Documentation
¶
Index ¶
- func WithBackend(tb api.TriageBackend) initFunc
- func WithPublisher(p api.VexPublisher) initFunc
- func WithSSH(use bool) initFunc
- func WithScanner(s api.Scanner) initFunc
- type Manager
- func (mgr *Manager) AssembleBranchDocument(branch *api.Branch, subjects ...*gointoto.ResourceDescriptor) (*vex.VEX, error)
- func (mgr *Manager) CloseOpenTriages(triages []*api.Triage) error
- func (mgr *Manager) CreateTriage(branch *api.Branch, vuln *api.Vulnerability) (*api.Triage, error)
- func (mgr *Manager) ListBranchTriages(branch *api.Branch) ([]*api.Triage, error)
- func (mgr *Manager) ListOpenBranchTriages(branch *api.Branch) ([]*api.Triage, error)
- func (m *Manager) LocalRepoToResourceDescriptor(path string) (*gointoto.ResourceDescriptor, error)
- func (mgr *Manager) PublishStatements(triages []*api.Triage) error
- func (m *Manager) ScanBranchCode(branch *api.Branch) ([]*api.Vulnerability, error)
- func (mgr *Manager) ScanRemoteBranch(branch *api.Branch) ([]*api.Vulnerability, error)
- func (mgr *Manager) UpdateBranchFlow(branch *api.Branch) error
- func (mgr *Manager) UpdateBranchFlowWithScan(branch *api.Branch) error
- func (m *Manager) VulnsToAttestation(subject *gointoto.ResourceDescriptor, vulns []*api.Vulnerability) (attestation.Statement, error)
- func (m *Manager) VulnsToOSV(vulns []*api.Vulnerability) (*osv.Results, error)
- type Options
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func WithBackend ¶
func WithBackend(tb api.TriageBackend) initFunc
func WithPublisher ¶
func WithPublisher(p api.VexPublisher) initFunc
func WithScanner ¶
Types ¶
type Manager ¶
type Manager struct {
Options Options
Branches []*api.Branch
// contains filtered or unexported fields
}
Manager is the main object. It handles the lifecycle of a vulnerability's impact on a project
func (*Manager) AssembleBranchDocument ¶
func (mgr *Manager) AssembleBranchDocument(branch *api.Branch, subjects ...*gointoto.ResourceDescriptor) (*vex.VEX, error)
AssembleBranchDocument gathers all VEX data applicable to vulnerabilities present in the branch. This is intended to be run at build time, to compile all exploitability data for the project.
func (*Manager) CloseOpenTriages ¶
func (*Manager) CreateTriage ¶
CreateTriage opens a new triage process a vulnerability in the specified branch
func (*Manager) ListBranchTriages ¶
func (*Manager) ListOpenBranchTriages ¶
func (*Manager) LocalRepoToResourceDescriptor ¶
func (m *Manager) LocalRepoToResourceDescriptor(path string) (*gointoto.ResourceDescriptor, error)
LocalRepoToResourceDescriptor reads a local repository and returns the
func (*Manager) PublishStatements ¶
PublishStatements generates the VEX documents for the open triages and releases them using the configured publisher.
func (*Manager) ScanBranchCode ¶
func (*Manager) ScanRemoteBranch ¶
ScanRemoteBranch clones a remote repo, scans for vulnerabilities and remove the local copy
func (*Manager) UpdateBranchFlowWithScan ¶
UpdateBranchFlowWithScan updates the flows open at the repository and creates new ones based on the latest vulnerability reports available.
func (*Manager) VulnsToAttestation ¶
func (m *Manager) VulnsToAttestation(subject *gointoto.ResourceDescriptor, vulns []*api.Vulnerability) (attestation.Statement, error)
VulnsToAttestation reads a list of vulnerabilities and generates a
func (*Manager) VulnsToOSV ¶
VulnsToOSV reads a list of vulnerabilities and returns a list of results formateed in the results set from OSV scanner. Note that this only creates the list, the results origin does not get populated.
Source Files