Documentation ¶
Overview ¶
Package ghsarepo provides a client and utilities for reading GitHub security advisories directly from the Git repo https://github.com/github/advisory-database.
This allows us to read GHSAs in OSV format instead of the SecurityAdvisory format output by the GraphQL API.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
func NewClient ¶
NewClient returns a client to read from the GHSA database. It clones the Git repo at https://github.com/github/advisory-database, which can take around ~20 seconds.
func NewClientFromRepo ¶
NewClient returns a client that reads from the GHSA database in the given repo, which must follow the structure of https://github.com/github/advisory-database.
func (*Client) ByCVE ¶
func (c *Client) ByCVE(cve string) []*genericosv.Entry
ByCVE returns the genericosv.Entry entries for the given CVE, or nil if none exist.
func (*Client) ByGHSA ¶
func (c *Client) ByGHSA(ghsa string) *genericosv.Entry
ByGHSA returns the genericosv.Entry entry for the given GHSA, or nil if none exists.
func (*Client) List ¶
func (c *Client) List() []*genericosv.Entry
List returns all the genericosv.Entry entries in the GHSA database.