deps

package

v0.0.0-...-4695b35 Latest Latest Go to latest Published: Jul 30, 2025 License: GPL-3.0 Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Devang-Solanki/Varunastra

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func IsKnownDependencyFile(fileName string) bool
type Advisory
type AdvisoryDetails
type Dependency
type FileTracker
- func NewFileTracker() *FileTracker
type Response
type VulnIssue
- func HandleDependencyFile(fileName string, tr *tar.Reader) ([]VulnIssue, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var KnownDependencyFiles = []string{
	"package.json",
	"package-lock.json",
	"yarn.lock",
	"Gemfile",
	"Gemfile.lock",
	"requirements.txt",
	"Pipfile",
	"Pipfile.lock",
	"go.mod",
	"go.sum",
}

KnownDependencyFiles lists the files we are interested in for dependency checking

Functions ¶

func IsKnownDependencyFile ¶

func IsKnownDependencyFile(fileName string) bool

isKnownDependencyFile checks if a file is one of the known dependency files

Types ¶

type Advisory ¶

type Advisory struct {
	ID string `json:"id"`
}

type AdvisoryDetails ¶

type AdvisoryDetails struct {
	AdvisoryKey struct {
		ID string `json:"id"`
	} `json:"advisoryKey"`
	URL         string   `json:"url"`
	Title       string   `json:"title"`
	Aliases     []string `json:"aliases"`
	CVSS3Score  float64  `json:"cvss3Score"`
	CVSS3Vector string   `json:"cvss3Vector"`
}

AdvisoryDetails represents detailed information about a security advisory

type Dependency ¶

type Dependency struct {
	Name    string `json:"name"`
	Version string `json:"version"`
}

Dependency represents a single dependency in package.json

type FileTracker ¶

type FileTracker struct {
	// contains filtered or unexported fields
}

func NewFileTracker ¶

func NewFileTracker() *FileTracker

NewFileTracker creates and returns a new FileTracker instance

func (*FileTracker) ClearSeenMap ¶

func (ft *FileTracker) ClearSeenMap()

ClearSeenMap clears the seen map

func (*FileTracker) IsFileSeen ¶

func (ft *FileTracker) IsFileSeen(fileName string) bool

IsFileSeen checks if the specified file has been marked as seen

func (*FileTracker) MarkFileAsSeen ¶

func (ft *FileTracker) MarkFileAsSeen(fileName string)

MarkFileAsSeen marks the specified file as processed

type Response ¶

type Response struct {
	VersionKey struct {
		System  string `json:"system"`
		Name    string `json:"name"`
		Version string `json:"version"`
	} `json:"versionKey"`
	PublishedAt  string     `json:"publishedAt"`
	IsDefault    bool       `json:"isDefault"`
	Licenses     []string   `json:"licenses"`
	AdvisoryKeys []Advisory `json:"advisoryKeys"`
	Links        []struct {
		Label string `json:"label"`
		URL   string `json:"url"`
	} `json:"links"`
	SlsaProvenances []interface{} `json:"slsaProvenances"`
	Registries      []string      `json:"registries"`
	RelatedProjects []struct {
		ProjectKey struct {
			ID string `json:"id"`
		} `json:"projectKey"`
		RelationProvenance string `json:"relationProvenance"`
		RelationType       string `json:"relationType"`
	} `json:"relatedProjects"`
}

type VulnIssue ¶

type VulnIssue struct {
	Issue      string  `json:"issue"`     // Description of the vulnerability
	Path       string  `json:"asset"`     // Path where the vulnerability was found
	Title      string  `json:"title"`     // Title of the vulnerability
	CVSS3Score float64 `json:"cvss3"`     // CVSS score
	Ref        string  `json:"Reference"` // Reference link for the vulnerability
}

VulnIssue represents an identified vulnerability issue

func HandleDependencyFile ¶

func HandleDependencyFile(fileName string, tr *tar.Reader) ([]VulnIssue, error)

HandleDependencyFile processes and checks a specific dependency file

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL