github.com/google/osv-scalibr@v0.4.1/enricher/vex/filter/filter.go

github.com/google/osv-scalibr@v0.4.1/enricher/vex/filter/filter.go (about)

     1  // Copyright 2025 Google LLC
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  // Package filter defines an enricher that filters out vulns with VEX signals.
    16  package filter
    17  
    18  import (
    19  	"context"
    20  	"slices"
    21  
    22  	"github.com/google/osv-scalibr/enricher"
    23  	"github.com/google/osv-scalibr/inventory"
    24  	"github.com/google/osv-scalibr/plugin"
    25  )
    26  
    27  const (
    28  	// Name is the name of the enricher.
    29  	Name = "vex/filter"
    30  	// Version is the version of the enricher.
    31  	Version = 0
    32  )
    33  
    34  // New returns a new enricher.
    35  func New() enricher.Enricher {
    36  	return &Enricher{}
    37  }
    38  
    39  // Enricher removes vulnerabilities that have VEX signals associated.
    40  type Enricher struct{}
    41  
    42  // Name of the enricher.
    43  func (*Enricher) Name() string { return Name }
    44  
    45  // Version of the enricher.
    46  func (*Enricher) Version() int { return Version }
    47  
    48  // Requirements of the enricher.
    49  func (*Enricher) Requirements() *plugin.Capabilities { return &plugin.Capabilities{} }
    50  
    51  // RequiredPlugins returns a list of Plugins that need to be enabled for this Enricher to work.
    52  func (*Enricher) RequiredPlugins() []string { return nil }
    53  
    54  // Enrich removes vulnerabilities that have VEX signals associated.
    55  func (e *Enricher) Enrich(ctx context.Context, _ *enricher.ScanInput, inv *inventory.Inventory) error {
    56  	inv.PackageVulns = slices.DeleteFunc(inv.PackageVulns, func(f *inventory.PackageVuln) bool {
    57  		return len(f.ExploitabilitySignals) > 0
    58  	})
    59  	inv.GenericFindings = slices.DeleteFunc(inv.GenericFindings, func(f *inventory.GenericFinding) bool {
    60  		return len(f.ExploitabilitySignals) > 0
    61  	})
    62  	return nil
    63  }