Documentation
¶
Index ¶
- Variables
- func BuildCVEToGoIDMap(entries []VulnEntry) map[string]string
- func InsertToolchainVuln(ctx context.Context, goVersion, cveID string, releasedAt time.Time) error
- func ParseReleaseAnnouncement(subject, body string) (versions []string, cves []string)
- func ReceiveAnnouncement(w http.ResponseWriter, req *http.Request)
- func ServeDashboard(w http.ResponseWriter, req *http.Request)
- func SyncVulnDatabase(ctx context.Context) error
- type UnpublishedVuln
- type VulnEntry
- type VulnRecord
Constants ¶
This section is empty.
Variables ¶
var AnnouncementPassword string
AnnouncementPassword is the password required to POST announcements. Set from config file. If empty, the endpoint is disabled.
Functions ¶
func BuildCVEToGoIDMap ¶
BuildCVEToGoIDMap creates a map from CVE ID to GO ID.
func InsertToolchainVuln ¶
InsertToolchainVuln inserts a toolchain vulnerability record into the database.
func ParseReleaseAnnouncement ¶
ParseReleaseAnnouncement parses a Go release announcement email and extracts the Go versions and CVE IDs.
func ReceiveAnnouncement ¶
func ReceiveAnnouncement(w http.ResponseWriter, req *http.Request)
ReceiveAnnouncement handles POST requests with Go release announcement emails.
func ServeDashboard ¶
func ServeDashboard(w http.ResponseWriter, req *http.Request)
func SyncVulnDatabase ¶
SyncVulnDatabase checks unpublished vulnerabilities against vuln.go.dev and updates them.
Types ¶
type UnpublishedVuln ¶
UnpublishedVuln represents a toolchain_vuln row with null goid.
type VulnEntry ¶
type VulnEntry struct {
ID string `json:"id"`
Modified string `json:"modified"`
Aliases []string `json:"aliases"`
}
VulnEntry represents an entry in the vuln.go.dev index.
type VulnRecord ¶
VulnRecord represents the full vulnerability record from vuln.go.dev.
func FetchVulnRecord ¶
func FetchVulnRecord(ctx context.Context, goID string) (*VulnRecord, error)
FetchVulnRecord downloads and parses a specific vulnerability record.
Source Files