analysisrequest

package
v0.0.0-...-8b8482c Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 8, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

README

Analysis Request

This package provides a way to create the request to analyze a package.

Installation

go get github.com/listendev/pkg/analysisrequest

Usage

Unmarshal a request from JSON
package main

import (
	"github.com/davecgh/go-spew/spew"
	"github.com/listendev/pkg/analysisrequest"
	"github.com/listendev/pkg/npm"
	"github.com/listendev/pkg/observability"
)

func main() {
	arJSON := `{"type": "urn:scheduler:dynamic!npm,install.json", "snowflake_id": "1524854487523524608", "name": "chalk"}`
	// you can use the observability package to create a context with tracing and logging here
	ctx := observability.NewNopContext()
	arbuilder, _ := analysisrequest.NewBuilder(ctx)
	regClient, _ := npm.NewNPMRegistryClient(npm.NPMRegistryClientConfig{})
	arbuilder.WithNPMRegistryClient(regClient)
	ar, _ := arbuilder.FromJSON([]byte(arJSON))
	spew.Dump(ar.(analysisrequest.NPM))
}

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrMalfunctioningNPMRegistryClient = errors.New("malfunctioning (no-op or similar) NPM registry client")
	// NPMFillError instances.
	ErrGivenVersionNotFoundOnNPM               = NPMFillError{errors.New("given npm package version not found on npm")}
	ErrGivenShasumDoesntMatchGivenVersionOnNPM = NPMFillError{errors.New("given npm version does not exist on npm with the given shasum")}
)
View Source 
var (
	ErrMalfunctioningPyPiRegistryClient = errors.New("malfunctioning (no-op or similar) PyPi registry client")
	// PyPiFillError instances.
	ErrGivenVersionNotFoundOnPyPi        = PyPiFillError{errors.New("given PyPi package version not found on PyPi")}
	ErrGivenSha256DoesNotMatchOnPyPi     = PyPiFillError{errors.New("given PyPi version does not exist on PyPi with the given sha256 digest")}
	ErrGivenBlake2b256DoesNotMatchOnPyPi = PyPiFillError{errors.New("given PyPi version does not exist on PyPi with the given blake2b256 digest")}
)

Functions

func ComposeAMQPDelivery 

func ComposeAMQPDelivery(a AnalysisRequest) (*amqp.Delivery, error)

func ComposeAMQPPublishing 

func ComposeAMQPPublishing(a AnalysisRequest) (*amqp.Publishing, error)

func GetResultFilesByEcosystem 

func GetResultFilesByEcosystem(eco ecosystem.Ecosystem) map[Type]string

func NewBuilder 

func NewBuilder(ctx context.Context) (*builder, error)

func NewNoOpBuilder 

func NewNoOpBuilder() *noOpBuilder

Types

type Analyser 

type Analyser interface {
	// PackageName returns the name of the package to analyze
	PackageName() string
	// PackageVersion returns the version of the package to analyze
	PackageVersion() string
	// PackageDigest returns the digest of the package to analyze
	PackageDigest() string
}

type AnalysisRequest 

type AnalysisRequest interface {
	BasicAnalysisRequest
	fmt.Stringer
	Publisher
	Deliverer
	Results
	Analyser
}

func NewNOP 

func NewNOP(snowflake string, priority uint8, force bool) AnalysisRequest

func NewNPM 

func NewNPM(request Type, snowflake string, priority uint8, force bool, name, version, digest string) (AnalysisRequest, error)

NewNPM creates an AnalysisRequest for the NPM ecosystem.

func NewPyPi 

func NewPyPi(request Type, snowflake string, priority uint8, force bool, name, version, digest string) (AnalysisRequest, error)

NewPyPi creates an AnalysisRequest for the PyPi ecosystem.

type BasicAnalysisRequest 

type BasicAnalysisRequest interface {
	// Type returns the type of the analysis request
	Type() Type
	// ID returns the snowflake ID of the analysis request
	ID() string
	// Priority returns the priority of the analysis request
	Prio() uint8
	// SetPrio lets the user change the priority of the analysis request
	SetPrio(uint8)
	// MustProcess returns whether the analysis request must be forcibly processed or not
	MustProcess() bool
	// SetForce lets the user change the force attribute of the analysis request
	SetForce(bool)
	// Validate tells whether the analysis request is ok or not
	Validate() error
}

type Builder 

type Builder interface {
	FromJSON([]byte) (AnalysisRequest, error)
}

type Collector 

type Collector string
const (
	NoCollector                     Collector = "nop"
	DynamicInstrumentationCollector Collector = "dynamic"
	AdvisoryCollector               Collector = "advisory"
	AICollector                     Collector = "ai"
	TyposquatCollector              Collector = "typosquat"
	MetadataCollector               Collector = "metadata"
	StaticAnalysisCollector         Collector = "static"
)

type Deliverer 

type Deliverer interface {
	Delivery() (*amqp.Delivery, error)
}

type Framework 

type Framework string
const (
	None      Framework = "nop"
	Scheduler Framework = "scheduler"
	Hoarding  Framework = "hoarding"
)

type NOP 

type NOP struct {
	// contains filtered or unexported fields
}

func (NOP) Delivery 

func (a NOP) Delivery() (*amqp.Delivery, error)

func (NOP) HasEcosystem 

func (arb NOP) HasEcosystem() bool

func (NOP) ID 

func (arb NOP) ID() string

func (NOP) MustProcess 

func (arb NOP) MustProcess() bool

func (NOP) PackageDigest 

func (a NOP) PackageDigest() string

func (NOP) PackageName 

func (a NOP) PackageName() string

func (NOP) PackageVersion 

func (a NOP) PackageVersion() string

func (NOP) Prio 

func (arb NOP) Prio() uint8

func (NOP) Publishing 

func (a NOP) Publishing() (*amqp.Publishing, error)

func (NOP) ResultsPath 

func (a NOP) ResultsPath() ResultUploadPath

func (*NOP) SetForce 

func (arb *NOP) SetForce(force bool)

func (*NOP) SetPrio 

func (arb *NOP) SetPrio(p uint8)

func (NOP) String 

func (a NOP) String() string

func (NOP) Type 

func (arb NOP) Type() Type

func (*NOP) UnmarshalJSON 

func (a *NOP) UnmarshalJSON(data []byte) error

func (NOP) Validate 

func (a NOP) Validate() error

type NPM 

type NPM struct {
	// contains filtered or unexported fields
}

func (NPM) Delivery 

func (arn NPM) Delivery() (*amqp.Delivery, error)

func (NPM) HasEcosystem 

func (arb NPM) HasEcosystem() bool

func (NPM) ID 

func (arb NPM) ID() string

func (NPM) MustProcess 

func (arb NPM) MustProcess() bool

func (NPM) PackageDigest 

func (arn NPM) PackageDigest() string

func (NPM) PackageName 

func (arn NPM) PackageName() string

func (NPM) PackageVersion 

func (arn NPM) PackageVersion() string

func (NPM) Prio 

func (arb NPM) Prio() uint8

func (NPM) Publishing 

func (arn NPM) Publishing() (*amqp.Publishing, error)

func (NPM) ResultsPath 

func (arn NPM) ResultsPath() ResultUploadPath

func (*NPM) SetForce 

func (arb *NPM) SetForce(force bool)

func (*NPM) SetPrio 

func (arb *NPM) SetPrio(p uint8)

func (NPM) String 

func (arn NPM) String() string

func (NPM) Switch 

func (arn NPM) Switch(t Type) (AnalysisRequest, error)

func (NPM) Type 

func (arb NPM) Type() Type

func (*NPM) UnmarshalJSON 

func (arn *NPM) UnmarshalJSON(data []byte) error

func (NPM) Validate 

func (arn NPM) Validate() error

type NPMFillError 

type NPMFillError struct {
	Err error
}

func (NPMFillError) Error 

func (e NPMFillError) Error() string

type Publisher 

type Publisher interface {
	Publishing() (*amqp.Publishing, error)
}

type PyPi 

type PyPi struct {
	// contains filtered or unexported fields
}

func (PyPi) Delivery 

func (arp PyPi) Delivery() (*amqp.Delivery, error)

func (PyPi) HasEcosystem 

func (arb PyPi) HasEcosystem() bool

func (PyPi) ID 

func (arb PyPi) ID() string

func (PyPi) MustProcess 

func (arb PyPi) MustProcess() bool

func (PyPi) PackageDigest 

func (arp PyPi) PackageDigest() string

func (PyPi) PackageName 

func (arp PyPi) PackageName() string

func (PyPi) PackageVersion 

func (arp PyPi) PackageVersion() string

func (PyPi) Prio 

func (arb PyPi) Prio() uint8

func (PyPi) Publishing 

func (arp PyPi) Publishing() (*amqp.Publishing, error)

func (PyPi) ResultsPath 

func (arp PyPi) ResultsPath() ResultUploadPath

func (*PyPi) SetForce 

func (arb *PyPi) SetForce(force bool)

func (*PyPi) SetPrio 

func (arb *PyPi) SetPrio(p uint8)

func (PyPi) String 

func (arp PyPi) String() string

func (PyPi) Type 

func (arb PyPi) Type() Type

func (*PyPi) UnmarshalJSON 

func (arp *PyPi) UnmarshalJSON(data []byte) error

func (PyPi) Validate 

func (arp PyPi) Validate() error

type PyPiFillError 

type PyPiFillError struct {
	Err error
}

func (PyPiFillError) Error 

func (e PyPiFillError) Error() string

type ResultUploadPath 

type ResultUploadPath []string

func ComposeResultUploadPath 

func ComposeResultUploadPath(a AnalysisRequest) ResultUploadPath

func (ResultUploadPath) Key 

func (r ResultUploadPath) Key() string

Key returns a path-like key.

type Results 

type Results interface {
	// ResultsPath returns the upload path of the analysis request result
	ResultsPath() ResultUploadPath
}

type Type 

type Type int
const (
	Nop Type = iota + 1
	NPMInstallWhileDynamicInstrumentation
	NPMAdvisory
	NPMInstallWhileDynamicInstrumentationAIEnriched

	NPMTyposquat
	NPMMetadataEmptyDescription
	NPMMetadataVersion
	NPMMetadataMaintainersEmailCheck
	NPMMetadataMismatches

	NPMStaticAnalysisEnvExfiltration Type = iota + 9 // 18 // Do not forget to specify the type Type when using iota to reserve space for previous types
	NPMStaticAnalysisDetachedProcessExecution
	NPMStaticAnalysisShadyLinks
	NPMStaticAnalysisEvalBase64
	NPMStaticAnalysisInstallScript
	NPMStaticNonRegistryDependency

	PypiTyposquat                     Type = iota + 990 // 1005
	PypiMetadataMaintainersEmailCheck Type = iota + 992 // 1008

	PypiStaticAnalysisEnvExfiltration Type = iota + 1001 // 1018
	PypiStaticAnalysisDetachedProcessExecution
	PypiStaticAnalysisShadyLinks
	PypiStaticAnalysisEvalBase64
	PypiStaticAnalysisCodeExecutionAtSetup
	PypiStaticNonRegistryDependency
)

Those are the constants representing the analysis request types.

When adding a new one append it after the existing ones (before the _maxType constant).

func GetTypeForEcosystemFromResultFile 

func GetTypeForEcosystemFromResultFile(eco ecosystem.Ecosystem, filename string) (Type, error)

func GetTypesFromResultFile 

func GetTypesFromResultFile(filename string) ([]Type, error)

func LastType 

func LastType() Type

func ToType 

func ToType(s string) (Type, error)

func Types 

func Types() []Type

func (Type) Components 

func (t Type) Components() TypeComponents

func (Type) HasEcosystem 

func (t Type) HasEcosystem() bool

func (Type) MarshalJSON 

func (t Type) MarshalJSON() ([]byte, error)

func (Type) Parent 

func (t Type) Parent() (Type, error)

func (Type) String 

func (t Type) String() string

func (Type) ToURN 

func (t Type) ToURN() *urn.URN

func (*Type) UnmarshalJSON 

func (t *Type) UnmarshalJSON(data []byte) error

type TypeComponents 

type TypeComponents struct {
	Framework       Framework
	Collector       Collector
	CollectorAction string
	Ecosystem       ecosystem.Ecosystem
	EcosystemAction string
	Format          string
	Parent          *TypeComponents
}

func (TypeComponents) HasCollectorAction 

func (c TypeComponents) HasCollectorAction() bool

func (TypeComponents) HasEcosystem 

func (c TypeComponents) HasEcosystem() bool

func (TypeComponents) HasEcosystemAction 

func (c TypeComponents) HasEcosystemAction() bool

func (TypeComponents) HasFormat 

func (c TypeComponents) HasFormat() bool

func (TypeComponents) ResultFile 

func (c TypeComponents) ResultFile() string

ResultFile returns the filename of the result file for the current Components.

Note it tries to always use characters safe for S3 keys (see https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html).

func (TypeComponents) ToURN 

func (c TypeComponents) ToURN() *urn.URN

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.