-
Notifications
You must be signed in to change notification settings - Fork 517
/
vulnerability_match_exclusion.go
130 lines (104 loc) · 4.56 KB
/
vulnerability_match_exclusion.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
package v4
import (
"encoding/json"
)
// VulnerabilityMatchExclusion represents the minimum data fields necessary to automatically filter certain
// vulnerabilities from match results based on the specified constraints.
type VulnerabilityMatchExclusion struct {
ID string `json:"id"` // The identifier of the vulnerability or advisory
Constraints []VulnerabilityMatchExclusionConstraint `json:"constraints,omitempty"` // The constraints under which the exclusion applies
Justification string `json:"justification"` // Justification for the exclusion
}
// VulnerabilityMatchExclusionConstraint describes criteria for which matches should be excluded
type VulnerabilityMatchExclusionConstraint struct {
Vulnerability VulnerabilityExclusionConstraint `json:"vulnerability,omitempty"` // Vulnerability exclusion criteria
Package PackageExclusionConstraint `json:"package,omitempty"` // Package exclusion criteria
ExtraFields map[string]interface{} `json:"-"`
}
func (c VulnerabilityMatchExclusionConstraint) Usable() bool {
return len(c.ExtraFields) == 0 && c.Vulnerability.Usable() && c.Package.Usable()
}
func (c *VulnerabilityMatchExclusionConstraint) UnmarshalJSON(data []byte) error {
// Create a new type from the target type to avoid recursion.
type _vulnerabilityMatchExclusionConstraint VulnerabilityMatchExclusionConstraint
// Unmarshal into an instance of the new type.
var _c _vulnerabilityMatchExclusionConstraint
if err := json.Unmarshal(data, &_c); err != nil {
return err
}
if err := json.Unmarshal(data, &_c.ExtraFields); err != nil {
return err
}
delete(_c.ExtraFields, "vulnerability")
delete(_c.ExtraFields, "package")
if len(_c.ExtraFields) == 0 {
_c.ExtraFields = nil
}
// Cast the new type instance to the original type and assign.
*c = VulnerabilityMatchExclusionConstraint(_c)
return nil
}
// VulnerabilityExclusionConstraint describes criteria for excluding a match based on additional vulnerability components
type VulnerabilityExclusionConstraint struct {
Namespace string `json:"namespace,omitempty"` // Vulnerability namespace
FixState FixState `json:"fix_state,omitempty"` // Vulnerability fix state
ExtraFields map[string]interface{} `json:"-"`
}
func (v VulnerabilityExclusionConstraint) Usable() bool {
return len(v.ExtraFields) == 0
}
func (v *VulnerabilityExclusionConstraint) UnmarshalJSON(data []byte) error {
// Create a new type from the target type to avoid recursion.
type _vulnerabilityExclusionConstraint VulnerabilityExclusionConstraint
// Unmarshal into an instance of the new type.
var _v _vulnerabilityExclusionConstraint
if err := json.Unmarshal(data, &_v); err != nil {
return err
}
if err := json.Unmarshal(data, &_v.ExtraFields); err != nil {
return err
}
delete(_v.ExtraFields, "namespace")
delete(_v.ExtraFields, "fix_state")
if len(_v.ExtraFields) == 0 {
_v.ExtraFields = nil
}
// Cast the new type instance to the original type and assign.
*v = VulnerabilityExclusionConstraint(_v)
return nil
}
// PackageExclusionConstraint describes criteria for excluding a match based on package components
type PackageExclusionConstraint struct {
Name string `json:"name,omitempty"` // Package name
Language string `json:"language,omitempty"` // The language ecosystem for a package
Type string `json:"type,omitempty"` // Package type
Version string `json:"version,omitempty"` // Package version
Location string `json:"location,omitempty"` // Package location
ExtraFields map[string]interface{} `json:"-"`
}
func (p PackageExclusionConstraint) Usable() bool {
return len(p.ExtraFields) == 0
}
func (p *PackageExclusionConstraint) UnmarshalJSON(data []byte) error {
// Create a new type from the target type to avoid recursion.
type _packageExclusionConstraint PackageExclusionConstraint
// Unmarshal into an instance of the new type.
var _p _packageExclusionConstraint
if err := json.Unmarshal(data, &_p); err != nil {
return err
}
if err := json.Unmarshal(data, &_p.ExtraFields); err != nil {
return err
}
delete(_p.ExtraFields, "name")
delete(_p.ExtraFields, "language")
delete(_p.ExtraFields, "type")
delete(_p.ExtraFields, "version")
delete(_p.ExtraFields, "location")
if len(_p.ExtraFields) == 0 {
_p.ExtraFields = nil
}
// Cast the new type instance to the original type and assign.
*p = PackageExclusionConstraint(_p)
return nil
}