Documentation
¶
Overview ¶
Package guidedremediation provides vulnerability fixing through dependency updates in manifest and lockfiles.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FixVulns ¶
func FixVulns(opts options.FixVulnsOptions) (result.Result, error)
FixVulns remediates vulnerabilities in the manifest/lockfile using a remediation strategy, which are specified in the RemediationOptions. FixVulns will overwrite the manifest/lockfile(s) on disk with the dependencies patched to remove vulnerabilities. It also returns a Result describing the changes made.
func FixVulnsInteractive ¶ added in v0.3.0
func FixVulnsInteractive(opts options.FixVulnsOptions, detailsRenderer VulnDetailsRenderer) error
FixVulnsInteractive launches the guided remediation interactive TUI. detailsRenderer is used to render the markdown details of vulnerabilities, if nil, a fallback renderer is used.
Types ¶
type VulnDetailsRenderer ¶ added in v0.3.0
type VulnDetailsRenderer components.DetailsRenderer
VulnDetailsRenderer provides a Render function for the markdown details of a vulnerability.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
internal
|
|
|
lockfile
Package lockfile provides methods for parsing and writing lockfiles.
|
Package lockfile provides methods for parsing and writing lockfiles. |
|
lockfile/npm
Package npm provides the lockfile parsing and writing for the npm package-lock.json format.
|
Package npm provides the lockfile parsing and writing for the npm package-lock.json format. |
|
lockfile/python
Package python provides the lockfile parsing and writing for requirements.txt.
|
Package python provides the lockfile parsing and writing for requirements.txt. |
|
manifest
Package manifest provides methods for parsing and writing manifest files.
|
Package manifest provides methods for parsing and writing manifest files. |
|
manifest/maven
Package maven provides the manifest parsing and writing for the Maven pom.xml format.
|
Package maven provides the manifest parsing and writing for the Maven pom.xml format. |
|
manifest/npm
Package npm provides the manifest parsing and writing for the npm package.json format.
|
Package npm provides the manifest parsing and writing for the npm package.json format. |
|
manifest/python
Package python provides the manifest parsing and writing for Python requirements.txt.
|
Package python provides the manifest parsing and writing for Python requirements.txt. |
|
matchertest
Package matchertest provides mock matcher for testing.
|
Package matchertest provides mock matcher for testing. |
|
parser
Package parser provides functions for parsing and writing manifest and lockfile files.
|
Package parser provides functions for parsing and writing manifest and lockfile files. |
|
remediation
Package remediation has the vulnerability remediation implementations.
|
Package remediation has the vulnerability remediation implementations. |
|
resolution
Package resolution provides dependency graph resolution and vulnerability findings for guided remediation.
|
Package resolution provides dependency graph resolution and vulnerability findings for guided remediation. |
|
severity
Package severity implements severity calculation for OSV records.
|
Package severity implements severity calculation for OSV records. |
|
strategy/common
Package common implements functions common to multiple remediation strategies.
|
Package common implements functions common to multiple remediation strategies. |
|
strategy/inplace
Package inplace implements the in-place remediation strategy.
|
Package inplace implements the in-place remediation strategy. |
|
strategy/override
Package override implements the override remediation strategy.
|
Package override implements the override remediation strategy. |
|
strategy/relax
Package relax implements the relax remediation strategy.
|
Package relax implements the relax remediation strategy. |
|
strategy/relax/relaxer
Package relaxer implements requirement specification relaxation for ecosystems.
|
Package relaxer implements requirement specification relaxation for ecosystems. |
|
suggest
Package suggest provides the functionality to suggest dependency update patch.
|
Package suggest provides the functionality to suggest dependency update patch. |
|
tui/components
Package components contains some TUI components for the guided remediation interactive CLI.
|
Package components contains some TUI components for the guided remediation interactive CLI. |
|
tui/model
Package model provides the program model for the guided remediation interactive tui.
|
Package model provides the program model for the guided remediation interactive tui. |
|
util
Package util implements some utility functions for guided remediation.
|
Package util implements some utility functions for guided remediation. |
|
vulns
Package vulns implements local matching for OSV records.
|
Package vulns implements local matching for OSV records. |
|
Package matcher provides the interface for the vulnerability matcher used by guided remediation.
|
Package matcher provides the interface for the vulnerability matcher used by guided remediation. |
|
Package options has the configuration options for guided remediation.
|
Package options has the configuration options for guided remediation. |
|
Package result defines the remediation result structs
|
Package result defines the remediation result structs |
|
Package strategy provides the guided remediation strategies.
|
Package strategy provides the guided remediation strategies. |
|
Package upgrade provides the configuration for the allowable package upgrade levels for remediation.
|
Package upgrade provides the configuration for the allowable package upgrade levels for remediation. |
Click to show internal directories.
Click to hide internal directories.