enricherlist

package

v0.4.4 Latest Latest Go to latest Published: Feb 23, 2026 License: Apache-2.0, BSD-3-Clause, MIT Imports: 63 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/google/osv-scalibr

Links

Documentation ¶

Overview ¶

Package enricherlist provides methods to initialize enrichers from attributes like names or capabilities.

Index ¶

Variables
func EnricherFromName(name string, cfg *cpb.PluginConfig) (enricher.Enricher, error)
func EnrichersFromName(name string, cfg *cpb.PluginConfig) ([]enricher.Enricher, error)
type InitFn
type InitMap

Constants ¶

This section is empty.

Variables ¶

View Source

var (

	// LayerDetails enrichers.
	LayerDetails = InitMap{
		baseimage.Name: {noCFG(baseimage.NewDefault)},
	}

	// License enrichers.
	License = InitMap{
		license.Name: {noCFG(license.New)},
	}

	// VulnMatching enrichers.
	VulnMatching = InitMap{
		osvdev.Name:   {noCFG(osvdev.NewDefault)},
		osvlocal.Name: {osvlocal.New},
	}

	// VEX related enrichers.
	VEX = InitMap{
		filter.Name: {noCFG(filter.New)},
	}

	// SecretsValidate lists secret validators.
	SecretsValidate = initMapFromVelesPlugins([]velesPlugin{
		fromVeles(anthropicapikey.NewWorkspaceValidator(), "secrets/anthropicapikeyworkspacevalidate", 0),
		fromVeles(anthropicapikey.NewModelValidator(), "secrets/anthropicapikeymodelvalidate", 0),
		fromVeles(digitaloceanapikey.NewValidator(), "secrets/digitaloceanapikeyvalidate", 0),
		fromVeles(elasticcloudapikey.NewValidator(), "secrets/elasticcloudapikeyvalidate", 0),
		fromVeles(pypiapitoken.NewValidator(), "secrets/pypiapitokenvalidate", 0),
		fromVeles(sendgrid.NewValidator(), "secrets/sendgridvalidate", 0),
		fromVeles(cratesioapitoken.NewValidator(), "secrets/cratesioapitokenvalidate", 0),
		fromVeles(npmjsaccesstoken.NewValidator(), "secrets/npmjsaccesstokenvalidate", 0),
		fromVeles(slacktoken.NewAppLevelTokenValidator(), "secrets/slackappleveltokenvalidate", 0),
		fromVeles(slacktoken.NewAppConfigRefreshTokenValidator(), "secrets/slackconfigrefreshtokenvalidate", 0),
		fromVeles(slacktoken.NewAppConfigAccessTokenValidator(), "secrets/slackconfigaccesstokenvalidate", 0),
		fromVeles(dockerhubpat.NewValidator(), "secrets/dockerhubpatvalidate", 0),
		fromVeles(cloudflareapitoken.NewValidator(), "secrets/cloudflareapitokenvalidate", 0),
		fromVeles(denopat.NewUserTokenValidator(), "secrets/denopatuservalidate", 0),
		fromVeles(denopat.NewOrgTokenValidator(), "secrets/denopatorgvalidate", 0),
		fromVeles(gcpsak.NewValidator(), "secrets/gcpsakvalidate", 0),
		fromVeles(gitlabpat.NewValidator(), "secrets/gitlabpatvalidate", 0),
		fromVeles(grokxaiapikey.NewAPIValidator(), "secrets/grokxaiapikeyvalidate", 0),
		fromVeles(grokxaiapikey.NewManagementAPIValidator(), "secrets/grokxaimanagementkeyvalidate", 0),
		fromVelesWithCfg(hashicorp.NewTokenValidatorEnricher, "secrets/hashicorpvaulttokenvalidate"),
		fromVelesWithCfg(hashicorp.NewAppRoleValidatorEnricher, "secrets/hashicorpvaultapprolevalidate"),
		fromVeles(hcp.NewClientCredentialsValidator(), "secrets/hcpclientcredentialsvalidate", 0),
		fromVeles(hcp.NewAccessTokenValidator(), "secrets/hcpaccesstokenvalidate", 0),
		fromVeles(huggingfaceapikey.NewValidator(), "secrets/huggingfaceapikeyvalidate", 0),
		fromVeles(mistralapikey.NewValidator(), "secrets/mistralapikeyvalidate", 0),
		fromVeles(openai.NewProjectValidator(), "secrets/openaivalidate", 0),
		fromVeles(openrouter.NewValidator(), "secrets/openroutervalidate", 0),
		fromVeles(circleci.NewPersonalAccessTokenValidator(), "secrets/circlecipatvalidate", 0),
		fromVeles(circleci.NewProjectTokenValidator(), "secrets/circleciprojectvalidate", 0),
		fromVeles(perplexityapikey.NewValidator(), "secrets/perplexityapikeyvalidate", 0),
		fromVeles(postmanapikey.NewAPIValidator(), "secrets/postmanapikeyvalidate", 0),
		fromVeles(postmanapikey.NewCollectionValidator(), "secrets/postmancollectiontokenvalidate", 0),
		fromVeles(github.NewAppS2STokenValidator(), "secrets/githubapps2stokenvalidate", 0),
		fromVeles(github.NewAppU2STokenValidator(), "secrets/githubappu2stokenvalidate", 0),
		fromVeles(github.NewOAuthTokenValidator(), "secrets/githuboauthtokenvalidate", 0),
		fromVeles(github.NewClassicPATValidator(), "secrets/githubclassicpatvalidate", 0),
		fromVeles(github.NewFineGrainedPATValidator(), "secrets/githubfinegrainedpatvalidate", 0),
		fromVeles(stripeapikeys.NewSecretKeyValidator(), "secrets/stripesecretkeyvalidate", 0),
		fromVeles(stripeapikeys.NewRestrictedKeyValidator(), "secrets/striperestrictedkeyvalidate", 0),
		fromVeles(squareapikey.NewPersonalAccessTokenValidator(), "secrets/squarepersonalaccesstokenvalidate", 0),
		fromVeles(squareapikey.NewOAuthApplicationSecretValidator(), "secrets/squareoauthapplicationsecretvalidate", 0),
		fromVeles(gcpoauth2access.NewValidator(), "secrets/gcpoauth2accesstokenvalidate", 0),
		fromVeles(paystacksecretkey.NewValidator(), "secrets/paystacksecretkeyvalidate", 0),
		fromVeles(herokuplatformkey.NewValidator(), "secrets/herokuplatformkeykeyvalidate", 0),
		fromVeles(gcshmackey.NewValidator(), "secrets/gcshmackeyvalidate", 0),
		fromVeles(awsaccesskey.NewValidator(), "secrets/awsaccesskeyvalidate", 0),
		fromVeles(codecatalyst.NewValidator(), "secrets/codecatalystcredentialsvalidate", 0),
		fromVeles(codecommit.NewValidator(), "secrets/codecommitcredentialsvalidate", 0),
		fromVeles(bitbucket.NewValidator(), "secrets/bitbucketcredentialsvalidate", 0),
		fromVeles(urlcreds.NewValidator(), "secrets/urlcredsvalidate", 0),
		fromVeles(telegrambotapitoken.NewValidator(), "secrets/telegrombotapitokenvalidate", 0),
		fromVeles(salesforceoauth2access.NewValidator(), "secrets/salesforceoauth2accessvalidate", 0),
		fromVeles(salesforceoauth2client.NewValidator(), "secrets/salesforceoauth2clientvalidate", 0),
		fromVeles(salesforceoauth2refresh.NewValidator(), "secrets/salesforceoauth2refreshvalidate", 0),
		fromVeles(salesforceoauth2jwt.NewValidator(), "secrets/salesforceoauth2jwtvalidate", 0),
		fromVeles(cursorapikey.NewValidator(), "secrets/cursorapikeyvalidate", 0),
	})

	// SecretsEnrich lists enrichers that add data to detected secrets.
	SecretsEnrich = InitMap{
		hcpidentity.Name:      {noCFG(hcpidentity.New)},
		herokuexpiration.Name: {noCFG(herokuexpiration.New)},
	}

	// HuggingfaceMeta enricher.
	HuggingfaceMeta = InitMap{
		huggingfacemeta.Name: {noCFG(huggingfacemeta.New)},
	}

	// Reachability enrichers.
	Reachability = InitMap{
		java.Name:       {noCFG(java.NewDefault)},
		govcsource.Name: {govcsource.New},
		rust.Name:       {rust.New},
	}

	// TransitiveDependency enrichers.
	TransitiveDependency = InitMap{
		requirements.Name: {requirements.New},
		pomxml.Name:       {pomxml.New},
	}

	// PackageDeprecation enricher.
	PackageDeprecation = InitMap{
		packagedeprecation.Name: {packagedeprecation.New},
	}

	// FFA enrichers.
	FFA = InitMap{
		baseimage.Name:     {noCFG(baseimage.NewDefault)},
		baseimageattr.Name: {baseimageattr.New},
	}

	// Default enrichers.
	Default = concat()

	// All enrichers.
	All = concat(
		LayerDetails,
		VulnMatching,
		VEX,
		SecretsValidate,
		SecretsEnrich,
		HuggingfaceMeta,
		License,
		Reachability,
		TransitiveDependency,
		PackageDeprecation,
		FFA,
	)
)

Functions ¶

func EnricherFromName ¶ added in v0.3.1

func EnricherFromName(name string, cfg *cpb.PluginConfig) (enricher.Enricher, error)

EnricherFromName returns a single enricher based on its exact name.

func EnrichersFromName ¶ added in v0.3.1

func EnrichersFromName(name string, cfg *cpb.PluginConfig) ([]enricher.Enricher, error)

EnrichersFromName returns a list of enrichers from a name.

Types ¶

type InitFn ¶

type InitFn func(cfg *cpb.PluginConfig) (enricher.Enricher, error)

InitFn is the enricher initializer function.

type InitMap ¶

type InitMap map[string][]InitFn

InitMap is a map of names to enricher initializer functions.

Source Files ¶

View all Source files

list.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL