-
Notifications
You must be signed in to change notification settings - Fork 66
/
Copy pathreport.go
67 lines (60 loc) · 2.26 KB
/
report.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package report
import "time"
type VersionRange struct {
Introduced string `yaml:",omitempty"`
Fixed string `yaml:",omitempty"`
}
type Additional struct {
Module string `yaml:",omitempty"`
Package string `yaml:",omitempty"`
Symbols []string `yaml:",omitempty"`
Versions []VersionRange `yaml:",omitempty"`
}
type Links struct {
PR string `yaml:",omitempty"`
Commit string `yaml:",omitempty"`
Context []string `yaml:",omitempty"`
}
type CVEMeta struct {
ID string `yaml:",omitempty"`
CWE string `yaml:",omitempty"`
Description string `yaml:",omitempty"`
CVSSMeta *CVSS `yaml:",omitempty"`
}
type CVSS struct {
Version string `yaml:",omitempty"`
Score float32 `yaml:",omitempty"`
Vector string `yaml:",omitempty"`
}
type Report struct {
Module string `yaml:",omitempty"`
Package string `yaml:",omitempty"`
// TODO: could also be GoToolchain, but we might want
// this for other things?
//
// could we also automate this by just looking for
// things prefixed with cmd/go?
DoNotExport bool `yaml:"do_not_export,omitempty"`
// TODO: how does this interact with Versions etc?
Stdlib bool `yaml:",omitempty"`
// TODO: the most common usage of additional package should
// really be replaced with 'aliases', we'll still need
// additional packages for some cases, but it's too heavy
// for most
AdditionalPackages []Additional `yaml:"additional_packages,omitempty"`
Versions []VersionRange `yaml:",omitempty"`
Description string `yaml:",omitempty"`
Published time.Time `yaml:",omitempty"`
LastModified *time.Time `yaml:"last_modified,omitempty"`
Withdrawn *time.Time `yaml:",omitempty"`
CVE string `yaml:",omitempty"`
Credit string `yaml:",omitempty"`
Symbols []string `yaml:",omitempty"`
OS []string `yaml:",omitempty"`
Arch []string `yaml:",omitempty"`
Links Links `yaml:",omitempty"`
CVEMetadata *CVEMeta `yaml:"cve_metadata,omitempty"`
}