Documentation
¶
Index ¶
- func And(criteria ...vulnerability.Criteria) vulnerability.Criteria
- func ByCPE(c cpe.CPE) vulnerability.Criteria
- func ByConstraintFunc(constraintFunc func(constraint version.Constraint) (bool, error)) vulnerability.Criteria
- func ByDistro(d ...distro.Distro) vulnerability.Criteria
- func ByEcosystem(lang syftPkg.Language, t syftPkg.Type) vulnerability.Criteria
- func ByExactDistro(d ...distro.Distro) vulnerability.Criteria
- func ByFixedVersion(v version.Version) vulnerability.Criteria
- func ByFunc(criteriaFunc func(vulnerability.Vulnerability) (bool, string, error)) vulnerability.Criteria
- func ByID(id string) vulnerability.Criteria
- func ByPackageName(packageName string) vulnerability.Criteria
- func ByVersion(v version.Version) vulnerability.Criteria
- func CriteriaIterator(criteria []vulnerability.Criteria) iter.Seq2[int, []vulnerability.Criteria]
- func ForUnaffected() vulnerability.Criteria
- func Or(criteria ...vulnerability.Criteria) vulnerability.Criteria
- func ValidateCriteria(criteria []vulnerability.Criteria) error
- type CPECriteria
- type DistroCriteria
- type EcosystemCriteria
- type IDCriteria
- type PackageNameCriteria
- type UnaffectedCriteria
- type VersionConstraintMatcher
- type VersionCriteria
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func And ¶ added in v0.88.0
func And(criteria ...vulnerability.Criteria) vulnerability.Criteria
func ByCPE ¶
func ByCPE(c cpe.CPE) vulnerability.Criteria
ByCPE returns criteria which will search based on any of the provided CPEs
func ByConstraintFunc ¶ added in v0.88.0
func ByConstraintFunc(constraintFunc func(constraint version.Constraint) (bool, error)) vulnerability.Criteria
ByConstraintFunc returns criteria which will use the provided function as inclusion criteria
func ByDistro ¶
func ByDistro(d ...distro.Distro) vulnerability.Criteria
ByDistro returns criteria which will match vulnerabilities based on any of the provided Distros
func ByEcosystem ¶ added in v0.88.0
ByEcosystem returns criteria which will search based on the package Language and or package type
func ByExactDistro ¶ added in v0.102.0
func ByExactDistro(d ...distro.Distro) vulnerability.Criteria
ByExactDistro returns criteria which will match vulnerabilities based on any of the provided Distros without applying alias mappings. This is useful when you need to find records specific to a distro that would normally be aliased to another (e.g., AlmaLinux-specific records vs RHEL records).
func ByFixedVersion ¶ added in v0.97.1
func ByFixedVersion(v version.Version) vulnerability.Criteria
ByFixedVersion returns criteria which constrains vulnerabilities to those that are fixed based on the provided version, in other words: vulnerabilities where the fix version is less than v
func ByFunc ¶ added in v0.88.0
func ByFunc(criteriaFunc func(vulnerability.Vulnerability) (bool, string, error)) vulnerability.Criteria
ByFunc returns criteria which will use the provided function to filter vulnerabilities
func ByID ¶ added in v0.88.0
func ByID(id string) vulnerability.Criteria
ByID returns criteria to search by vulnerability ID, such as CVE-2024-9143
func ByPackageName ¶ added in v0.88.0
func ByPackageName(packageName string) vulnerability.Criteria
ByPackageName returns criteria restricting vulnerabilities to match the package name provided
func ByVersion ¶ added in v0.88.0
func ByVersion(v version.Version) vulnerability.Criteria
ByVersion returns criteria which constrains vulnerabilities to those with matching version constraints
func CriteriaIterator ¶ added in v0.88.0
func CriteriaIterator(criteria []vulnerability.Criteria) iter.Seq2[int, []vulnerability.Criteria]
CriteriaIterator processes all conditions into distinct sets of flattened criteria
func ForUnaffected ¶ added in v0.100.0
func ForUnaffected() vulnerability.Criteria
ForUnaffected returns criteria which will cause the search to be against unaffected packages / vulnerabilities.
func Or ¶ added in v0.88.0
func Or(criteria ...vulnerability.Criteria) vulnerability.Criteria
func ValidateCriteria ¶ added in v0.88.0
func ValidateCriteria(criteria []vulnerability.Criteria) error
ValidateCriteria asserts that there are no incorrect duplications of criteria e.g. multiple ByPackageName() which would result in no matches, while Or(pkgName1, pkgName2) is allowed
Types ¶
type CPECriteria ¶ added in v0.88.0
func (*CPECriteria) MatchesVulnerability ¶ added in v0.88.0
func (v *CPECriteria) MatchesVulnerability(vuln vulnerability.Vulnerability) (bool, string, error)
func (*CPECriteria) Summarize ¶ added in v0.88.0
func (v *CPECriteria) Summarize() string
type DistroCriteria ¶ added in v0.88.0
type DistroCriteria struct {
Distros []distro.Distro
Exact bool // if true, disable alias mappings (e.g., AlmaLinux -> RHEL)
}
func (*DistroCriteria) MatchesVulnerability ¶ added in v0.88.0
func (c *DistroCriteria) MatchesVulnerability(value vulnerability.Vulnerability) (bool, string, error)
func (*DistroCriteria) Summarize ¶ added in v0.88.0
func (c *DistroCriteria) Summarize() string
type EcosystemCriteria ¶ added in v0.88.0
func (*EcosystemCriteria) MatchesVulnerability ¶ added in v0.88.0
func (c *EcosystemCriteria) MatchesVulnerability(value vulnerability.Vulnerability) (bool, string, error)
type IDCriteria ¶ added in v0.88.0
type IDCriteria struct {
ID string
}
IDCriteria is able to match vulnerabilities to the assigned ID, such as CVE-2024-1000 or GHSA-g2x7-ar59-85z5
func (*IDCriteria) MatchesVulnerability ¶ added in v0.88.0
func (v *IDCriteria) MatchesVulnerability(vuln vulnerability.Vulnerability) (bool, string, error)
type PackageNameCriteria ¶ added in v0.88.0
type PackageNameCriteria struct {
PackageName string
}
func (*PackageNameCriteria) MatchesVulnerability ¶ added in v0.88.0
func (v *PackageNameCriteria) MatchesVulnerability(vuln vulnerability.Vulnerability) (bool, string, error)
type UnaffectedCriteria ¶ added in v0.100.0
type UnaffectedCriteria struct {
UnaffectedValue bool
}
func (*UnaffectedCriteria) MatchesVulnerability ¶ added in v0.100.0
func (c *UnaffectedCriteria) MatchesVulnerability(v vulnerability.Vulnerability) (bool, string, error)
type VersionConstraintMatcher ¶ added in v0.88.0
type VersionConstraintMatcher interface {
MatchesConstraint(constraint version.Constraint) (bool, error)
}
VersionConstraintMatcher is used for searches which include version.Constraints; this should be used instead of post-filtering vulnerabilities in order to most efficiently hydrate data in memory
func MultiConstraintMatcher ¶ added in v0.88.0
func MultiConstraintMatcher(a, b VersionConstraintMatcher) VersionConstraintMatcher
type VersionCriteria ¶ added in v0.97.0
func (VersionCriteria) MatchesConstraint ¶ added in v0.97.0
func (v VersionCriteria) MatchesConstraint(constraint version.Constraint) (bool, error)
func (VersionCriteria) MatchesVulnerability ¶ added in v0.97.0
func (v VersionCriteria) MatchesVulnerability(value vulnerability.Vulnerability) (bool, string, error)
Source Files