blob: 1653e4c1a5c9cc0a152282e4204a62595dd73ad5 [file] [log] [blame]
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package worker
import (
// triager is a map of cveID to the CVE record in our database.
type triager map[string]*cve
// cve represents a CVE.
type cve struct {
// state is an internal representation of the CVE state.
state string
// modulePath is the module path corresponding to this CVE, if any.
modulePath string
// cwe is the CWE for the CVE.
cwe string
// links contains links that will be included in the report.
links report.Links
// description is a description of the CVE.
description string
// isGoVuln reports if the cve is a potential Go vulnerability.
isGoVuln bool
func (c *cve) id() string {
return c.ID
func newTriager(triaged map[string]string) triager {
t := map[string]*cve{}
for cveID, state := range triaged {
t[cveID] = &cve{
CVE: cveschema.CVE{
Metadata: cveschema.Metadata{
ID: cveID,
state: state,
return t
// add adds a CVE to be tracked by the triager.
func (t triager) add(r *cve) {
t[] = r
// contains reports whether the triager has already seen this cveID.
func (t triager) contains(cveID string) bool {
_, ok := t[cveID]
return ok
// totalCVEs reports the total number of CVEs that have been seen by the triager.
func (t triager) totalCVEs() int {
return len(t)
// totalVulns reports the total number of CVEs that are potential Go
// vulnerabilities.
func (t triager) totalVulns() int {
var count int
for _, r := range t {
if r.isGoVuln {
count += 1
return count