// NewDatabase returns a read-only DB containing the provided // txtar-format collection of vulnerability reports. // Each vulnerability report is a YAML file whose format // is defined in golang.org/x/vulndb/doc/format.md. // A report file name must have the id as its base name, // and have .yaml as its extension. // // db, err := NewDatabase(ctx, reports) // ... // defer db.Clean() // client, err := NewClient(db) // ... // // The returned DB's Clean method must be called to clean up the // generated database. func NewDatabase(ctx context.Context, txtarReports []byte) (*DB, error) { … } type DB … // URI returns the file URI that can be used for VULNDB environment // variable. func (db *DB) URI() string { … } // Clean deletes the database. func (db *DB) Clean() error { … } const dbURL … const idDirectory … const cmdModule … const stdModule … // generateDB generates the file-based vuln DB in the directory jsonDir. func generateDB(ctx context.Context, txtarData []byte, jsonDir string, indent bool) error { … } func generateEntries(_ context.Context, archive *txtar.Archive) ([]osv.Entry, error) { … } func writeEntriesByID(idDir string, entries []osv.Entry, indent bool) error { … } func writeJSON(filename string, value any, indent bool) (err error) { … } func jsonMarshal(v any, indent bool) ([]byte, error) { … } // generateOSVEntry create an osv.Entry for a report. In addition to the report, it // takes the ID for the vuln and a URL that will point to the entry in the vuln DB. // It returns the osv.Entry and a list of module paths that the vuln affects. func generateOSVEntry(id, url string, lastModified time.Time, r Report) osv.Entry { … } func AffectedRanges(versions []VersionRange) []osv.Range { … } func toOSVPackages(pkgs []*Package) (imps []osv.Package) { … } func toAffected(m *Module) osv.Affected { … }
Codebase Browser
gotools