Directories
¶
| Path | Synopsis |
|---|---|
|
Package agent provides the agent plugin system for Deputy.
|
Package agent provides the agent plugin system for Deputy. |
|
Package ai provides AI/LLM capabilities for Deputy.
|
Package ai provides AI/LLM capabilities for Deputy. |
|
providers/claude
Package claude provides an AI provider implementation using Anthropic's Claude CLI.
|
Package claude provides an AI provider implementation using Anthropic's Claude CLI. |
|
providers/codex
Package codex provides an AI provider implementation using OpenAI's Codex CLI.
|
Package codex provides an AI provider implementation using OpenAI's Codex CLI. |
|
render
Package render provides consistent rendering utilities for agent output.
|
Package render provides consistent rendering utilities for agent output. |
|
Package analysis provides OSV vulnerability database integration for Deputy.
|
Package analysis provides OSV vulnerability database integration for Deputy. |
|
osv
Package osv provides OSV integration and conversion into Deputy's vulnerability domain types.
|
Package osv provides OSV integration and conversion into Deputy's vulnerability domain types. |
|
Package auth provides unified credential management for Deputy.
|
Package auth provides unified credential management for Deputy. |
|
jwt
Package jwt provides reusable JWT authentication middleware for HTTP services.
|
Package jwt provides reusable JWT authentication middleware for HTTP services. |
|
Package cache provides caching primitives for Deputy.
|
Package cache provides caching primitives for Deputy. |
|
disk
Package disk provides persistent JSON-on-disk caching with TTL support.
|
Package disk provides persistent JSON-on-disk caching with TTL support. |
|
lockfile
Package lockfile provides content-hash based caching for parsed lockfile data.
|
Package lockfile provides content-hash based caching for parsed lockfile data. |
|
memory
Package memory provides in-memory caching with bounded size and TTL expiration.
|
Package memory provides in-memory caching with bounded size and TTL expiration. |
|
sources
Package sources provides cache.Source implementations for Deputy's data sources.
|
Package sources provides cache.Source implementations for Deputy's data sources. |
|
Package cli wires together the root Cobra command, its subcommands, and shared runtime concerns (logging, contextual execution) for the deputy tool.
|
Package cli wires together the root Cobra command, its subcommands, and shared runtime concerns (logging, contextual execution) for the deputy tool. |
|
cmd
Package cmd implements Deputy's CLI commands using the Cobra framework.
|
Package cmd implements Deputy's CLI commands using the Cobra framework. |
|
flags
Package flags provides shared parsing helpers for CLI flags.
|
Package flags provides shared parsing helpers for CLI flags. |
|
Package collections provides generic collection utilities for Deputy.
|
Package collections provides generic collection utilities for Deputy. |
|
Package compare provides routines for normalizing Go module/package import paths and computing semantic changes between two package inventories.
|
Package compare provides routines for normalizing Go module/package import paths and computing semantic changes between two package inventories. |
|
Package config provides unified configuration management for Deputy.
|
Package config provides unified configuration management for Deputy. |
|
Package container provides container-related functionality for Deputy.
|
Package container provides container-related functionality for Deputy. |
|
image
Package image provides container image configuration and metadata types.
|
Package image provides container image configuration and metadata types. |
|
Package demo provides demonstration functionality for supply chain security scanning.
|
Package demo provides demonstration functionality for supply chain security scanning. |
|
github-org-inventory
command
|
|
|
Package dependency provides types for identifying dependencies and their locations.
|
Package dependency provides types for identifying dependencies and their locations. |
|
graph
Package graph provides dependency graph construction, analysis, and visualization.
|
Package graph provides dependency graph construction, analysis, and visualization. |
|
Package dockerfile provides Dockerfile parsing and static analysis for policy evaluation.
|
Package dockerfile provides Dockerfile parsing and static analysis for policy evaluation. |
|
Package ecosystem provides types and utilities for working with package ecosystems.
|
Package ecosystem provides types and utilities for working with package ecosystems. |
|
Package errors provides domain-specific error types for Deputy.
|
Package errors provides domain-specific error types for Deputy. |
|
Package explain provides comprehensive vulnerability explanation and analysis.
|
Package explain provides comprehensive vulnerability explanation and analysis. |
|
Package filtering provides filter functions for scan results.
|
Package filtering provides filter functions for scan results. |
|
Package git contains enhanced Git reference resolution and diff utilities built on top of go-git.
|
Package git contains enhanced Git reference resolution and diff utilities built on top of go-git. |
|
Package httputil provides shared HTTP client creation and configuration.
|
Package httputil provides shared HTTP client creation and configuration. |
|
Package ignore provides vulnerability suppression rules for Deputy scans.
|
Package ignore provides vulnerability suppression rules for Deputy scans. |
|
Package inputs provides utilities for converting extracted packages into OSV query inputs with manifest metadata enrichment.
|
Package inputs provides utilities for converting extracted packages into OSV query inputs with manifest metadata enrichment. |
|
Package inventory extracts a dependency inventory (package list) from either the current working tree or a historical commit snapshot.
|
Package inventory extracts a dependency inventory (package list) from either the current working tree or a historical commit snapshot. |
|
manifests
Package manifests provides helpers for associating files with package managers and manifest paths.
|
Package manifests provides helpers for associating files with package managers and manifest paths. |
|
plugin
Package plugin provides a client for invoking extractor plugins.
|
Package plugin provides a client for invoking extractor plugins. |
|
plugins/docker/dockerfilex
Package dockerfilex extracts container base image dependencies from Dockerfiles.
|
Package dockerfilex extracts container base image dependencies from Dockerfiles. |
|
plugins/github/actionsx
Package actionsx extracts GitHub Actions dependencies from workflow and action manifests.
|
Package actionsx extracts GitHub Actions dependencies from workflow and action manifests. |
|
plugins/java/gradlex
Package gradlex provides Gradle dependency extractors for Deputy.
|
Package gradlex provides Gradle dependency extractors for Deputy. |
|
registry
Package registry provides a thread-safe registry for extractor plugins.
|
Package registry provides a thread-safe registry for extractor plugins. |
|
Package license provides license lookup and enrichment helpers for Deputy.
|
Package license provides license lookup and enrichment helpers for Deputy. |
|
Package logs provides structured logging utilities for Deputy.
|
Package logs provides structured logging utilities for Deputy. |
|
Package mcp provides a Model Context Protocol server for Deputy.
|
Package mcp provides a Model Context Protocol server for Deputy. |
|
Package network provides secure networking primitives for Deputy.
|
Package network provides secure networking primitives for Deputy. |
|
Package options provides a common validation pattern for configuration types.
|
Package options provides a common validation pattern for configuration types. |
|
Package otel provides OpenTelemetry instrumentation for Deputy.
|
Package otel provides OpenTelemetry instrumentation for Deputy. |
|
Package output provides a style-aware document model for CLI output rendering.
|
Package output provides a style-aware document model for CLI output rendering. |
|
Package policy provides the CEL-based policy evaluation engine for Deputy.
|
Package policy provides the CEL-based policy evaluation engine for Deputy. |
|
celconv
Package celconv provides type conversion utilities for CEL (Common Expression Language).
|
Package celconv provides type conversion utilities for CEL (Common Expression Language). |
|
lsp
Package lsp implements a lightweight, high-performance Language Server Protocol (LSP) server tailored for Deputy policy bundles.
|
Package lsp implements a lightweight, high-performance Language Server Protocol (LSP) server tailored for Deputy policy bundles. |
|
Package proto provides bidirectional conversion between Deputy's internal domain types and their protobuf representations.
|
Package proto provides bidirectional conversion between Deputy's internal domain types and their protobuf representations. |
|
Package proxy implements a multi-ecosystem dependency proxy server.
|
Package proxy implements a multi-ecosystem dependency proxy server. |
|
Package purlx provides Deputy-specific helpers for working with PURLs.
|
Package purlx provides Deputy-specific helpers for working with PURLs. |
|
Package remediation generates actionable steps to resolve security vulnerabilities.
|
Package remediation generates actionable steps to resolve security vulnerabilities. |
|
Package report provides helpers for assembling display- or export-ready views of Deputy data without tying them to CLI rendering details.
|
Package report provides helpers for assembling display- or export-ready views of Deputy data without tying them to CLI rendering details. |
|
render
Package render contains CLI-friendly render helpers for report outputs.
|
Package render contains CLI-friendly render helpers for report outputs. |
|
Package repository coordinates go-git repositories with Deputy workspaces.
|
Package repository coordinates go-git repositories with Deputy workspaces. |
|
workspace
Package workspace provides a safe abstraction over on-disk and in-memory filesystems that Deputy scans.
|
Package workspace provides a safe abstraction over on-disk and in-memory filesystems that Deputy scans. |
|
Package sandbox provides isolated execution environments for Deputy.
|
Package sandbox provides isolated execution environments for Deputy. |
|
runtimes/docker
Package docker provides a Docker container sandbox runtime.
|
Package docker provides a Docker container sandbox runtime. |
|
runtimes/gvisor
Package gvisor provides a gVisor sandbox runtime for stronger isolation.
|
Package gvisor provides a gVisor sandbox runtime for stronger isolation. |
|
runtimes/none
Package none provides a no-op sandbox runtime for trusted execution.
|
Package none provides a no-op sandbox runtime for trusted execution. |
|
runtimes/plugin
Package plugin provides an external sandbox runtime implemented by plugins.
|
Package plugin provides an external sandbox runtime implemented by plugins. |
|
runtimes/sandboxexec
Package sandboxexec provides a macOS sandbox-exec runtime.
|
Package sandboxexec provides a macOS sandbox-exec runtime. |
|
sandboxtest
Package sandboxtest provides utilities for testing sandbox runtime plugins in-memory without spawning external processes or using network sockets.
|
Package sandboxtest provides utilities for testing sandbox runtime plugins in-memory without spawning external processes or using network sockets. |
|
workspace
Package workspace provides Docker-specific workspace isolation.
|
Package workspace provides Docker-specific workspace isolation. |
|
Package sarif provides SARIF output format support for Deputy scan results.
|
Package sarif provides SARIF output format support for Deputy scan results. |
|
Package sbomx generates Software Bills of Materials (SBOM) for local or remote repositories and can optionally enrich component nodes with license metadata.
|
Package sbomx generates Software Bills of Materials (SBOM) for local or remote repositories and can optionally enrich component nodes with license metadata. |
|
diff
Package diff provides SBOM comparison and change detection.
|
Package diff provides SBOM comparison and change detection. |
|
vex
Package vex provides Vulnerability Exploitability eXchange (VEX) document generation.
|
Package vex provides Vulnerability Exploitability eXchange (VEX) document generation. |
|
Package scanning provides scan orchestration for vulnerability analysis.
|
Package scanning provides scan orchestration for vulnerability analysis. |
|
Package secrets provides secret detection and scanning capabilities.
|
Package secrets provides secret detection and scanning capabilities. |
|
Package security provides shared security utilities for container analysis.
|
Package security provides shared security utilities for container analysis. |
|
Package server provides the Deputy gRPC/Connect server implementation.
|
Package server provides the Deputy gRPC/Connect server implementation. |
|
Package services provides the unified service layer for Deputy.
|
Package services provides the unified service layer for Deputy. |
|
Package targets defines abstractions for heterogeneous scan targets (e.g.
|
Package targets defines abstractions for heterogeneous scan targets (e.g. |
|
Package ui centralizes terminal presentation styles (colors, emphasis) so that higher level reporting code can remain logic‑focused and stylistically consistent.
|
Package ui centralizes terminal presentation styles (colors, emphasis) so that higher level reporting code can remain logic‑focused and stylistically consistent. |
|
repl
Package repl provides a world-class interactive REPL for CEL policy evaluation.
|
Package repl provides a world-class interactive REPL for CEL policy evaluation. |
|
Package version provides build-time version information for Deputy.
|
Package version provides build-time version information for Deputy. |
|
Package vmimage provides abstractions for reading virtual machine disk images and their filesystems without requiring root privileges or kernel mounts.
|
Package vmimage provides abstractions for reading virtual machine disk images and their filesystems without requiring root privileges or kernel mounts. |
|
fsys
Package fsys provides filesystem implementations for virtual machine disk images.
|
Package fsys provides filesystem implementations for virtual machine disk images. |
|
Package vulnerability provides core domain types for vulnerability identification and classification.
|
Package vulnerability provides core domain types for vulnerability identification and classification. |
|
affected
Package affected provides affected product identification for vulnerabilities.
|
Package affected provides affected product identification for vulnerabilities. |
|
affected/cpe
Package cpe provides CPE (Common Platform Enumeration) identifier handling.
|
Package cpe provides CPE (Common Platform Enumeration) identifier handling. |
|
id
Package id provides vulnerability identifier parsing and validation.
|
Package id provides vulnerability identifier parsing and validation. |
|
id/cve
Package cve provides CVE (Common Vulnerabilities and Exposures) identifier handling.
|
Package cve provides CVE (Common Vulnerabilities and Exposures) identifier handling. |
|
intel
Package intel provides threat intelligence enrichment for vulnerabilities.
|
Package intel provides threat intelligence enrichment for vulnerabilities. |
|
intel/epss
Package epss provides a client for FIRST's Exploit Prediction Scoring System.
|
Package epss provides a client for FIRST's Exploit Prediction Scoring System. |
|
intel/kev
Package kev provides a client for the CISA Known Exploited Vulnerabilities catalog.
|
Package kev provides a client for the CISA Known Exploited Vulnerabilities catalog. |
|
severity
Package severity provides vulnerability severity classification and normalization.
|
Package severity provides vulnerability severity classification and normalization. |
|
severity/cvss
Package cvss provides CVSS (Common Vulnerability Scoring System) parsing and scoring.
|
Package cvss provides CVSS (Common Vulnerability Scoring System) parsing and scoring. |
|
ssvc
Package ssvc implements Stakeholder-Specific Vulnerability Categorization.
|
Package ssvc implements Stakeholder-Specific Vulnerability Categorization. |
|
suppression
Package suppression provides vulnerability suppression via VEX documents.
|
Package suppression provides vulnerability suppression via VEX documents. |
|
weakness
Package weakness provides weakness classification for vulnerabilities.
|
Package weakness provides weakness classification for vulnerabilities. |
|
weakness/cwe
Package cwe provides CWE (Common Weakness Enumeration) identifier handling.
|
Package cwe provides CWE (Common Weakness Enumeration) identifier handling. |
Click to show internal directories.
Click to hide internal directories.