[pkgsite] internal/api: support package-level vulnerability filtering
0 views
Skip to first unread message
Gopher Robot (Gerrit)
2:34 PM (3 hours ago) 2:34 PM
to Ethan Lee, goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, kokoro, golang...@luci-project-accounts.iam.gserviceaccount.com, Jonathan Amsterdam, Hyang-Ah Hana Kim, golang-co...@googlegroups.com
Gopher Robot submitted the change with unreviewed changes![]( "Open in Gerrit")
Unreviewed changes
2 is the latest approved patch-set.
The change was submitted with unreviewed changes in the following files:
```
The name of the file: internal/api/params.go
Insertions: 1, Deletions: 1.
@@ -13,23 +13,24 @@
// ListParams are common pagination and filtering parameters.
type ListParams struct {
- // max number of items to return
+ // Max number of items to return.
Limit int `form:"limit"`
- // where to resume listing
+ // Where to resume listing.
Token string `form:"token"`
- // include only items matching filter
+ // Include only items matching the regular expression filter.
Filter string `form:"filter"`
}
// PackageParams are query parameters for /v1beta/package/{path}.
type PackageParams struct {
- // module path
+ // Module path.
Module string `form:"module"`
- // module version (latest if empty)
+ // Module version: semantic version, 'latest', or default branches 'master' or 'main'.
+ // (Latest if empty).
Version string `form:"version"`
- // GOOS of documentation build context
+ // GOOS of documentation build context.
GOOS string `form:"goos"`
- // GOARCH of documentation build context
+ // GOARCH of documentation build context.
GOARCH string `form:"goarch"`
// Documentation format: text, html, md or markdown.
// If omitted, documentation is not returned.
@@ -44,29 +45,32 @@
// SymbolsParams are query parameters for /v1beta/symbols/{path}.
type SymbolsParams struct {
- // module path
+ // Module path.
Module string `form:"module"`
- // module version (latest if empty)
+ // Module version: semantic version, 'latest', or default branches 'master' or 'main'.
+ // (Latest if empty).
Version string `form:"version"`
- // GOOS of documentation build context
+ // GOOS of documentation build context.
GOOS string `form:"goos"`
- // GOARCH of documentation build context
+ // GOARCH of documentation build context.
GOARCH string `form:"goarch"`
ListParams
}
// ImportedByParams are query parameters for /v1beta/imported-by/{path}.
type ImportedByParams struct {
- // module path
+ // Module path.
Module string `form:"module"`
- // module version (latest if empty)
+ // Module version: semantic version, 'latest', or default branches 'master' or 'main'.
+ // (Latest if empty).
Version string `form:"version"`
ListParams
}
// ModuleParams are query parameters for /v1beta/module/{path}.
type ModuleParams struct {
- // module version (latest if empty)
+ // Module version: semantic version, 'latest', or default branches 'master' or 'main'.
+ // (Latest if empty).
Version string `form:"version"`
// Whether to include licenses in the result.
Licenses bool `form:"licenses"`
@@ -81,7 +85,8 @@
// PackagesParams are query parameters for /v1beta/packages/{path}.
type PackagesParams struct {
- // module version (latest if empty)
+ // Module version: semantic version, 'latest', or default branches 'master' or 'main'.
+ // (Latest if empty).
Version string `form:"version"`
ListParams
}
@@ -98,9 +103,10 @@
// VulnParams are query parameters for /v1beta/vulns/{path}.
type VulnParams struct {
- // module path
+ // Module path.
Module string `form:"module"`
- // module version (latest if empty)
+ // Module version: semantic version, 'latest', or default branches 'master' or 'main'.
+ // (Latest if empty).
Version string `form:"version"`
ListParams
}
```
```
The name of the file: internal/api/openapi.yaml
Insertions: 1, Deletions: 1.
@@ -16,7 +16,7 @@
"operationId": "getImported-by",
"parameters": [
{
- "description": "module path",
+ "description": "Module path.",
"in": "query",
"name": "module",
"schema": {
@@ -24,7 +24,7 @@
}
},
{
- "description": "module version (latest if empty)",
+ "description": "Module version: semantic version, 'latest', or default branches 'master' or 'main'.\n(Latest if empty).",
"in": "query",
"name": "version",
"schema": {
@@ -32,7 +32,7 @@
}
},
{
- "description": "max number of items to return",
+ "description": "Max number of items to return.",
"in": "query",
"name": "limit",
"schema": {
@@ -40,7 +40,7 @@
}
},
{
- "description": "where to resume listing",
+ "description": "Where to resume listing.",
"in": "query",
"name": "token",
"schema": {
@@ -48,7 +48,7 @@
}
},
{
- "description": "include only items matching filter",
+ "description": "Include only items matching the regular expression filter.",
"in": "query",
"name": "filter",
"schema": {
@@ -76,7 +76,7 @@
"operationId": "getModule",
"parameters": [
{
- "description": "module version (latest if empty)",
+ "description": "Module version: semantic version, 'latest', or default branches 'master' or 'main'.\n(Latest if empty).",
"in": "query",
"name": "version",
"schema": {
@@ -120,7 +120,7 @@
"operationId": "getPackage",
"parameters": [
{
- "description": "module path",
+ "description": "Module path.",
"in": "query",
"name": "module",
"schema": {
@@ -128,7 +128,7 @@
}
},
{
- "description": "module version (latest if empty)",
+ "description": "Module version: semantic version, 'latest', or default branches 'master' or 'main'.\n(Latest if empty).",
"in": "query",
"name": "version",
"schema": {
@@ -136,7 +136,7 @@
}
},
{
- "description": "GOOS of documentation build context",
+ "description": "GOOS of documentation build context.",
"in": "query",
"name": "goos",
"schema": {
@@ -144,7 +144,7 @@
}
},
{
- "description": "GOARCH of documentation build context",
+ "description": "GOARCH of documentation build context.",
"in": "query",
"name": "goarch",
"schema": {
@@ -204,7 +204,7 @@
"operationId": "getPackages",
"parameters": [
{
- "description": "module version (latest if empty)",
+ "description": "Module version: semantic version, 'latest', or default branches 'master' or 'main'.\n(Latest if empty).",
"in": "query",
"name": "version",
"schema": {
@@ -212,7 +212,7 @@
}
},
{
- "description": "max number of items to return",
+ "description": "Max number of items to return.",
"in": "query",
"name": "limit",
"schema": {
@@ -220,7 +220,7 @@
}
},
{
- "description": "where to resume listing",
+ "description": "Where to resume listing.",
"in": "query",
"name": "token",
"schema": {
@@ -228,7 +228,7 @@
}
},
{
- "description": "include only items matching filter",
+ "description": "Include only items matching the regular expression filter.",
"in": "query",
"name": "filter",
"schema": {
@@ -272,7 +272,7 @@
}
},
{
- "description": "max number of items to return",
+ "description": "Max number of items to return.",
"in": "query",
"name": "limit",
"schema": {
@@ -280,7 +280,7 @@
}
},
{
- "description": "where to resume listing",
+ "description": "Where to resume listing.",
"in": "query",
"name": "token",
"schema": {
@@ -288,7 +288,7 @@
}
},
{
- "description": "include only items matching filter",
+ "description": "Include only items matching the regular expression filter.",
"in": "query",
"name": "filter",
"schema": {
@@ -316,7 +316,7 @@
"operationId": "getSymbols",
"parameters": [
{
- "description": "module path",
+ "description": "Module path.",
"in": "query",
"name": "module",
"schema": {
@@ -324,7 +324,7 @@
}
},
{
- "description": "module version (latest if empty)",
+ "description": "Module version: semantic version, 'latest', or default branches 'master' or 'main'.\n(Latest if empty).",
"in": "query",
"name": "version",
"schema": {
@@ -332,7 +332,7 @@
}
},
{
- "description": "GOOS of documentation build context",
+ "description": "GOOS of documentation build context.",
"in": "query",
"name": "goos",
"schema": {
@@ -340,7 +340,7 @@
}
},
{
- "description": "GOARCH of documentation build context",
+ "description": "GOARCH of documentation build context.",
"in": "query",
"name": "goarch",
"schema": {
@@ -348,7 +348,7 @@
}
},
{
- "description": "max number of items to return",
+ "description": "Max number of items to return.",
"in": "query",
"name": "limit",
"schema": {
@@ -356,7 +356,7 @@
}
},
{
- "description": "where to resume listing",
+ "description": "Where to resume listing.",
"in": "query",
"name": "token",
"schema": {
@@ -364,7 +364,7 @@
}
},
{
- "description": "include only items matching filter",
+ "description": "Include only items matching the regular expression filter.",
"in": "query",
"name": "filter",
"schema": {
@@ -392,7 +392,7 @@
"operationId": "getVersions",
"parameters": [
{
- "description": "max number of items to return",
+ "description": "Max number of items to return.",
"in": "query",
"name": "limit",
"schema": {
@@ -400,7 +400,7 @@
}
},
{
- "description": "where to resume listing",
+ "description": "Where to resume listing.",
"in": "query",
"name": "token",
"schema": {
@@ -408,7 +408,7 @@
}
},
{
- "description": "include only items matching filter",
+ "description": "Include only items matching the regular expression filter.",
"in": "query",
"name": "filter",
"schema": {
@@ -436,7 +436,7 @@
"operationId": "getVulns",
"parameters": [
{
- "description": "module path",
+ "description": "Module path.",
"in": "query",
"name": "module",
"schema": {
@@ -444,7 +444,7 @@
}
},
{
- "description": "module version (latest if empty)",
+ "description": "Module version: semantic version, 'latest', or default branches 'master' or 'main'.\n(Latest if empty).",
"in": "query",
"name": "version",
"schema": {
@@ -452,7 +452,7 @@
}
},
{
- "description": "max number of items to return",
+ "description": "Max number of items to return.",
"in": "query",
"name": "limit",
"schema": {
@@ -460,7 +460,7 @@
}
},
{
- "description": "where to resume listing",
+ "description": "Where to resume listing.",
"in": "query",
"name": "token",
"schema": {
@@ -468,7 +468,7 @@
}
},
{
- "description": "include only items matching filter",
+ "description": "Include only items matching the regular expression filter.",
"in": "query",
"name": "filter",
"schema": {
@@ -514,12 +514,15 @@
"type": "array"
},
"code": {
+ "description": "HTTP status code",
"type": "integer"
},
"err": {
- "$ref": "#/components/schemas/error"
+ "$ref": "#/components/schemas/error",
+ "description": "Unexported field for internal tracking"
},
"fixes": {
+ "description": "suggestions for how to fix",
"items": {
"type": "string"
},
@@ -551,6 +554,7 @@
"Module": {
"properties": {
"commitTime": {
+ "description": "CommitTime is the timestamp returned by the module proxy's .info endpoint,\nrepresenting the time the version was created.",
"format": "date-time",
"type": "string"
},
@@ -603,12 +607,15 @@
"type": "string"
},
"hasGoMod": {
+ "description": "Whether the module has a go.mod file.",
"type": "boolean"
},
"isRedistributable": {
+ "description": "Whether the license allows distribution.",
"type": "boolean"
},
"latestVersion": {
+ "description": "latest unretracted version",
"type": "string"
},
"modulePath": {
@@ -681,6 +688,7 @@
"PackageInfo": {
"properties": {
"isRedistributable": {
+ "description": "Whether the license allows distribution.",
"type": "boolean"
},
"name": {
```
```
The name of the file: internal/api/api.go
Insertions: 7, Deletions: 7.
@@ -577,10 +577,10 @@
return func(w http.ResponseWriter, r *http.Request, ds internal.DataSource) (err error) {
defer derrors.Wrap(&err, "ServeVulnerabilities")
- modulePath := trimPath(r, "/v1beta/vulns/")
- if modulePath == "" {
- return BadRequest("missing module path",
- "the module path must be provided after '/vulns/'")
+ path := trimPath(r, "/v1beta/vulns/")
+ if path == "" {
+ return BadRequest("missing path",
+ "the package or module path must be provided after '/vulns/'")
}
// api:params VulnParams
@@ -599,14 +599,14 @@
}
// Verify package or module existence and resolve containing module.
- um, err := resolveModulePath(r, ds, modulePath, params.Module, requestedVersion)
+ um, err := resolveModulePath(r, ds, path, params.Module, requestedVersion)
if err != nil {
return err
}
var pkgPath string
- if modulePath != um.ModulePath {
- pkgPath = modulePath
+ if path != um.ModulePath {
+ pkgPath = path
}
// Use VulnsForPackage from internal/vuln to get vulnerabilities.
```
Change information
Commit message:
internal/api: support package-level vulnerability filtering
Update the v1beta vulnerabilities endpoint to accept both module paths
and package paths.
When a package path is supplied, the handler resolves the containing
module path via resolveModulePath and then passes the package path as a
filter to vuln.VulnsForPackage.
When a module path is supplied, it returns all vulnerabilities for that
module.
Also expose a `module` query parameter in VulnParams to allow resolving
ambiguous package paths.
Change-Id: I8666f98d1d05d9426eef67deb0e28ca193f50111
Reviewed-by: Jonathan Amsterdam <j...@google.com>
LUCI-TryBot-Result: golang...@luci-project-accounts.iam.gserviceaccount.com <golang...@luci-project-accounts.iam.gserviceaccount.com>
kokoro-CI: kokoro <noreply...@google.com>
Auto-Submit: Ethan Lee <etha...@google.com>
Files:
- M internal/api/api.go
- M internal/api/api_test.go
- M internal/api/openapi.yaml
- M internal/api/params.go
Change size: M
Delta: 4 files changed, 74 insertions(+), 17 deletions(-)
Branch: refs/heads/master
Submit Requirements:
Code-Review: +2 by Jonathan Amsterdam
TryBots-Pass: LUCI-TryBot-Result+1 by golang...@luci-project-accounts.iam.gserviceaccount.com
kokoro-CI-Passes: kokoro-CI+1 by kokoro
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Reply all
Reply to author
Forward
0 new messages