Documentation
¶
Index ¶
Constants ¶
const DisableVulnBotTopicKeyword = "disable-vulnbot"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type DataSource ¶
type DataSource interface {
CollectFindings(
*ProjectCollection,
*sync.WaitGroup,
) error
}
A DataSource represents an single source (service) for discovering projects and their associated findings.
CollectFindings must add all discovered projects and findings to the shared ProjectCollection object, using the ProjectCollection.GetProject and Project.GetFinding methods. These handle all necessary locking and merging of data between data sources, as they will all be processing their data simultaneously.
Upon completion of collection, CollectFindings must call `Done()` on the sync.WaitGroup, to indicate it is done.
type Finding ¶
type Finding struct {
Identifiers FindingIdentifierMap
Ecosystem configs.FindingEcosystemType
Severity configs.FindingSeverityType
Description string
PackageName string
// contains filtered or unexported fields
}
A Finding represents a single finding / vulnerability in a project. For example, a CVE. A Project must never have duplicates of the same Finding.
type FindingIdentifierMap ¶
type FindingIdentifierMap map[FindingIdentifierType]string
type FindingIdentifierType ¶
type FindingIdentifierType string
const ( FindingIdentifierCVE FindingIdentifierType = "CVE" FindingIdentifierGHSA FindingIdentifierType = "GHSA" )
type GithubDataSource ¶
type GithubDataSource struct {
GhClient githubClient
// contains filtered or unexported fields
}
GithubDataSource is used to pull Dependabot alerts for an individual organization.
func NewGithubDataSource ¶
func NewGithubDataSource(conf *configs.Config) GithubDataSource
func (*GithubDataSource) CollectFindings ¶
func (gh *GithubDataSource) CollectFindings(projects *ProjectCollection, wg *sync.WaitGroup) error
type Project ¶
type Project struct {
Name string
Findings []*Finding
Link string
Owners mapset.Set[configs.TeamConfig]
// contains filtered or unexported fields
}
A Project represents a single project which contains findings.
Examples of a Project would be a GitHub repository, or an Amazon ECR image.
Links represents where the Project can be found. For example, if a Project exists in a GitHub repository, then it would contain a Links entry with a key of "GitHub" and value of "https://github.com/org-name/project-name". These links are meant to be displayed out by reporters, to give users quick access to the projects and their findings.
func NewProject ¶
NewProject returns a new, empty project with no links or findings.
func (*Project) GetFinding ¶
func (p *Project) GetFinding(identifiers FindingIdentifierMap) *Finding
GetFinding returns the specified finding from the project, based on the identifiers. If such a finding does not yet exist, it is created and added to the project.
type ProjectCollection ¶
type ProjectCollection struct {
Projects []*Project
// contains filtered or unexported fields
}
func NewProjectCollection ¶
func NewProjectCollection() *ProjectCollection
NewProjectCollection returns a new, empty ProjectCollection object.
func (*ProjectCollection) GetProject ¶
func (c *ProjectCollection) GetProject(name string) *Project
GetProject returns the project with the specified name from the collection. If such a project does not yet exist, it is created and added to the collection.
Source Files