Metastatic.Analysis.Security.Result (Metastatic v0.10.4)

View Source

Result structure for security vulnerability detection.

Contains information about detected security vulnerabilities, their severity, and remediation recommendations.

Fields

  • :has_vulnerabilities? - Boolean indicating if vulnerabilities were found
  • :vulnerabilities - List of detected vulnerability details
  • :summary - Human-readable summary of findings
  • :total_vulnerabilities - Count of detected vulnerabilities
  • :by_severity - Map of counts by severity
  • :by_category - Map of counts by vulnerability category

Vulnerability Categories

  • :injection - SQL injection, command injection, XSS
  • :unsafe_deserialization - pickle.loads, eval, exec
  • :hardcoded_secret - Passwords, API keys in code
  • :weak_crypto - MD5, SHA1, weak random
  • :path_traversal - Unchecked file paths
  • :insecure_protocol - HTTP instead of HTTPS

Examples

iex> result = Metastatic.Analysis.Security.Result.new([])
iex> result.has_vulnerabilities?
false

iex> vulns = [%{category: :injection, severity: :critical, description: "test"}]
iex> result = Metastatic.Analysis.Security.Result.new(vulns)
iex> result.has_vulnerabilities?
true

Summary

Types

category()
severity()
t()
vulnerability()

Functions

new(vulnerabilities)

Creates a new result from a list of vulnerabilities.

no_vulnerabilities()

Creates a result with no vulnerabilities.

to_map(result)

Converts result to JSON-compatible map.

Types

category()

@type category() ::
  :injection
  | :unsafe_deserialization
  | :hardcoded_secret
  | :weak_crypto
  | :path_traversal
  | :insecure_protocol

severity()

@type severity() :: :critical | :high | :medium | :low

t()

@type t() :: %Metastatic.Analysis.Security.Result{
  by_category: %{required(category()) => non_neg_integer()},
  by_severity: %{required(severity()) => non_neg_integer()},
  has_vulnerabilities?: boolean(),
  summary: String.t(),
  total_vulnerabilities: non_neg_integer(),
  vulnerabilities: [vulnerability()]
}

vulnerability()

@type vulnerability() :: %{
  category: category(),
  severity: severity(),
  description: String.t(),
  recommendation: String.t(),
  cwe: integer() | nil,
  context: term()
}

Functions

new(vulnerabilities)

@spec new([vulnerability()]) :: t()

Creates a new result from a list of vulnerabilities.

Examples

iex> Metastatic.Analysis.Security.Result.new([])
%Metastatic.Analysis.Security.Result{has_vulnerabilities?: false, summary: "No security vulnerabilities detected"}

iex> vulns = [%{category: :injection, severity: :critical, description: "test", recommendation: "fix", cwe: nil, context: nil}]
iex> result = Metastatic.Analysis.Security.Result.new(vulns)
iex> result.has_vulnerabilities?
true

no_vulnerabilities()

@spec no_vulnerabilities() :: t()

Creates a result with no vulnerabilities.

Examples

iex> result = Metastatic.Analysis.Security.Result.no_vulnerabilities()
iex> result.has_vulnerabilities?
false

to_map(result)

@spec to_map(t()) :: map()

Converts result to JSON-compatible map.

Examples

iex> result = Metastatic.Analysis.Security.Result.new([])
iex> map = Metastatic.Analysis.Security.Result.to_map(result)
iex> is_map(map)
true