Documentation
¶
Index ¶
- func New(pom string, opts Opts) api.DependencyManager
- type CVSSv2
- type CVSSv3
- type Dependency
- type Maven
- func (m Maven) DependencyTree() (api.DependencyTree, error)
- func (m Maven) IsMultiModules() (bool, error)
- func (m Maven) StageUpdate() error
- func (m Maven) SubModule(moduleGAV string) (api.DependencyManager, error)
- func (m Maven) UpdateDependency(dep api.DependencyTreeNode) (string, error)
- func (m Maven) Verify() (api.TestReport, error)
- type Opts
- type Vulnerability
- type VulnerabilityReport
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type CVSSv2 ¶
type CVSSv2 struct {
ConfidentialImpact string `json:"confidentialImpact"`
Severity string `json:"severity"`
Score float64 `json:"score"`
ExploitabilityScore string `json:"exploitabilityScore"`
AccessComplexity string `json:"accessComplexity"`
AvailabilityImpact string `json:"availabilityImpact"`
IntegrityImpact string `json:"integrityImpact"`
ImpactScore string `json:"impactScore"`
Version string `json:"version"`
AccessVector string `json:"accessVector"`
Authenticationr string `json:"authenticationr"`
}
type CVSSv3 ¶
type CVSSv3 struct {
ExploitabilityScore string `json:"exploitabilityScore"`
AvailabilityImpact string `json:"availabilityImpact"`
BaseScore float64 `json:"baseScore"`
PrivilegesRequired string `json:"privilegesRequired"`
UserInteraction string `json:"userInteraction"`
Version string `json:"version"`
BaseSeverity string `json:"baseSeverity"`
ConfidentialityImpact string `json:"confidentialityImpact"`
AttackComplexity string `json:"attackComplexity"`
Scope string `json:"scope"`
AttackVector string `json:"attackVector"`
IntegrityImpact string `json:"integrityImpact"`
ImpactScore string `json:"impactScore"`
}
type Dependency ¶
type Dependency struct {
Sha1 string `json:"sha1"`
FileName string `json:"fileName"`
ProjectReferences []string `json:"projectReferences"`
Sha256 string `json:"sha256"`
VulnerabilityIDs []struct {
Confidence string `json:"confidence"`
ID string `json:"id"`
Url string `json:"url"`
} `json:"vulnerabilityIds"`
FilePath string `json:"filePath"`
Description string `json:"description"`
Vulnerabilities []Vulnerability `json:"vulnerabilities"`
IsVirtual bool `json:"isVirtual"`
EvidenceCollected struct {
ProductEvidence []struct {
Confidence string `json:"confidence"`
Name string `json:"name"`
Source string `json:"source"`
Type string `json:"type"`
Value string `json:"value"`
} `json:"productEvidence"`
VendorEvidence []struct {
Confidence string `json:"confidence"`
Name string `json:"name"`
Source string `json:"source"`
Type string `json:"type"`
Value string `json:"value"`
} `json:"vendorEvidence"`
VersionEvidence []struct {
Confidence string `json:"confidence"`
Name string `json:"name"`
Source string `json:"source"`
Type string `json:"type"`
Value string `json:"value"`
} `json:"versionEvidence"`
} `json:"evidenceCollected"`
Packages []struct {
Confidence string `json:"confidence"`
ID string `json:"id"`
Url string `json:"url"`
} `json:"packages"`
Md5 string `json:"md5"`
}
type Maven ¶ added in v0.3.5
type Maven struct {
POM string
// contains filtered or unexported fields
}
func (Maven) DependencyTree ¶ added in v0.3.5
func (m Maven) DependencyTree() (api.DependencyTree, error)
func (Maven) IsMultiModules ¶ added in v0.4.0
func (Maven) StageUpdate ¶ added in v0.3.5
func (Maven) SubModule ¶ added in v0.4.0
func (m Maven) SubModule(moduleGAV string) (api.DependencyManager, error)
func (Maven) UpdateDependency ¶ added in v0.3.5
func (m Maven) UpdateDependency(dep api.DependencyTreeNode) (string, error)
type Opts ¶
type Opts struct {
Output io.WriteCloser
DependencyCheckProps []string
}
type Vulnerability ¶
type Vulnerability struct {
Severity string `json:"severity"`
Notes string `json:"notes"`
References []struct {
Name string `json:"name"`
Source string `json:"source"`
Url string `json:"url"`
} `json:"references"`
Name string `json:"name"`
Description string `json:"description"`
Source string `json:"source"`
Cvssv2 CVSSv2 `json:"cvssv2"`
Cvssv3 CVSSv3 `json:"cvssv3"`
Cwes []string `json:"cwes"`
VulnerableSoftware []struct {
Software struct {
VersionEndIncluding string `json:"versionEndIncluding"`
ID string `json:"id"`
VulnerabilityIDMatched string `json:"vulnerabilityIdMatched"`
} `json:"software"`
} `json:"vulnerableSoftware"`
}
type VulnerabilityReport ¶
type VulnerabilityReport struct {
ProjectInfo struct {
ReportDate string `json:"reportDate"`
//Credits struct {
// RETIREJS string `json:"RETIREJS"`
// NPM string `json:"NPM"`
// NVD string `json:"NVD"`
// OSSINDEX string `json:"OSSINDEX"`
//} `json:"credits"`
GroupID string `json:"groupID"`
Name string `json:"name"`
ArtifactID string `json:"artifactID"`
Version string `json:"version"`
} `json:"projectInfo"`
ReportSchema string `json:"reportSchema"`
ScanInfo struct {
EngineVersion string `json:"engineVersion"`
DataSource []struct {
Name string `json:"name"`
Timestamp string `json:"timestamp"`
} `json:"dataSource"`
} `json:"scanInfo"`
Dependencies []Dependency `json:"dependencies"`
}
func (*VulnerabilityReport) HighOrCritical ¶
func (vr *VulnerabilityReport) HighOrCritical() []Dependency
HighOrCritical returns Dependency with CVSS score greater or equal to 7.0 (HIGH-CRITICAL)
Source Files
Click to show internal directories.
Click to hide internal directories.