Skip to content

Commit

Permalink
Add CertifyLegal to query known package (guacsec#2254)
Browse files Browse the repository at this point in the history 
Signed-off-by: robert-cronin <[email protected]>
  • Loading branch information
@robert-cronin
robert-cronin authored Nov 6, 2024
1 parent ed47f83 commit 85868ea
Showing 1 changed file with 28 additions and 11 deletions.
39 changes: 28 additions & 11 deletions cmd/guacone/cmd/known.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ const (
hasSBOMStr string = "hasSBOM"
hasSLSAStr string = "hasSLSA"
certifyVulnStr string = "certifyVuln"
certifyLegalStr string = "certifyLegal"
vexLinkStr string = "vexLink"
badLinkStr string = "badLink"
goodLinkStr string = "goodLink"
Expand All @@ -61,17 +62,18 @@ type queryKnownOptions struct {
}

type neighbors struct {
hashEquals []*model.NeighborsNeighborsHashEqual
scorecards []*model.NeighborsNeighborsCertifyScorecard
occurrences []*model.NeighborsNeighborsIsOccurrence
hasSrcAt []*model.NeighborsNeighborsHasSourceAt
hasSBOMs []*model.NeighborsNeighborsHasSBOM
hasSLSAs []*model.NeighborsNeighborsHasSLSA
certifyVulns []*model.NeighborsNeighborsCertifyVuln
vexLinks []*model.NeighborsNeighborsCertifyVEXStatement
badLinks []*model.NeighborsNeighborsCertifyBad
goodLinks []*model.NeighborsNeighborsCertifyGood
pkgEquals []*model.NeighborsNeighborsPkgEqual
hashEquals []*model.NeighborsNeighborsHashEqual
scorecards []*model.NeighborsNeighborsCertifyScorecard
occurrences []*model.NeighborsNeighborsIsOccurrence
hasSrcAt []*model.NeighborsNeighborsHasSourceAt
hasSBOMs []*model.NeighborsNeighborsHasSBOM
hasSLSAs []*model.NeighborsNeighborsHasSLSA
certifyVulns []*model.NeighborsNeighborsCertifyVuln
certifyLegals []*model.NeighborsNeighborsCertifyLegal
vexLinks []*model.NeighborsNeighborsCertifyVEXStatement
badLinks []*model.NeighborsNeighborsCertifyBad
goodLinks []*model.NeighborsNeighborsCertifyGood
pkgEquals []*model.NeighborsNeighborsPkgEqual
}

var (
Expand Down Expand Up @@ -181,6 +183,8 @@ var queryKnownCmd = &cobra.Command{
t.AppendSeparator()
t.AppendRows(getOutputBasedOnNode(ctx, gqlclient, pkgVersionNeighbors, certifyVulnStr, packageSubjectType))
t.AppendSeparator()
t.AppendRows(getOutputBasedOnNode(ctx, gqlclient, pkgVersionNeighbors, certifyLegalStr, artifactSubjectType))
t.AppendSeparator()
t.AppendRows(getOutputBasedOnNode(ctx, gqlclient, pkgVersionNeighbors, hasSBOMStr, packageSubjectType))
t.AppendSeparator()
t.AppendRows(getOutputBasedOnNode(ctx, gqlclient, pkgVersionNeighbors, hasSLSAStr, packageSubjectType))
Expand Down Expand Up @@ -323,6 +327,9 @@ func queryKnownNeighbors(ctx context.Context, gqlclient graphql.Client, subjectQ
case *model.NeighborsNeighborsPkgEqual:
collectedNeighbors.pkgEquals = append(collectedNeighbors.pkgEquals, v)
path = append(path, v.Id)
case *model.NeighborsNeighborsCertifyLegal:
collectedNeighbors.certifyLegals = append(collectedNeighbors.certifyLegals, v)
path = append(path, v.Id)
default:
continue
}
Expand Down Expand Up @@ -449,6 +456,16 @@ func getOutputBasedOnNode(ctx context.Context, gqlclient graphql.Client, collect
for _, equal := range collectedNeighbors.pkgEquals {
tableRows = append(tableRows, table.Row{pkgEqualStr, equal.Id, ""})
}
case certifyLegalStr:
for _, legal := range collectedNeighbors.certifyLegals {
tableRows = append(tableRows, table.Row{
certifyLegalStr,
legal.Id,
"Declared License: " + legal.DeclaredLicense +
",\nDiscovered License: " + legal.DiscoveredLicense +
",\nOrigin: " + legal.Origin,
})
}
}

return tableRows
Expand Down

0 comments on commit 85868ea

Please sign in to comment.