Documentation
¶
Overview ¶
Package osvdev queries the OSV.dev API to find vulnerabilities in the inventory packages
Index ¶
Constants ¶
const (
// Name is the unique name of this Enricher.
Name = "vulnmatch/osvdev"
)
Variables ¶
var ErrInitialQueryTimeout = errors.New("initialQueryTimeout reached")
ErrInitialQueryTimeout is returned if the initial query to OSV.dev partially fails due to timeout
Functions ¶
func NewDefault ¶
NewDefault creates a new Enricher with the default configuration and OSV.dev client
Types ¶
type Client ¶
type Client interface {
osvdevexperimental.OSVClientInterface
GetVulnByID(ctx context.Context, id string) (*osvpb.Vulnerability, error)
}
Client is an interface that provides an abstraction on top of the OSV.dev client.
type Enricher ¶
type Enricher struct {
// contains filtered or unexported fields
}
Enricher queries the OSV.dev API to find vulnerabilities in the inventory packages
func (*Enricher) Enrich ¶
func (e *Enricher) Enrich(ctx context.Context, _ *enricher.ScanInput, inv *inventory.Inventory) error
Enrich queries the OSV.dev API to find vulnerabilities in the inventory packages
func (Enricher) RequiredPlugins ¶
RequiredPlugins returns the plugins that are required to be enabled for this Enricher to run. While it works on the results of other extractors, the Enricher itself can run independently.
func (Enricher) Requirements ¶
func (Enricher) Requirements() *plugin.Capabilities
Requirements of the Enricher. Needs network access so it can query the osv.dev api
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package fakeclient contains a mock implementation of the OSV.dev client for testing purposes.
|
Package fakeclient contains a mock implementation of the OSV.dev client for testing purposes. |