jas

package

v1.18.0 Latest Latest Go to latest Published: May 27, 2025 License: Apache-2.0 Imports: 33 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/jfrog/jfrog-cli-security

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func CheckForSecretValidation(xrayManager *xray.XrayServicesManager, xrayVersion string, ...) bool
func CreateJFrogAppsConfig(workingDirs []string) (*jfrogappsconfig.JFrogAppsConfig, error)
func CreateScannerTempDirectory(scanner *JasScanner, scanType string) (string, error)
func CreateScannersConfigFile(fileName string, fileContent interface{}, scanType jasutils.JasScanType) error
func DownloadAnalyzerManagerIfNeeded(threadId int) error
func GetAnalyzerManagerDirAbsolutePath() (string, error)
func GetAnalyzerManagerDownloadPath() (string, error)
func GetAnalyzerManagerEnvVariables(serverDetails *config.ServerDetails) (envVars map[string]string, err error)
func GetAnalyzerManagerExecutable() (analyzerManagerPath string, err error)
func GetAnalyzerManagerExecutableName() string
func GetAnalyzerManagerExitCode(err error) int
func GetAnalyzerManagerVersion() string
func GetAnalyzerManagerXscEnvVars(msi string, gitRepoUrl, projectKey string, watches []string, ...) map[string]string
func GetExcludePatterns(module jfrogappsconfig.Module, scanner *jfrogappsconfig.Scanner, ...) []string
func GetModule(root string, appConfig *jfrogappsconfig.JFrogAppsConfig) *jfrogappsconfig.Module
func GetSourceRoots(module jfrogappsconfig.Module, scanner *jfrogappsconfig.Scanner) ([]string, error)
func GetTestDataPath() string
func IsEntitledForJas(xrayManager *xray.XrayServicesManager, xrayVersion string) (entitled bool, err error)
func ParseAnalyzerManagerError(scanner jasutils.JasScanType, err error) (formatErr error)
func ReadJasScanRunsFromFile(fileName, wd, informationUrlSuffix string, minSeverity severityutils.Severity) (vulnerabilitiesSarifRuns []*sarif.Run, violationsSarifRuns []*sarif.Run, ...)
func SaveScanResultsToCompareAsReport(fileName string, runs ...*sarif.Run) error
func ShouldSkipScanner(module jfrogappsconfig.Module, scanType jasutils.JasScanType) bool
func UpdateJasScannerWithExcludePatternsFromProfile(scanner *JasScanner, profile *clientservices.ConfigProfile)
type AnalyzerManager
- func (am *AnalyzerManager) Exec(configFile, scanCommand, workingDir string, ...) (err error)
- func (am *AnalyzerManager) ExecWithOutputFile(configFile, scanCommand, workingDir, outputFile string, ...) (err error)
type JasDiffScanEnvValue
- func GetDiffScanTypeValue(diffScan bool, resultsToCompare *results.SecurityCommandResults) JasDiffScanEnvValue
type JasScanner
- func InitJasTest(t *testing.T) (*JasScanner, func())
- func NewJasScanner(serverDetails *config.ServerDetails, options ...JasScannerOption) (scanner *JasScanner, err error)
- func (js *JasScanner) GetResultsToCompare(target string) (resultsToCompare *results.TargetResults)
- func (a *JasScanner) Run(scannerCmd ScannerCmd, module jfrogappsconfig.Module) (vulnerabilitiesSarifRuns []*sarif.Run, violationsSarifRuns []*sarif.Run, ...)
type JasScannerOption
- func WithEnvVars(validateSecrets bool, diffMode JasDiffScanEnvValue, envVars map[string]string) JasScannerOption
- func WithExclusions(exclusions ...string) JasScannerOption
- func WithMinSeverity(minSeverity severityutils.Severity) JasScannerOption
- func WithResultsToCompare(resultsToCompare *results.SecurityCommandResults) JasScannerOption
type ScannerCmd
type SpecificScannersExcludePatterns

Constants ¶

View Source

const (
	ApplicabilityFeatureId = "contextual_analysis"
	AnalyzerManagerZipName = "analyzerManager.zip"

	ErrFailedScannerRun = "failed to run %s scan. Exit code received: %s"

	JfPackageManagerEnvVariable = "AM_PACKAGE_MANAGER"
	JfLanguageEnvVariable       = "AM_LANGUAGE"
	DiffScanEnvVariable         = "AM_DIFF_SCAN"
	// #nosec G101 -- Not credentials.
	JfSecretValidationEnvVariable = "JF_VALIDATE_SECRETS"
)

View Source

const (
	NoServerUrlWarn      = "" /* 191-byte string literal not displayed */
	NoServerDetailsError = "jfrog Server details are missing"
)

Variables ¶

View Source

var FakeBasicXrayResults = []services.ScanResponse{
	{
		ScanId: "scanId_1",
		Vulnerabilities: []services.Vulnerability{
			{IssueId: "issueId_1", Technology: techutils.Pipenv.String(),
				Cves:       []services.Cve{{Id: "testCve1"}, {Id: "testCve2"}, {Id: "testCve3"}},
				Components: map[string]services.Component{"issueId_1_direct_dependency": {}, "issueId_3_direct_dependency": {}}},
		},
		Violations: []services.Violation{
			{IssueId: "issueId_2", Technology: techutils.Pipenv.String(),
				Cves:       []services.Cve{{Id: "testCve4"}, {Id: "testCve5"}},
				Components: map[string]services.Component{"issueId_2_direct_dependency": {}, "issueId_4_direct_dependency": {}}},
		},
	},
}

View Source

var FakeServerDetails = config.ServerDetails{
	Url:      "platformUrl",
	Password: "password",
	User:     "user",
}

Functions ¶

func CheckForSecretValidation ¶ added in v1.10.0

func CheckForSecretValidation(xrayManager *xray.XrayServicesManager, xrayVersion string, validateSecrets bool) bool

func CreateJFrogAppsConfig ¶ added in v1.4.0

func CreateJFrogAppsConfig(workingDirs []string) (*jfrogappsconfig.JFrogAppsConfig, error)

func CreateScannerTempDirectory ¶ added in v1.4.0

func CreateScannerTempDirectory(scanner *JasScanner, scanType string) (string, error)

func CreateScannersConfigFile ¶

func CreateScannersConfigFile(fileName string, fileContent interface{}, scanType jasutils.JasScanType) error

func DownloadAnalyzerManagerIfNeeded ¶ added in v1.5.0

func DownloadAnalyzerManagerIfNeeded(threadId int) error

Download the latest AnalyzerManager executable if not cached locally. By default, the zip is downloaded directly from jfrog releases.

func GetAnalyzerManagerDirAbsolutePath ¶ added in v1.5.0

func GetAnalyzerManagerDirAbsolutePath() (string, error)

func GetAnalyzerManagerDownloadPath ¶ added in v1.5.0

func GetAnalyzerManagerDownloadPath() (string, error)

func GetAnalyzerManagerEnvVariables ¶ added in v1.5.0

func GetAnalyzerManagerEnvVariables(serverDetails *config.ServerDetails) (envVars map[string]string, err error)

func GetAnalyzerManagerExecutable ¶ added in v1.5.0

func GetAnalyzerManagerExecutable() (analyzerManagerPath string, err error)

func GetAnalyzerManagerExecutableName ¶ added in v1.5.0

func GetAnalyzerManagerExecutableName() string

func GetAnalyzerManagerExitCode ¶ added in v1.14.0

func GetAnalyzerManagerExitCode(err error) int

func GetAnalyzerManagerVersion ¶ added in v1.5.0

func GetAnalyzerManagerVersion() string

func GetAnalyzerManagerXscEnvVars ¶ added in v1.5.0

func GetAnalyzerManagerXscEnvVars(msi string, gitRepoUrl, projectKey string, watches []string, technologies ...techutils.Technology) map[string]string

func GetExcludePatterns ¶

func GetExcludePatterns(module jfrogappsconfig.Module, scanner *jfrogappsconfig.Scanner, exclusions ...string) []string

func GetModule ¶ added in v1.12.0

func GetModule(root string, appConfig *jfrogappsconfig.JFrogAppsConfig) *jfrogappsconfig.Module

func GetSourceRoots ¶

func GetSourceRoots(module jfrogappsconfig.Module, scanner *jfrogappsconfig.Scanner) ([]string, error)

func GetTestDataPath ¶

func GetTestDataPath() string

func IsEntitledForJas ¶

func IsEntitledForJas(xrayManager *xray.XrayServicesManager, xrayVersion string) (entitled bool, err error)

func ParseAnalyzerManagerError ¶ added in v1.5.0

func ParseAnalyzerManagerError(scanner jasutils.JasScanType, err error) (formatErr error)

func ReadJasScanRunsFromFile ¶

func ReadJasScanRunsFromFile(fileName, wd, informationUrlSuffix string, minSeverity severityutils.Severity) (vulnerabilitiesSarifRuns []*sarif.Run, violationsSarifRuns []*sarif.Run, err error)

func SaveScanResultsToCompareAsReport ¶ added in v1.18.0

func SaveScanResultsToCompareAsReport(fileName string, runs ...*sarif.Run) error

func ShouldSkipScanner ¶

func ShouldSkipScanner(module jfrogappsconfig.Module, scanType jasutils.JasScanType) bool

func UpdateJasScannerWithExcludePatternsFromProfile ¶ added in v1.17.0

func UpdateJasScannerWithExcludePatternsFromProfile(scanner *JasScanner, profile *clientservices.ConfigProfile)

Types ¶

type AnalyzerManager ¶ added in v1.5.0

type AnalyzerManager struct {
	AnalyzerManagerFullPath string
	MultiScanId             string
}

func (*AnalyzerManager) Exec ¶ added in v1.5.0

func (am *AnalyzerManager) Exec(configFile, scanCommand, workingDir string, serverDetails *config.ServerDetails, envVars map[string]string) (err error)

func (*AnalyzerManager) ExecWithOutputFile ¶ added in v1.5.0

func (am *AnalyzerManager) ExecWithOutputFile(configFile, scanCommand, workingDir, outputFile string, serverDetails *config.ServerDetails, envVars map[string]string) (err error)

type JasDiffScanEnvValue ¶ added in v1.18.0

type JasDiffScanEnvValue string

const (
	NotDiffScanEnvValue        JasDiffScanEnvValue = ""
	FirstScanDiffScanEnvValue  JasDiffScanEnvValue = "first_scan"
	SecondScanDiffScanEnvValue JasDiffScanEnvValue = "second_scan"
)

func GetDiffScanTypeValue ¶ added in v1.18.0

func GetDiffScanTypeValue(diffScan bool, resultsToCompare *results.SecurityCommandResults) JasDiffScanEnvValue

type JasScanner ¶

type JasScanner struct {
	TempDir               string
	AnalyzerManager       AnalyzerManager
	ServerDetails         *config.ServerDetails
	ScannerDirCleanupFunc func() error
	EnvVars               map[string]string
	DiffMode              bool
	ResultsToCompare      *results.SecurityCommandResults
	Exclusions            []string
	// This field contains scanner specific exclude patterns from Config Profile
	ScannersExclusions SpecificScannersExcludePatterns
	MinSeverity        severityutils.Severity
}

func InitJasTest ¶

func InitJasTest(t *testing.T) (*JasScanner, func())

func NewJasScanner ¶

func NewJasScanner(serverDetails *config.ServerDetails, options ...JasScannerOption) (scanner *JasScanner, err error)

func (*JasScanner) GetResultsToCompare ¶ added in v1.18.0

func (js *JasScanner) GetResultsToCompare(target string) (resultsToCompare *results.TargetResults)

func (*JasScanner) Run ¶

func (a *JasScanner) Run(scannerCmd ScannerCmd, module jfrogappsconfig.Module) (vulnerabilitiesSarifRuns []*sarif.Run, violationsSarifRuns []*sarif.Run, err error)

type JasScannerOption ¶ added in v1.18.0

type JasScannerOption func(f *JasScanner) error

func WithEnvVars ¶ added in v1.18.0

func WithEnvVars(validateSecrets bool, diffMode JasDiffScanEnvValue, envVars map[string]string) JasScannerOption

func WithExclusions ¶ added in v1.18.0

func WithExclusions(exclusions ...string) JasScannerOption

func WithMinSeverity ¶ added in v1.18.0

func WithMinSeverity(minSeverity severityutils.Severity) JasScannerOption

func WithResultsToCompare ¶ added in v1.18.0

func WithResultsToCompare(resultsToCompare *results.SecurityCommandResults) JasScannerOption

type ScannerCmd ¶

type ScannerCmd interface {
	Run(module jfrogappsconfig.Module) (vulnerabilitiesSarifRuns []*sarif.Run, violationsSarifRuns []*sarif.Run, err error)
}

type SpecificScannersExcludePatterns ¶ added in v1.17.0

type SpecificScannersExcludePatterns struct {
	ContextualAnalysisExcludePatterns []string
	SastExcludePatterns               []string
	SecretsExcludePatterns            []string
	IacExcludePatterns                []string
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
applicability
iac
runner
sast
secrets

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL