was computed using govulncheck.
	// It is valid only with the govulncheck analysis mode.
	AsOf time.Time `json:",omitempty"`
}

Result is the result of vulnerability scanning.

type StackFrame ¶ added in v0.11.0

type StackFrame = govulncheck.StackFrame

StackFrame represents a call stack entry.

type Vuln ¶ added in v0.10.0

type Vuln = govulncheck.Vuln

Vuln represents a single OSV entry.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
semver Package semver provides shared utilities for manipulating Go semantic versions.	Package semver provides shared utilities for manipulating Go semantic versions.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL