Macaron
0.13.0
Installation Guide
Using Macaron
Command Line Usage
Tutorials
Output Files Guide
SLSA Build Levels
Verification Summary Attestations
Supported Technologies
Macaron Developer’s Guide
Glossary
Macaron
Index
Index
Symbols
|
_
|
A
|
B
|
C
|
D
|
E
|
F
|
G
|
H
|
I
|
J
|
L
|
M
|
N
|
O
|
P
|
Q
|
R
|
S
|
T
|
U
|
V
|
W
|
Y
Symbols
--branch
command line option
--config-path
command line option
--database
command line option
--defaults-path
command line option
--digest
command line option
--file
command line option
--help
command line option
,
[1]
,
[2]
,
[3]
--local-repos-path
command line option
--output-dir
command line option
--package-url
command line option
--provenance-expectation
command line option
--provenance-file
command line option
--repo-path
command line option
--sbom-path
command line option
--show-prelude
command line option
--skip-deps
command line option
--template-path
command line option
--verbose
command line option
--version
command line option
-b
command line option
-c
command line option
-d
command line option
,
[1]
-dp
command line option
-f
command line option
-g
command line option
-h
command line option
,
[1]
,
[2]
,
[3]
-lr
command line option
-o
command line option
-pe
command line option
-pf
command line option
-purl
command line option
-rp
command line option
-s
command line option
-sbom
command line option
-V
command line option
-v
command line option
_
__init__() (macaron.code_analyzer.call_graph.BaseNode method)
(macaron.code_analyzer.call_graph.CallGraph method)
(macaron.config.global_config.GlobalConfig method)
(macaron.config.target_config.Configuration method)
(macaron.database.database_manager.cache_return method)
(macaron.database.database_manager.DatabaseManager method)
(macaron.database.table_definitions.Analysis method)
(macaron.database.table_definitions.CheckFacts method)
(macaron.database.table_definitions.Component method)
(macaron.database.table_definitions.HashDigest method)
(macaron.database.table_definitions.MappedCheckResult method)
(macaron.database.table_definitions.Provenance method)
(macaron.database.table_definitions.ProvenanceSubject method)
(macaron.database.table_definitions.ReleaseArtifact method)
(macaron.database.table_definitions.Repository method)
(macaron.database.table_definitions.SLSALevel method)
(macaron.database.table_definitions.SLSARequirement method)
(macaron.database.views.CreateView method)
(macaron.database.views.DropView method)
(macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer method)
(macaron.dependency_analyzer.cyclonedx.NoneDependencyAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.base_analyzer.BaseHeuristicAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.metadata.closer_release_join_date.CloserReleaseJoinDateAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.metadata.empty_project_link.EmptyProjectLinkAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.metadata.high_release_frequency.HighReleaseFrequencyAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.metadata.one_release.OneReleaseAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.metadata.unchanged_release.UnchangedReleaseAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.metadata.unreachable_project_links.UnreachableProjectLinksAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.sourcecode.suspicious_setup.SuspiciousSetupAnalyzer method)
(macaron.output_reporter.reporter.FileReporter method)
(macaron.output_reporter.reporter.HTMLReporter method)
(macaron.output_reporter.reporter.JSONReporter method)
(macaron.output_reporter.reporter.PolicyReporter method)
(macaron.output_reporter.results.Record method)
(macaron.output_reporter.results.Report method)
(macaron.parsers.bashparser.BashNode method)
(macaron.parsers.github_workflow_model.Identified method)
(macaron.policy_engine.souffle.SouffleError method)
(macaron.policy_engine.souffle.SouffleWrapper method)
(macaron.policy_engine.souffle_code_generator.SouffleProgram method)
(macaron.repo_finder.provenance_finder.ProvenanceFinder method)
(macaron.repo_finder.repo_finder_java.JavaRepoFinder method)
(macaron.slsa_analyzer.analyze_context.AnalyzeContext method)
(macaron.slsa_analyzer.analyzer.Analyzer method)
(macaron.slsa_analyzer.analyzer.DuplicateCmpError method)
(macaron.slsa_analyzer.asset.AssetLocator method)
(macaron.slsa_analyzer.build_tool.base_build_tool.BaseBuildTool method)
(macaron.slsa_analyzer.build_tool.base_build_tool.RuntimeOptions method)
(macaron.slsa_analyzer.build_tool.docker.Docker method)
(macaron.slsa_analyzer.build_tool.go.Go method)
(macaron.slsa_analyzer.build_tool.gradle.Gradle method)
(macaron.slsa_analyzer.build_tool.language.Language method)
(macaron.slsa_analyzer.build_tool.maven.Maven method)
(macaron.slsa_analyzer.build_tool.npm.NPM method)
(macaron.slsa_analyzer.build_tool.pip.Pip method)
(macaron.slsa_analyzer.build_tool.poetry.Poetry method)
(macaron.slsa_analyzer.build_tool.yarn.Yarn method)
(macaron.slsa_analyzer.checks.base_check.BaseCheck method)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeCheck method)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts method)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptCheck method)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts method)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceCheck method)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts method)
(macaron.slsa_analyzer.checks.check_result.CheckInfo method)
(macaron.slsa_analyzer.checks.check_result.CheckResult method)
(macaron.slsa_analyzer.checks.check_result.CheckResultData method)
(macaron.slsa_analyzer.checks.check_result.Evidence method)
(macaron.slsa_analyzer.checks.check_result.EvidenceWeightMap method)
(macaron.slsa_analyzer.checks.detect_malicious_metadata_check.DetectMaliciousMetadataCheck method)
(macaron.slsa_analyzer.checks.detect_malicious_metadata_check.MaliciousMetadataFacts method)
(macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineCheck method)
(macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineFacts method)
(macaron.slsa_analyzer.checks.provenance_available_check.ProvenanceAvailableCheck method)
(macaron.slsa_analyzer.checks.provenance_available_check.ProvenanceAvailableFacts method)
(macaron.slsa_analyzer.checks.provenance_commit_check.ProvenanceDerivedCommitCheck method)
(macaron.slsa_analyzer.checks.provenance_commit_check.ProvenanceDerivedCommitFacts method)
(macaron.slsa_analyzer.checks.provenance_l3_check.ProvenanceL3Check method)
(macaron.slsa_analyzer.checks.provenance_l3_check.ProvenanceL3VerifiedFacts method)
(macaron.slsa_analyzer.checks.provenance_l3_content_check.ProvenanceL3ContentCheck method)
(macaron.slsa_analyzer.checks.provenance_repo_check.ProvenanceDerivedRepoCheck method)
(macaron.slsa_analyzer.checks.provenance_repo_check.ProvenanceDerivedRepoFacts method)
(macaron.slsa_analyzer.checks.provenance_verified_check.ProvenanceVerifiedCheck method)
(macaron.slsa_analyzer.checks.provenance_verified_check.ProvenanceVerifiedFacts method)
(macaron.slsa_analyzer.checks.provenance_witness_l1_check.ProvenanceWitnessL1Check method)
(macaron.slsa_analyzer.checks.provenance_witness_l1_check.WitnessProvenanceAvailableFacts method)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderFacts method)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderL3Check method)
(macaron.slsa_analyzer.checks.vcs_check.VCSCheck method)
(macaron.slsa_analyzer.checks.vcs_check.VCSFacts method)
(macaron.slsa_analyzer.ci_service.base_ci_service.BaseCIService method)
(macaron.slsa_analyzer.ci_service.base_ci_service.NoneCIService method)
(macaron.slsa_analyzer.ci_service.circleci.CircleCI method)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.GitHubJobNode method)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.GitHubWorkflowNode method)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.GraalVMSetup method)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.OracleSetupJava method)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.SetupJava method)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.ThirdPartyAction method)
(macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci.GitHubActions method)
(macaron.slsa_analyzer.ci_service.gitlab_ci.GitLabCI method)
(macaron.slsa_analyzer.ci_service.jenkins.Jenkins method)
(macaron.slsa_analyzer.ci_service.travis.Travis method)
(macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
(macaron.slsa_analyzer.git_service.base_git_service.BaseGitService method)
(macaron.slsa_analyzer.git_service.base_git_service.NoneGitService method)
(macaron.slsa_analyzer.git_service.bitbucket.BitBucket method)
(macaron.slsa_analyzer.git_service.github.GitHub method)
(macaron.slsa_analyzer.git_service.gitlab.GitLab method)
(macaron.slsa_analyzer.git_service.gitlab.PubliclyHostedGitLab method)
(macaron.slsa_analyzer.git_service.gitlab.SelfHostedGitLab method)
(macaron.slsa_analyzer.git_service.local_repo_git_service.LocalRepoGitService method)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
(macaron.slsa_analyzer.package_registry.maven_central_registry.MavenCentralRegistry method)
(macaron.slsa_analyzer.package_registry.npm_registry.NPMRegistry method)
(macaron.slsa_analyzer.package_registry.package_registry.PackageRegistry method)
(macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset method)
(macaron.slsa_analyzer.package_registry.pypi_registry.PyPIRegistry method)
(macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation method)
(macaron.slsa_analyzer.provenance.expectations.expectation.Expectation method)
(macaron.slsa_analyzer.provenance.expectations.expectation_registry.ExpectationRegistry method)
(macaron.slsa_analyzer.provenance.intoto.ProvenanceSubjectPURLMatcher method)
(macaron.slsa_analyzer.provenance.provenance.DownloadedProvenanceData method)
(macaron.slsa_analyzer.provenance.witness.attestor.RepoAttestor method)
(macaron.slsa_analyzer.registry.Registry method)
(macaron.slsa_analyzer.slsa_req.SLSAReq method)
(macaron.slsa_analyzer.slsa_req.SLSAReqStatus method)
(macaron.slsa_analyzer.specs.inferred_provenance.Provenance method)
(macaron.slsa_analyzer.specs.package_registry_spec.PackageRegistryInfo method)
A
AbstractPurlType (class in macaron.repo_finder.commit_finder)
ACCESS (macaron.slsa_analyzer.slsa_req.ReqName attribute)
action_name (macaron.slsa_analyzer.ci_service.github_actions.analyzer.GraalVMSetup attribute)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.OracleSetupJava attribute)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.SetupJava attribute)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.ThirdPartyAction attribute)
action_version (macaron.slsa_analyzer.ci_service.github_actions.analyzer.GraalVMSetup attribute)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.OracleSetupJava attribute)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.SetupJava attribute)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.ThirdPartyAction attribute)
add() (macaron.slsa_analyzer.checks.check_result.EvidenceWeightMap method)
add_callee() (macaron.code_analyzer.call_graph.BaseNode method)
add_component() (macaron.slsa_analyzer.analyzer.Analyzer method)
add_dep_record() (macaron.output_reporter.results.Report method)
add_latest_version() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer static method)
add_repository() (macaron.slsa_analyzer.analyzer.Analyzer method)
Analysis (class in macaron.database.table_definitions)
analysis (macaron.database.table_definitions.Component attribute)
ANALYSIS_FAILED (macaron.output_reporter.scm.SCMStatus attribute)
analysis_id (macaron.database.table_definitions.Component attribute)
analysis_time (macaron.database.table_definitions.Analysis attribute)
analyze() (macaron.malware_analyzer.pypi_heuristics.base_analyzer.BaseHeuristicAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.metadata.closer_release_join_date.CloserReleaseJoinDateAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.metadata.empty_project_link.EmptyProjectLinkAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.metadata.high_release_frequency.HighReleaseFrequencyAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.metadata.one_release.OneReleaseAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.metadata.unchanged_release.UnchangedReleaseAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.metadata.unreachable_project_links.UnreachableProjectLinksAnalyzer method)
(macaron.malware_analyzer.pypi_heuristics.sourcecode.suspicious_setup.SuspiciousSetupAnalyzer method)
AnalyzeContext (class in macaron.slsa_analyzer.analyze_context)
analyzed_deps (macaron.output_reporter.results.DepSummary attribute)
Analyzer (class in macaron.slsa_analyzer.analyzer)
Analyzer.AnalysisTarget (class in macaron.slsa_analyzer.analyzer)
annotations (macaron.slsa_analyzer.provenance.intoto.v1.InTotoV1ResourceDescriptor attribute)
api_client (macaron.slsa_analyzer.git_service.api_client.GitHubReleaseAsset attribute)
(macaron.slsa_analyzer.git_service.github.GitHub property)
artifact (macaron.database.table_definitions.HashDigest attribute)
(macaron.database.table_definitions.Provenance attribute)
ARTIFACT (macaron.repo_finder.commit_finder.AbstractPurlType attribute)
artifact_extensions (macaron.slsa_analyzer.provenance.witness.WitnessVerifierConfig attribute)
artifact_id (macaron.database.table_definitions.HashDigest attribute)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAsset attribute)
(macaron.slsa_analyzer.package_registry.npm_registry.NPMAttestationAsset attribute)
artifact_url (macaron.slsa_analyzer.checks.provenance_witness_l1_check.WitnessProvenanceAvailableFacts attribute)
asset (macaron.slsa_analyzer.provenance.provenance.DownloadedProvenanceData property)
(macaron.slsa_analyzer.provenance.slsa.SLSAProvenanceData attribute)
(macaron.slsa_analyzer.provenance.witness.WitnessProvenanceData attribute)
asset_name (macaron.slsa_analyzer.checks.provenance_available_check.ProvenanceAvailableFacts attribute)
asset_url (macaron.slsa_analyzer.checks.provenance_available_check.ProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
(macaron.slsa_analyzer.provenance.expectations.expectation.Expectation attribute)
AssetLocator (class in macaron.slsa_analyzer.asset)
available (macaron.dependency_analyzer.cyclonedx.DependencyInfo attribute)
AVAILABLE (macaron.output_reporter.scm.SCMStatus attribute)
B
BaseAPIClient (class in macaron.slsa_analyzer.git_service.api_client)
BaseBuildTool (class in macaron.slsa_analyzer.build_tool.base_build_tool)
BaseCheck (class in macaron.slsa_analyzer.checks.base_check)
BaseCIService (class in macaron.slsa_analyzer.ci_service.base_ci_service)
BaseGitService (class in macaron.slsa_analyzer.git_service.base_git_service)
BaseHeuristicAnalyzer (class in macaron.malware_analyzer.pypi_heuristics.base_analyzer)
BaseNode (class in macaron.code_analyzer.call_graph)
BaseRepoFinder (class in macaron.repo_finder.repo_finder_base)
BashNode (class in macaron.parsers.bashparser)
BashScriptType (class in macaron.parsers.bashparser)
bfs() (macaron.code_analyzer.call_graph.CallGraph method)
BitBucket (class in macaron.slsa_analyzer.git_service.bitbucket)
branch (macaron.slsa_analyzer.analyzer.Analyzer.AnalysisTarget attribute)
branch_name (macaron.database.table_definitions.Repository attribute)
branch_protection_rule (macaron.parsers.github_workflow_model.On attribute)
BUILD (macaron.slsa_analyzer.slsa_req.Category attribute)
BUILD_AS_CODE (macaron.slsa_analyzer.slsa_req.ReqName attribute)
build_call_graph() (macaron.slsa_analyzer.ci_service.base_ci_service.BaseCIService method)
(macaron.slsa_analyzer.ci_service.base_ci_service.NoneCIService method)
(macaron.slsa_analyzer.ci_service.circleci.CircleCI method)
(macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci.GitHubActions method)
(macaron.slsa_analyzer.ci_service.gitlab_ci.GitLabCI method)
(macaron.slsa_analyzer.ci_service.jenkins.Jenkins method)
(macaron.slsa_analyzer.ci_service.travis.Travis method)
build_call_graph_from_node() (in module macaron.slsa_analyzer.ci_service.github_actions.analyzer)
build_call_graph_from_path() (in module macaron.slsa_analyzer.ci_service.github_actions.analyzer)
build_command (macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
build_level (macaron.slsa_analyzer.checks.provenance_verified_check.ProvenanceVerifiedFacts attribute)
build_log (macaron.slsa_analyzer.specs.build_spec.BuildInfo attribute)
build_log_path (macaron.config.global_config.GlobalConfig attribute)
BUILD_SERVICE (macaron.slsa_analyzer.slsa_req.ReqName attribute)
build_spec (macaron.slsa_analyzer.analyze_context.ChecksOutputs attribute)
build_timeout (macaron.slsa_analyzer.build_tool.base_build_tool.RuntimeOptions attribute)
build_tool (macaron.slsa_analyzer.specs.package_registry_spec.PackageRegistryInfo attribute)
build_tool_command (macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
build_tool_name (macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderFacts attribute)
build_trigger (macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderFacts attribute)
build_type (macaron.slsa_analyzer.checks.provenance_verified_check.ProvenanceVerifiedFacts attribute)
BuildAsCodeCheck (class in macaron.slsa_analyzer.checks.build_as_code_check)
BuildAsCodeFacts (class in macaron.slsa_analyzer.checks.build_as_code_check)
BuildInfo (class in macaron.slsa_analyzer.specs.build_spec)
BuildLanguage (class in macaron.slsa_analyzer.build_tool.language)
BuildScriptCheck (class in macaron.slsa_analyzer.checks.build_script_check)
BuildScriptFacts (class in macaron.slsa_analyzer.checks.build_script_check)
BuildServiceCheck (class in macaron.slsa_analyzer.checks.build_service_check)
BuildServiceFacts (class in macaron.slsa_analyzer.checks.build_service_check)
BuildSpec (class in macaron.slsa_analyzer.specs.build_spec)
BuildToolCommand (class in macaron.slsa_analyzer.build_tool.base_build_tool)
bulk_update_req_status() (macaron.slsa_analyzer.analyze_context.AnalyzeContext method)
C
cache_return (class in macaron.database.database_manager)
CallGraph (class in macaron.code_analyzer.call_graph)
callgraph (macaron.slsa_analyzer.specs.ci_spec.CIInfo attribute)
CallGraphError
CARGO (macaron.repo_finder.repo_finder_deps_dev.DepsDevType attribute)
Category (class in macaron.slsa_analyzer.slsa_req)
check (macaron.slsa_analyzer.checks.check_result.CheckResult attribute)
check_description (macaron.slsa_analyzer.checks.check_result.CheckInfo attribute)
check_id (macaron.database.table_definitions.MappedCheckResult attribute)
(macaron.slsa_analyzer.checks.check_result.CheckInfo attribute)
(macaron.slsa_analyzer.checks.check_result.SkippedInfo attribute)
check_if_input_purl_provenance_conflict() (in module macaron.repo_finder.provenance_extractor)
check_if_input_repo_provenance_conflict() (in module macaron.repo_finder.provenance_extractor)
check_if_repository_purl_and_url_match() (in module macaron.repo_finder.provenance_extractor)
check_info (macaron.slsa_analyzer.checks.base_check.BaseCheck property)
check_out_repo() (macaron.slsa_analyzer.git_service.base_git_service.BaseGitService method)
(macaron.slsa_analyzer.git_service.base_git_service.NoneGitService method)
(macaron.slsa_analyzer.git_service.bitbucket.BitBucket method)
(macaron.slsa_analyzer.git_service.github.GitHub method)
(macaron.slsa_analyzer.git_service.gitlab.GitLab method)
(macaron.slsa_analyzer.git_service.local_repo_git_service.LocalRepoGitService method)
check_out_repo_target() (in module macaron.slsa_analyzer.git_url)
check_rate_limit() (in module macaron.util)
check_result_id (macaron.database.table_definitions.CheckFacts attribute)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
(macaron.slsa_analyzer.checks.detect_malicious_metadata_check.MaliciousMetadataFacts attribute)
(macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineFacts attribute)
(macaron.slsa_analyzer.checks.provenance_available_check.ProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.provenance_commit_check.ProvenanceDerivedCommitFacts attribute)
(macaron.slsa_analyzer.checks.provenance_l3_check.ProvenanceL3VerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_repo_check.ProvenanceDerivedRepoFacts attribute)
(macaron.slsa_analyzer.checks.provenance_verified_check.ProvenanceVerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_witness_l1_check.WitnessProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderFacts attribute)
(macaron.slsa_analyzer.checks.vcs_check.VCSFacts attribute)
(macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
check_run (macaron.parsers.github_workflow_model.On attribute)
check_suite (macaron.parsers.github_workflow_model.On attribute)
check_type (macaron.database.table_definitions.CheckFacts attribute)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
(macaron.slsa_analyzer.checks.detect_malicious_metadata_check.MaliciousMetadataFacts attribute)
(macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineFacts attribute)
(macaron.slsa_analyzer.checks.provenance_available_check.ProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.provenance_commit_check.ProvenanceDerivedCommitFacts attribute)
(macaron.slsa_analyzer.checks.provenance_l3_check.ProvenanceL3VerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_repo_check.ProvenanceDerivedRepoFacts attribute)
(macaron.slsa_analyzer.checks.provenance_verified_check.ProvenanceVerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_witness_l1_check.WitnessProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderFacts attribute)
(macaron.slsa_analyzer.checks.vcs_check.VCSFacts attribute)
(macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
CheckFacts (class in macaron.database.table_definitions)
checkfacts (macaron.database.table_definitions.Component attribute)
(macaron.database.table_definitions.MappedCheckResult attribute)
CheckInfo (class in macaron.slsa_analyzer.checks.check_result)
CheckRegistryError
CheckResult (class in macaron.slsa_analyzer.checks.check_result)
checkresult (macaron.database.table_definitions.CheckFacts attribute)
(macaron.database.table_definitions.Component attribute)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
(macaron.slsa_analyzer.checks.detect_malicious_metadata_check.MaliciousMetadataFacts attribute)
(macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineFacts attribute)
(macaron.slsa_analyzer.checks.provenance_available_check.ProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.provenance_commit_check.ProvenanceDerivedCommitFacts attribute)
(macaron.slsa_analyzer.checks.provenance_l3_check.ProvenanceL3VerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_repo_check.ProvenanceDerivedRepoFacts attribute)
(macaron.slsa_analyzer.checks.provenance_verified_check.ProvenanceVerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_witness_l1_check.WitnessProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderFacts attribute)
(macaron.slsa_analyzer.checks.vcs_check.VCSFacts attribute)
(macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
CheckResultData (class in macaron.slsa_analyzer.checks.check_result)
CheckResultType (class in macaron.slsa_analyzer.checks.check_result)
checks_summary (macaron.output_reporter.results.DepSummary attribute)
ChecksOutputs (class in macaron.slsa_analyzer.analyze_context)
ci_path (macaron.slsa_analyzer.build_tool.base_build_tool.BuildToolCommand attribute)
ci_service_name (macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderFacts attribute)
ci_services (macaron.slsa_analyzer.analyze_context.ChecksOutputs attribute)
CIInfo (class in macaron.slsa_analyzer.specs.ci_spec)
CircleCI (class in macaron.slsa_analyzer.ci_service.circleci)
clean_up_repo_path() (in module macaron.slsa_analyzer.git_url)
clean_url() (in module macaron.slsa_analyzer.git_url)
clear() (macaron.database.database_manager.cache_return method)
clone_remote_repo() (in module macaron.slsa_analyzer.git_url)
clone_repo() (macaron.slsa_analyzer.git_service.base_git_service.BaseGitService method)
(macaron.slsa_analyzer.git_service.base_git_service.NoneGitService method)
(macaron.slsa_analyzer.git_service.bitbucket.BitBucket method)
(macaron.slsa_analyzer.git_service.github.GitHub method)
(macaron.slsa_analyzer.git_service.gitlab.GitLab method)
(macaron.slsa_analyzer.git_service.local_repo_git_service.LocalRepoGitService method)
CloneError
CLOSER_RELEASE_JOIN_DATE (macaron.malware_analyzer.pypi_heuristics.heuristics.Heuristics attribute)
CloserReleaseJoinDateAnalyzer (class in macaron.malware_analyzer.pypi_heuristics.metadata.closer_release_join_date)
collect_dependencies() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer method)
(macaron.dependency_analyzer.cyclonedx.NoneDependencyAnalyzer method)
(macaron.dependency_analyzer.cyclonedx_gradle.CycloneDxGradle method)
(macaron.dependency_analyzer.cyclonedx_mvn.CycloneDxMaven method)
(macaron.dependency_analyzer.cyclonedx_python.CycloneDxPython method)
column_to_souffle_type() (in module macaron.policy_engine.souffle_code_generator)
command (macaron.slsa_analyzer.build_tool.base_build_tool.BuildToolCommand attribute)
command line option
--branch
--config-path
--database
--defaults-path
--digest
--file
--help
,
[1]
,
[2]
,
[3]
--local-repos-path
--output-dir
--package-url
--provenance-expectation
--provenance-file
--repo-path
--sbom-path
--show-prelude
--skip-deps
--template-path
--verbose
--version
-b
-c
-d
,
[1]
-dp
-f
-g
-h
,
[1]
,
[2]
,
[3]
-lr
-o
-pe
-pf
-purl
-rp
-s
-sbom
-V
-v
commit_date (macaron.database.table_definitions.Repository attribute)
commit_info (macaron.slsa_analyzer.checks.provenance_commit_check.ProvenanceDerivedCommitFacts attribute)
commit_sha (macaron.database.table_definitions.Repository attribute)
COMMON (macaron.slsa_analyzer.slsa_req.Category attribute)
complete_name (macaron.database.table_definitions.Repository attribute)
Component (class in macaron.database.table_definitions)
component (macaron.database.table_definitions.Analysis attribute)
(macaron.database.table_definitions.CheckFacts attribute)
(macaron.database.table_definitions.MappedCheckResult attribute)
(macaron.database.table_definitions.Provenance attribute)
(macaron.database.table_definitions.ProvenanceSubject attribute)
(macaron.database.table_definitions.Repository attribute)
(macaron.database.table_definitions.SLSALevel attribute)
(macaron.database.table_definitions.SLSARequirement attribute)
(macaron.slsa_analyzer.analyze_context.AnalyzeContext property)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
(macaron.slsa_analyzer.checks.detect_malicious_metadata_check.MaliciousMetadataFacts attribute)
(macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineFacts attribute)
(macaron.slsa_analyzer.checks.provenance_available_check.ProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.provenance_commit_check.ProvenanceDerivedCommitFacts attribute)
(macaron.slsa_analyzer.checks.provenance_l3_check.ProvenanceL3VerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_repo_check.ProvenanceDerivedRepoFacts attribute)
(macaron.slsa_analyzer.checks.provenance_verified_check.ProvenanceVerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_witness_l1_check.WitnessProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderFacts attribute)
(macaron.slsa_analyzer.checks.vcs_check.VCSFacts attribute)
(macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset attribute)
(macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
component_id (macaron.database.table_definitions.CheckFacts attribute)
(macaron.database.table_definitions.MappedCheckResult attribute)
(macaron.database.table_definitions.Provenance attribute)
(macaron.database.table_definitions.ProvenanceSubject attribute)
(macaron.database.table_definitions.Repository attribute)
(macaron.database.table_definitions.SLSALevel attribute)
(macaron.database.table_definitions.SLSARequirement attribute)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
(macaron.slsa_analyzer.checks.detect_malicious_metadata_check.MaliciousMetadataFacts attribute)
(macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineFacts attribute)
(macaron.slsa_analyzer.checks.provenance_available_check.ProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.provenance_commit_check.ProvenanceDerivedCommitFacts attribute)
(macaron.slsa_analyzer.checks.provenance_l3_check.ProvenanceL3VerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_repo_check.ProvenanceDerivedRepoFacts attribute)
(macaron.slsa_analyzer.checks.provenance_verified_check.ProvenanceVerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_witness_l1_check.WitnessProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderFacts attribute)
(macaron.slsa_analyzer.checks.vcs_check.VCSFacts attribute)
(macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
concurrency (macaron.parsers.github_workflow_model.ReusableWorkflowCallJob attribute)
Confidence (class in macaron.slsa_analyzer.checks.check_result)
confidence (macaron.database.table_definitions.CheckFacts attribute)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
(macaron.slsa_analyzer.checks.detect_malicious_metadata_check.MaliciousMetadataFacts attribute)
(macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineFacts attribute)
(macaron.slsa_analyzer.checks.provenance_available_check.ProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.provenance_commit_check.ProvenanceDerivedCommitFacts attribute)
(macaron.slsa_analyzer.checks.provenance_l3_check.ProvenanceL3VerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_repo_check.ProvenanceDerivedRepoFacts attribute)
(macaron.slsa_analyzer.checks.provenance_verified_check.ProvenanceVerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_witness_l1_check.WitnessProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderFacts attribute)
(macaron.slsa_analyzer.checks.vcs_check.VCSFacts attribute)
(macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
ConfigParser (class in macaron.config.defaults)
Configuration (class in macaron.config.target_config)
ConfigurationError
construct_asset_url() (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
construct_clone_url() (macaron.slsa_analyzer.git_service.gitlab.GitLab method)
construct_file_info_url() (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
construct_folder_info_url() (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
construct_latest_version_url() (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
construct_maven_repository_path() (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
construct_query() (in module macaron.util)
Container (class in macaron.parsers.github_workflow_model)
content (macaron.slsa_analyzer.provenance.intoto.v1.InTotoV1ResourceDescriptor attribute)
(macaron.vsa.vsa.Policy attribute)
context (macaron.output_reporter.results.Record attribute)
convert_components_to_artifacts() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer method)
copy_file() (in module macaron.util)
copy_file_bulk() (in module macaron.util)
copy_prelude() (in module macaron.policy_engine.policy_engine)
copy_to_includes() (macaron.policy_engine.souffle.SouffleWrapper method)
create (macaron.parsers.github_workflow_model.On attribute)
create_bash_node() (in module macaron.parsers.bashparser)
create_defaults() (in module macaron.config.defaults)
create_requirement_status_dict() (in module macaron.slsa_analyzer.slsa_req)
create_tables() (macaron.database.database_manager.DatabaseManager method)
create_third_party_action_model() (in module macaron.slsa_analyzer.ci_service.github_actions.analyzer)
create_view() (in module macaron.database.views)
create_vsa_statement() (in module macaron.vsa.vsa)
CreateView (class in macaron.database.views)
Credentials (class in macaron.parsers.github_workflow_model)
credentials (macaron.parsers.github_workflow_model.Container attribute)
cron (macaron.parsers.github_workflow_model.ScheduleItem attribute)
CUEExpectation (class in macaron.slsa_analyzer.provenance.expectations.cue)
CUEExpectationError
CUERuntimeError
CYCLONEDX_GRADLE (macaron.dependency_analyzer.cyclonedx.DependencyTools attribute)
CYCLONEDX_MAVEN (macaron.dependency_analyzer.cyclonedx.DependencyTools attribute)
CYCLONEDX_PYTHON (macaron.dependency_analyzer.cyclonedx.DependencyTools attribute)
CycloneDxGradle (class in macaron.dependency_analyzer.cyclonedx_gradle)
CycloneDxMaven (class in macaron.dependency_analyzer.cyclonedx_mvn)
CycloneDXParserError
CycloneDxPython (class in macaron.dependency_analyzer.cyclonedx_python)
D
DatabaseManager (class in macaron.database.database_manager)
DBJsonDict (class in macaron.database.db_custom_types)
debug_level (macaron.config.global_config.GlobalConfig attribute)
declarations (macaron.policy_engine.souffle_code_generator.SouffleProgram attribute)
default (macaron.parsers.github_workflow_model.Inputs attribute)
(macaron.parsers.github_workflow_model.Inputs1 attribute)
Defaults (class in macaron.parsers.github_workflow_model)
delete (macaron.parsers.github_workflow_model.On attribute)
dep_status (macaron.output_reporter.results.DepSummary attribute)
dependencies (macaron.database.table_definitions.Component attribute)
(macaron.output_reporter.results.Record attribute)
DependencyAnalyzer (class in macaron.dependency_analyzer.cyclonedx)
DependencyAnalyzerError
DependencyInfo (class in macaron.dependency_analyzer.cyclonedx)
DependencyTools (class in macaron.dependency_analyzer.cyclonedx)
depends_on (macaron.slsa_analyzer.checks.base_check.BaseCheck property)
deploy_command (macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
deploy_job (macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineFacts attribute)
deploy_step (macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineFacts attribute)
deployment (macaron.parsers.github_workflow_model.On attribute)
deployment_status (macaron.parsers.github_workflow_model.On attribute)
deprecationMessage (macaron.parsers.github_workflow_model.Inputs attribute)
(macaron.parsers.github_workflow_model.Inputs1 attribute)
DepsDevRepoFinder (class in macaron.repo_finder.repo_finder_deps_dev)
DepsDevType (class in macaron.repo_finder.repo_finder_deps_dev)
DepSummary (class in macaron.output_reporter.results)
description (macaron.output_reporter.results.Record attribute)
(macaron.parsers.github_workflow_model.Inputs attribute)
(macaron.parsers.github_workflow_model.Inputs1 attribute)
(macaron.parsers.github_workflow_model.Secrets attribute)
(macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
(macaron.slsa_analyzer.provenance.expectations.expectation.Expectation attribute)
deserialize_bom_json() (in module macaron.dependency_analyzer.cyclonedx)
detail_information (macaron.slsa_analyzer.checks.detect_malicious_metadata_check.MaliciousMetadataFacts attribute)
DetectMaliciousMetadataCheck (class in macaron.slsa_analyzer.checks.detect_malicious_metadata_check)
determine_abstract_purl_type() (in module macaron.repo_finder.commit_finder)
digest (macaron.database.table_definitions.HashDigest attribute)
(macaron.slsa_analyzer.analyzer.Analyzer.AnalysisTarget attribute)
(macaron.slsa_analyzer.provenance.intoto.v01.InTotoV01Subject attribute)
(macaron.slsa_analyzer.provenance.intoto.v1.InTotoV1ResourceDescriptor attribute)
digest_algorithm (macaron.database.table_definitions.HashDigest attribute)
digests (macaron.database.table_definitions.ReleaseArtifact attribute)
directives (macaron.policy_engine.souffle_code_generator.SouffleProgram attribute)
DISABLED (macaron.slsa_analyzer.checks.check_result.CheckResultType attribute)
discussion (macaron.parsers.github_workflow_model.On attribute)
discussion_comment (macaron.parsers.github_workflow_model.On attribute)
Docker (class in macaron.slsa_analyzer.build_tool.docker)
DOCKER (macaron.slsa_analyzer.build_tool.language.BuildLanguage attribute)
download() (macaron.slsa_analyzer.asset.AssetLocator method)
(macaron.slsa_analyzer.asset.VirtualReleaseAsset method)
(macaron.slsa_analyzer.git_service.api_client.GitHubReleaseAsset method)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAsset method)
(macaron.slsa_analyzer.package_registry.npm_registry.NPMAttestationAsset method)
(macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset method)
download_asset() (macaron.slsa_analyzer.git_service.api_client.BaseAPIClient method)
(macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
download_attestation_payload() (macaron.slsa_analyzer.package_registry.npm_registry.NPMRegistry method)
download_github_build_log() (in module macaron.util)
download_location (macaron.slsa_analyzer.provenance.intoto.v1.InTotoV1ResourceDescriptor attribute)
download_package_json() (macaron.slsa_analyzer.package_registry.pypi_registry.PyPIRegistry method)
download_provenances_from_github_actions_ci_service() (in module macaron.repo_finder.provenance_finder)
download_uri (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAssetMetadata attribute)
DownloadedProvenanceData (class in macaron.slsa_analyzer.provenance.provenance)
DropView (class in macaron.database.views)
DuplicateCmpError
DUPLICATED_SCM (macaron.output_reporter.scm.SCMStatus attribute)
DuplicateError
dynamic_data (macaron.slsa_analyzer.analyze_context.AnalyzeContext property)
E
EMPTY_PROJECT_LINK (macaron.malware_analyzer.pypi_heuristics.heuristics.Heuristics attribute)
EmptyProjectLinkAnalyzer (class in macaron.malware_analyzer.pypi_heuristics.metadata.empty_project_link)
env (macaron.parsers.github_workflow_model.Container attribute)
Environment (class in macaron.parsers.github_workflow_model)
EPHEMERAL_ENVIRONMENT (macaron.slsa_analyzer.slsa_req.ReqName attribute)
eval_reqs (macaron.slsa_analyzer.checks.check_result.CheckInfo attribute)
evaluated (macaron.slsa_analyzer.provenance.expectations.expectation_registry.ExpectationRegistry attribute)
events (macaron.slsa_analyzer.build_tool.base_build_tool.BuildToolCommand attribute)
Evidence (class in macaron.slsa_analyzer.checks.check_result)
EvidenceWeightMap (class in macaron.slsa_analyzer.checks.check_result)
Expectation (class in macaron.slsa_analyzer.provenance.expectations.expectation)
expectation (macaron.slsa_analyzer.analyze_context.ChecksOutputs attribute)
EXPECTATION (macaron.slsa_analyzer.slsa_req.ReqName attribute)
expectation_paths (macaron.config.global_config.GlobalConfig attribute)
expectation_type (macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
(macaron.slsa_analyzer.provenance.expectations.expectation.Expectation attribute)
ExpectationRegistry (class in macaron.slsa_analyzer.provenance.expectations.expectation_registry)
ExpectationRuntimeError
expectations (macaron.slsa_analyzer.provenance.expectations.expectation_registry.ExpectationRegistry attribute)
EXTERNAL (macaron.slsa_analyzer.ci_service.github_actions.analyzer.GitHubWorkflowType attribute)
extract_asset_metadata_from_file_info_payload() (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
extract_build_artifacts_from_slsa_subjects() (in module macaron.slsa_analyzer.provenance.slsa)
extract_build_artifacts_from_witness_subjects() (in module macaron.slsa_analyzer.provenance.witness)
extract_commit_from_version() (in module macaron.repo_finder.commit_finder)
extract_file_names_from_folder_info_payload() (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
extract_folder_names_from_folder_info_payload() (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
extract_from_ast() (macaron.malware_analyzer.pypi_heuristics.sourcecode.suspicious_setup.SuspiciousSetupAnalyzer method)
extract_from_lines() (macaron.malware_analyzer.pypi_heuristics.sourcecode.suspicious_setup.SuspiciousSetupAnalyzer method)
extract_repo_and_commit_from_provenance() (in module macaron.repo_finder.provenance_extractor)
extract_repo_url() (in module macaron.slsa_analyzer.provenance.witness)
(macaron.slsa_analyzer.provenance.witness.attestor.GitLabWitnessAttestor method)
(macaron.slsa_analyzer.provenance.witness.attestor.RepoAttestor method)
extract_repo_url_intoto_v01() (macaron.slsa_analyzer.provenance.witness.attestor.GitLabWitnessAttestor method)
F
FAIL (macaron.malware_analyzer.pypi_heuristics.heuristics.HeuristicResult attribute)
FAILED (macaron.slsa_analyzer.checks.check_result.CheckResultType attribute)
(macaron.vsa.vsa.VerificationResult attribute)
feedback (macaron.database.table_definitions.SLSARequirement attribute)
fetch_artifact_ids() (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
fetch_asset_metadata() (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
fetch_asset_names() (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
fetch_assets() (macaron.slsa_analyzer.git_service.api_client.BaseAPIClient method)
(macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
fetch_latest_version() (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
FILE (macaron.parsers.bashparser.BashScriptType attribute)
file_exists() (in module macaron.slsa_analyzer.build_tool.base_build_tool)
FileReporter (class in macaron.output_reporter.reporter)
filter_extensions (in module macaron.output_reporter.jinja2_extensions)
find_commit() (in module macaron.repo_finder.commit_finder)
find_commit_from_version_and_name() (in module macaron.repo_finder.commit_finder)
find_ctx() (macaron.output_reporter.results.Report method)
find_expression_variables() (in module macaron.slsa_analyzer.ci_service.github_actions.analyzer)
find_gav_provenance() (in module macaron.repo_finder.provenance_finder)
find_language_setup_action() (in module macaron.slsa_analyzer.ci_service.github_actions.analyzer)
find_npm_provenance() (in module macaron.repo_finder.provenance_finder)
find_provenance() (macaron.repo_finder.provenance_finder.ProvenanceFinder method)
find_provenance_from_ci() (in module macaron.repo_finder.provenance_finder)
find_publish_timestamp() (macaron.slsa_analyzer.package_registry.maven_central_registry.MavenCentralRegistry method)
find_repo() (in module macaron.repo_finder.repo_finder)
(macaron.repo_finder.repo_finder_base.BaseRepoFinder method)
(macaron.repo_finder.repo_finder_deps_dev.DepsDevRepoFinder method)
(macaron.repo_finder.repo_finder_java.JavaRepoFinder method)
find_valid_repository_url() (in module macaron.repo_finder.repo_validator)
fork (macaron.parsers.github_workflow_model.On attribute)
found (macaron.slsa_analyzer.checks.check_result.Evidence attribute)
from_purl_and_provenance() (macaron.database.table_definitions.ProvenanceSubject class method)
fs_path (macaron.database.table_definitions.Repository attribute)
full_name (macaron.database.table_definitions.Repository attribute)
G
generate() (macaron.output_reporter.reporter.FileReporter method)
(macaron.output_reporter.reporter.HTMLReporter method)
(macaron.output_reporter.reporter.JSONReporter method)
(macaron.output_reporter.reporter.PolicyReporter method)
generate_reports() (macaron.slsa_analyzer.analyzer.Analyzer method)
generate_vsa() (in module macaron.vsa.vsa)
get() (macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
get_all_checks_mapping() (macaron.slsa_analyzer.registry.Registry static method)
get_all_checks_relationships() (macaron.slsa_analyzer.registry.Registry static method)
get_allowed_git_service_hostnames() (in module macaron.slsa_analyzer.git_url)
get_analyze_ctx() (macaron.slsa_analyzer.analyzer.Analyzer method)
get_branches_containing_commit() (in module macaron.slsa_analyzer.git_url)
get_build_dirs() (macaron.slsa_analyzer.build_tool.base_build_tool.BaseBuildTool method)
get_build_tool_commands() (macaron.slsa_analyzer.ci_service.base_ci_service.BaseCIService method)
(macaron.slsa_analyzer.ci_service.base_ci_service.NoneCIService method)
(macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci.GitHubActions method)
get_check_execution_order() (macaron.slsa_analyzer.registry.Registry method)
get_check_summary() (macaron.slsa_analyzer.analyze_context.AnalyzeContext method)
get_children() (macaron.slsa_analyzer.registry.Registry method)
get_ci_events() (in module macaron.slsa_analyzer.ci_service.github_actions.analyzer)
get_cmd() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer method)
(macaron.dependency_analyzer.cyclonedx.NoneDependencyAnalyzer method)
(macaron.dependency_analyzer.cyclonedx_gradle.CycloneDxGradle method)
(macaron.dependency_analyzer.cyclonedx_mvn.CycloneDxMaven method)
(macaron.dependency_analyzer.cyclonedx_python.CycloneDxPython method)
get_commit_data_from_hash() (macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
get_common_purl_from_artifact_purls() (in module macaron.vsa.vsa)
get_components_passing_policy() (in module macaron.vsa.vsa)
get_ctxs() (macaron.output_reporter.results.Report method)
get_default_branch() (in module macaron.slsa_analyzer.git_url)
get_default_gh_client() (in module macaron.slsa_analyzer.git_service.api_client)
get_dep_analyzer() (macaron.slsa_analyzer.build_tool.base_build_tool.BaseBuildTool method)
(macaron.slsa_analyzer.build_tool.docker.Docker method)
(macaron.slsa_analyzer.build_tool.go.Go method)
(macaron.slsa_analyzer.build_tool.gradle.Gradle method)
(macaron.slsa_analyzer.build_tool.maven.Maven method)
(macaron.slsa_analyzer.build_tool.npm.NPM method)
(macaron.slsa_analyzer.build_tool.pip.Pip method)
(macaron.slsa_analyzer.build_tool.poetry.Poetry method)
(macaron.slsa_analyzer.build_tool.yarn.Yarn method)
get_dep_components() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer method)
get_dep_summary() (macaron.output_reporter.results.Record method)
get_dependencies() (macaron.output_reporter.results.Report method)
get_deps_from_sbom() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer method)
get_dict() (macaron.output_reporter.results.Record method)
(macaron.slsa_analyzer.analyze_context.AnalyzeContext method)
get_expectation_for_target() (macaron.slsa_analyzer.provenance.expectations.expectation_registry.ExpectationRegistry method)
get_fact_declarations() (in module macaron.policy_engine.souffle_code_generator)
get_fact_input_statements() (in module macaron.policy_engine.souffle_code_generator)
get_file_link() (macaron.slsa_analyzer.git_service.api_client.BaseAPIClient method)
(macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
get_final_checks() (macaron.slsa_analyzer.registry.Registry method)
get_generated() (in module macaron.policy_engine.policy_engine)
get_git_service() (macaron.slsa_analyzer.analyzer.Analyzer static method)
get_gradle_exec() (macaron.slsa_analyzer.build_tool.gradle.Gradle method)
get_group_id() (macaron.slsa_analyzer.build_tool.gradle.Gradle method)
get_job_build_log() (macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
get_latest_release() (macaron.slsa_analyzer.git_service.api_client.BaseAPIClient method)
(macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
get_latest_release_upload_time() (macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset method)
get_latest_version() (macaron.slsa_analyzer.package_registry.npm_registry.NPMRegistry method)
(macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset method)
get_list() (macaron.config.defaults.ConfigParser method)
get_maintainer_join_date() (macaron.slsa_analyzer.package_registry.pypi_registry.PyPIRegistry method)
get_maintainer_profile_page() (macaron.slsa_analyzer.package_registry.pypi_registry.PyPIRegistry method)
get_maintainers_of_package() (macaron.slsa_analyzer.package_registry.pypi_registry.PyPIRegistry method)
get_max_score() (macaron.slsa_analyzer.checks.check_result.EvidenceWeightMap method)
get_package_page() (macaron.slsa_analyzer.package_registry.pypi_registry.PyPIRegistry method)
get_parents() (macaron.slsa_analyzer.registry.Registry method)
get_patched_env() (in module macaron.environment_variables)
get_project_links() (macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset method)
get_purl_from_cdx_component() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer method)
(macaron.dependency_analyzer.cyclonedx.NoneDependencyAnalyzer method)
(macaron.dependency_analyzer.cyclonedx_gradle.CycloneDxGradle method)
(macaron.dependency_analyzer.cyclonedx_mvn.CycloneDxMaven method)
(macaron.dependency_analyzer.cyclonedx_python.CycloneDxPython method)
get_reachable_nodes() (macaron.slsa_analyzer.registry.Registry static method)
get_reachable_secrets() (in module macaron.slsa_analyzer.ci_service.github_actions.analyzer)
get_records() (macaron.output_reporter.results.Report method)
get_relative_path_of_workflow() (macaron.slsa_analyzer.git_service.api_client.BaseAPIClient method)
(macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
get_release_by_tag() (macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
get_releases() (macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset method)
get_remote_origin_of_local_repo() (in module macaron.slsa_analyzer.git_url)
get_remote_vcs_url() (in module macaron.slsa_analyzer.git_url)
get_repo_complete_name_from_url() (in module macaron.slsa_analyzer.git_url)
get_repo_data() (macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
get_repo_dir_name() (in module macaron.slsa_analyzer.git_url)
get_repo_full_name_from_url() (in module macaron.slsa_analyzer.git_url)
get_repo_name_from_url() (in module macaron.slsa_analyzer.git_url)
get_repo_workflow_data() (macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
get_result_as_bool() (in module macaron.slsa_analyzer.checks.check_result)
get_root() (macaron.code_analyzer.call_graph.CallGraph method)
get_root_component() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer method)
get_run_step() (in module macaron.parsers.actionparser)
get_score() (macaron.slsa_analyzer.checks.check_result.EvidenceWeightMap method)
get_serialized_configs() (macaron.output_reporter.results.Report method)
get_slsa_level_table() (macaron.slsa_analyzer.analyze_context.AnalyzeContext method)
get_souffle_import_prelude() (in module macaron.policy_engine.souffle_code_generator)
get_sourcecode_url() (macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset method)
get_step_input() (in module macaron.parsers.actionparser)
get_subject_in_provenance_matching_purl() (macaron.slsa_analyzer.provenance.intoto.ProvenanceSubjectPURLMatcher static method)
get_summary() (macaron.output_reporter.results.Record method)
(macaron.slsa_analyzer.checks.check_result.CheckResult method)
get_table_rules_per_column() (in module macaron.policy_engine.souffle_code_generator)
get_target() (in module macaron.slsa_analyzer.provenance.expectations.cue.cue_validator)
get_target_cdx_component() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer method)
get_third_party_configurations() (macaron.slsa_analyzer.ci_service.base_ci_service.BaseCIService method)
(macaron.slsa_analyzer.ci_service.base_ci_service.NoneCIService method)
(macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci.GitHubActions method)
get_tuple() (macaron.slsa_analyzer.slsa_req.SLSAReqStatus method)
get_value() (macaron.config.target_config.Configuration method)
get_workflow_run_for_date_time_range() (macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
get_workflow_run_jobs() (macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
get_workflow_runs() (macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
get_workflows() (macaron.slsa_analyzer.ci_service.base_ci_service.BaseCIService method)
(macaron.slsa_analyzer.ci_service.base_ci_service.NoneCIService method)
(macaron.slsa_analyzer.ci_service.circleci.CircleCI method)
(macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci.GitHubActions method)
(macaron.slsa_analyzer.ci_service.gitlab_ci.GitLabCI method)
(macaron.slsa_analyzer.ci_service.jenkins.Jenkins method)
(macaron.slsa_analyzer.ci_service.travis.Travis method)
gh_token (macaron.config.global_config.GlobalConfig attribute)
GhAPIClient (class in macaron.slsa_analyzer.git_service.api_client)
git_repo (macaron.slsa_analyzer.checks.vcs_check.VCSFacts attribute)
GIT_REPOS_DIR (macaron.slsa_analyzer.analyzer.Analyzer attribute)
git_service (macaron.slsa_analyzer.analyze_context.ChecksOutputs attribute)
GitHub (class in macaron.slsa_analyzer.git_service.github)
GitHubActions (class in macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci)
GitHubActionsValueError
GitHubJobNode (class in macaron.slsa_analyzer.ci_service.github_actions.analyzer)
GitHubReleaseAsset (class in macaron.slsa_analyzer.git_service.api_client)
GitHubWorkflowNode (class in macaron.slsa_analyzer.ci_service.github_actions.analyzer)
GitHubWorkflowType (class in macaron.slsa_analyzer.ci_service.github_actions.analyzer)
GitLab (class in macaron.slsa_analyzer.git_service.gitlab)
GitLabCI (class in macaron.slsa_analyzer.ci_service.gitlab_ci)
GitLabWitnessAttestor (class in macaron.slsa_analyzer.provenance.witness.attestor)
gl_self_host_token (macaron.config.global_config.GlobalConfig attribute)
gl_token (macaron.config.global_config.GlobalConfig attribute)
global_config (in module macaron.config.global_config)
GlobalConfig (class in macaron.config.global_config)
Go (class in macaron.slsa_analyzer.build_tool.go)
GO (macaron.slsa_analyzer.build_tool.language.BuildLanguage attribute)
gollum (macaron.parsers.github_workflow_model.On attribute)
GraalVMSetup (class in macaron.slsa_analyzer.ci_service.github_actions.analyzer)
Gradle (class in macaron.slsa_analyzer.build_tool.gradle)
group (macaron.parsers.github_workflow_model.RunsOn attribute)
group_id (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAsset attribute)
H
has_callee() (macaron.code_analyzer.call_graph.BaseNode method)
has_kws_in_config() (macaron.slsa_analyzer.ci_service.base_ci_service.BaseCIService method)
has_kws_in_log() (macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci.GitHubActions method)
has_latest_run_passed() (macaron.slsa_analyzer.ci_service.base_ci_service.BaseCIService method)
(macaron.slsa_analyzer.ci_service.base_ci_service.NoneCIService method)
(macaron.slsa_analyzer.ci_service.circleci.CircleCI method)
(macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci.GitHubActions method)
(macaron.slsa_analyzer.ci_service.gitlab_ci.GitLabCI method)
(macaron.slsa_analyzer.ci_service.jenkins.Jenkins method)
(macaron.slsa_analyzer.ci_service.travis.Travis method)
HashDigest (class in macaron.database.table_definitions)
HERMETIC (macaron.slsa_analyzer.slsa_req.ReqName attribute)
HeuristicResult (class in macaron.malware_analyzer.pypi_heuristics.heuristics)
Heuristics (class in macaron.malware_analyzer.pypi_heuristics.heuristics)
HIGH (macaron.slsa_analyzer.checks.check_result.Confidence attribute)
HIGH_RELEASE_FREQUENCY (macaron.malware_analyzer.pypi_heuristics.heuristics.Heuristics attribute)
HighReleaseFrequencyAnalyzer (class in macaron.malware_analyzer.pypi_heuristics.metadata.high_release_frequency)
HREF (macaron.slsa_analyzer.checks.check_result.JustificationType attribute)
HTMLReporter (class in macaron.output_reporter.reporter)
I
id (macaron.database.table_definitions.Analysis attribute)
(macaron.database.table_definitions.CheckFacts attribute)
(macaron.database.table_definitions.Component attribute)
(macaron.database.table_definitions.HashDigest attribute)
(macaron.database.table_definitions.MappedCheckResult attribute)
(macaron.database.table_definitions.Provenance attribute)
(macaron.database.table_definitions.ProvenanceSubject attribute)
(macaron.database.table_definitions.ReleaseArtifact attribute)
(macaron.database.table_definitions.Repository attribute)
(macaron.database.table_definitions.SLSARequirement attribute)
(macaron.parsers.github_workflow_model.Identified attribute)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
(macaron.slsa_analyzer.checks.detect_malicious_metadata_check.MaliciousMetadataFacts attribute)
(macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineFacts attribute)
(macaron.slsa_analyzer.checks.provenance_available_check.ProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.provenance_commit_check.ProvenanceDerivedCommitFacts attribute)
(macaron.slsa_analyzer.checks.provenance_l3_check.ProvenanceL3VerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_repo_check.ProvenanceDerivedRepoFacts attribute)
(macaron.slsa_analyzer.checks.provenance_verified_check.ProvenanceVerifiedFacts attribute)
(macaron.slsa_analyzer.checks.provenance_witness_l1_check.WitnessProvenanceAvailableFacts attribute)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderFacts attribute)
(macaron.slsa_analyzer.checks.vcs_check.VCSFacts attribute)
(macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
(macaron.vsa.vsa.Verifier attribute)
Identified (class in macaron.parsers.github_workflow_model)
if (macaron.parsers.github_workflow_model.ReusableWorkflowCallJob attribute)
image (macaron.parsers.github_workflow_model.Container attribute)
impl (macaron.database.db_custom_types.DBJsonDict attribute)
(macaron.database.db_custom_types.RFC3339DateTime attribute)
infer_confidence_deploy_command() (macaron.slsa_analyzer.build_tool.base_build_tool.BaseBuildTool method)
InferArtifactPipelineCheck (class in macaron.slsa_analyzer.checks.infer_artifact_pipeline_check)
InferArtifactPipelineFacts (class in macaron.slsa_analyzer.checks.infer_artifact_pipeline_check)
INLINE (macaron.parsers.bashparser.BashScriptType attribute)
Inputs (class in macaron.parsers.github_workflow_model)
inputs (macaron.parsers.github_workflow_model.WorkflowCall attribute)
(macaron.parsers.github_workflow_model.WorkflowDispatch attribute)
Inputs1 (class in macaron.parsers.github_workflow_model)
INTERNAL (macaron.slsa_analyzer.ci_service.github_actions.analyzer.GitHubWorkflowType attribute)
interpret_file() (macaron.policy_engine.souffle.SouffleWrapper method)
interpret_text() (macaron.policy_engine.souffle.SouffleWrapper method)
InTotoAttestationError
InTotoV01Payload (class in macaron.slsa_analyzer.provenance.intoto)
InTotoV01Statement (class in macaron.slsa_analyzer.provenance.intoto.v01)
InTotoV01Subject (class in macaron.slsa_analyzer.provenance.intoto.v01)
InTotoV1Payload (class in macaron.slsa_analyzer.provenance.intoto)
InTotoV1ResourceDescriptor (class in macaron.slsa_analyzer.provenance.intoto.v1)
InTotoV1Statement (class in macaron.slsa_analyzer.provenance.intoto.v1)
InvalidAnalysisTargetError
InvalidExpectationError
InvalidHTTPResponseError
InvalidPURLError
is_action_step() (in module macaron.parsers.github_workflow_model)
is_build_command() (macaron.slsa_analyzer.build_tool.base_build_tool.BaseBuildTool method)
is_deploy_command() (macaron.slsa_analyzer.build_tool.base_build_tool.BaseBuildTool method)
(macaron.slsa_analyzer.build_tool.npm.NPM method)
(macaron.slsa_analyzer.build_tool.pip.Pip method)
(macaron.slsa_analyzer.build_tool.poetry.Poetry method)
(macaron.slsa_analyzer.build_tool.yarn.Yarn method)
is_detected() (macaron.slsa_analyzer.build_tool.base_build_tool.BaseBuildTool method)
(macaron.slsa_analyzer.build_tool.docker.Docker method)
(macaron.slsa_analyzer.build_tool.go.Go method)
(macaron.slsa_analyzer.build_tool.gradle.Gradle method)
(macaron.slsa_analyzer.build_tool.maven.Maven method)
(macaron.slsa_analyzer.build_tool.npm.NPM method)
(macaron.slsa_analyzer.build_tool.pip.Pip method)
(macaron.slsa_analyzer.build_tool.poetry.Poetry method)
(macaron.slsa_analyzer.build_tool.yarn.Yarn method)
(macaron.slsa_analyzer.ci_service.base_ci_service.BaseCIService method)
(macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci.GitHubActions method)
(macaron.slsa_analyzer.git_service.base_git_service.BaseGitService method)
(macaron.slsa_analyzer.git_service.base_git_service.NoneGitService method)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
(macaron.slsa_analyzer.package_registry.maven_central_registry.MavenCentralRegistry method)
(macaron.slsa_analyzer.package_registry.npm_registry.NPMRegistry method)
(macaron.slsa_analyzer.package_registry.package_registry.PackageRegistry method)
(macaron.slsa_analyzer.package_registry.pypi_registry.PyPIRegistry method)
is_empty_repo() (in module macaron.slsa_analyzer.git_url)
is_expression() (in module macaron.slsa_analyzer.ci_service.github_actions.analyzer)
is_inferred_prov (macaron.slsa_analyzer.analyze_context.ChecksOutputs attribute)
is_inferred_provenance (macaron.slsa_analyzer.analyze_context.AnalyzeContext property)
is_normal_job() (in module macaron.parsers.github_workflow_model)
is_package_command() (macaron.slsa_analyzer.build_tool.base_build_tool.BaseBuildTool method)
(macaron.slsa_analyzer.build_tool.npm.NPM method)
(macaron.slsa_analyzer.build_tool.pip.Pip method)
(macaron.slsa_analyzer.build_tool.poetry.Poetry method)
(macaron.slsa_analyzer.build_tool.yarn.Yarn method)
is_parsed_obj_action_step() (in module macaron.slsa_analyzer.ci_service.github_actions.analyzer)
is_parsed_obj_reusable_workflow_call_job() (in module macaron.slsa_analyzer.ci_service.github_actions.analyzer)
is_parsed_obj_workflow() (in module macaron.slsa_analyzer.ci_service.github_actions.analyzer)
is_remote_repo() (in module macaron.slsa_analyzer.git_url)
is_reusable_workflow_call_job() (in module macaron.parsers.github_workflow_model)
is_run_step() (in module macaron.parsers.github_workflow_model)
is_slsa_provenance_payload() (in module macaron.slsa_analyzer.provenance.slsa)
is_valid_digest_set() (in module macaron.slsa_analyzer.provenance.intoto.v01)
(in module macaron.slsa_analyzer.provenance.intoto.v1)
is_witness_provenance_payload() (in module macaron.slsa_analyzer.provenance.witness)
ISOLATED (macaron.slsa_analyzer.slsa_req.ReqName attribute)
issue_comment (macaron.parsers.github_workflow_model.On attribute)
issues (macaron.parsers.github_workflow_model.On attribute)
J
j2_filter_get_check_result_color() (in module macaron.output_reporter.jinja2_extensions)
j2_filter_get_dep_status_color() (in module macaron.output_reporter.jinja2_extensions)
j2_filter_get_flatten_dict() (in module macaron.output_reporter.jinja2_extensions)
j2_filter_get_headers() (in module macaron.output_reporter.jinja2_extensions)
j2_test_list() (in module macaron.output_reporter.jinja2_extensions)
j2_test_python_enum() (in module macaron.output_reporter.jinja2_extensions)
JAVA (macaron.slsa_analyzer.build_tool.language.BuildLanguage attribute)
JavaRepoFinder (class in macaron.repo_finder.repo_finder_java)
JAVASCRIPT (macaron.slsa_analyzer.build_tool.language.BuildLanguage attribute)
Jenkins (class in macaron.slsa_analyzer.ci_service.jenkins)
jfrog_maven_registry (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAsset attribute)
JFrogMavenAsset (class in macaron.slsa_analyzer.package_registry.jfrog_maven_registry)
JFrogMavenAssetMetadata (class in macaron.slsa_analyzer.package_registry.jfrog_maven_registry)
JFrogMavenRegistry (class in macaron.slsa_analyzer.package_registry.jfrog_maven_registry)
json_extract() (in module macaron.json_tools)
JSONReporter (class in macaron.output_reporter.reporter)
justification_report (macaron.slsa_analyzer.checks.check_result.CheckResultData property)
JustificationType (class in macaron.slsa_analyzer.checks.check_result)
L
label (macaron.parsers.github_workflow_model.On attribute)
labels (macaron.parsers.github_workflow_model.RunsOn attribute)
lang_distributions (macaron.slsa_analyzer.build_tool.language.Language property)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.GraalVMSetup property)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.OracleSetupJava property)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.SetupJava property)
lang_name (macaron.slsa_analyzer.build_tool.language.Language property)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.GraalVMSetup property)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.OracleSetupJava property)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.SetupJava property)
lang_url (macaron.slsa_analyzer.build_tool.language.Language property)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.GraalVMSetup property)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.OracleSetupJava property)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.SetupJava property)
lang_versions (macaron.slsa_analyzer.build_tool.language.Language property)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.GraalVMSetup property)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.OracleSetupJava property)
(macaron.slsa_analyzer.ci_service.github_actions.analyzer.SetupJava property)
Language (class in macaron.slsa_analyzer.build_tool.language)
language (macaron.slsa_analyzer.build_tool.base_build_tool.BuildToolCommand attribute)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
language_distributions (macaron.slsa_analyzer.build_tool.base_build_tool.BuildToolCommand attribute)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
language_url (macaron.slsa_analyzer.build_tool.base_build_tool.BuildToolCommand attribute)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
language_versions (macaron.slsa_analyzer.build_tool.base_build_tool.BuildToolCommand attribute)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeFacts attribute)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptFacts attribute)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceFacts attribute)
LEVEL0 (macaron.slsa_analyzer.levels.SLSALevels attribute)
LEVEL1 (macaron.slsa_analyzer.levels.SLSALevels attribute)
LEVEL2 (macaron.slsa_analyzer.levels.SLSALevels attribute)
LEVEL3 (macaron.slsa_analyzer.levels.SLSALevels attribute)
LEVEL4 (macaron.slsa_analyzer.levels.SLSALevels attribute)
load() (macaron.config.global_config.GlobalConfig method)
(macaron.parsers.yaml.loader.YamlLoader class method)
load_csv_output() (macaron.policy_engine.souffle.SouffleWrapper method)
load_defaults() (in module macaron.config.defaults)
(macaron.slsa_analyzer.build_tool.base_build_tool.BaseBuildTool method)
(macaron.slsa_analyzer.build_tool.docker.Docker method)
(macaron.slsa_analyzer.build_tool.go.Go method)
(macaron.slsa_analyzer.build_tool.gradle.Gradle method)
(macaron.slsa_analyzer.build_tool.maven.Maven method)
(macaron.slsa_analyzer.build_tool.npm.NPM method)
(macaron.slsa_analyzer.build_tool.pip.Pip method)
(macaron.slsa_analyzer.build_tool.poetry.Poetry method)
(macaron.slsa_analyzer.build_tool.yarn.Yarn method)
(macaron.slsa_analyzer.ci_service.base_ci_service.BaseCIService method)
(macaron.slsa_analyzer.ci_service.base_ci_service.NoneCIService method)
(macaron.slsa_analyzer.ci_service.circleci.CircleCI method)
(macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci.GitHubActions method)
(macaron.slsa_analyzer.ci_service.gitlab_ci.GitLabCI method)
(macaron.slsa_analyzer.ci_service.jenkins.Jenkins method)
(macaron.slsa_analyzer.ci_service.travis.Travis method)
(macaron.slsa_analyzer.git_service.base_git_service.BaseGitService method)
(macaron.slsa_analyzer.git_service.base_git_service.NoneGitService method)
(macaron.slsa_analyzer.git_service.bitbucket.BitBucket method)
(macaron.slsa_analyzer.git_service.github.GitHub method)
(macaron.slsa_analyzer.git_service.gitlab.GitLab method)
(macaron.slsa_analyzer.git_service.gitlab.PubliclyHostedGitLab method)
(macaron.slsa_analyzer.git_service.gitlab.SelfHostedGitLab method)
(macaron.slsa_analyzer.git_service.local_repo_git_service.LocalRepoGitService method)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenRegistry method)
(macaron.slsa_analyzer.package_registry.maven_central_registry.MavenCentralRegistry method)
(macaron.slsa_analyzer.package_registry.npm_registry.NPMRegistry method)
(macaron.slsa_analyzer.package_registry.package_registry.PackageRegistry method)
(macaron.slsa_analyzer.package_registry.pypi_registry.PyPIRegistry method)
load_expectation_files() (macaron.config.global_config.GlobalConfig method)
load_hostname() (macaron.slsa_analyzer.git_service.base_git_service.BaseGitService method)
load_provenance_file() (in module macaron.slsa_analyzer.provenance.loader)
load_provenance_payload() (in module macaron.slsa_analyzer.provenance.loader)
load_python_venv() (macaron.config.global_config.GlobalConfig method)
load_witness_verifier_config() (in module macaron.slsa_analyzer.provenance.witness)
LoadIntotoAttestationError
local_repos_path (macaron.config.global_config.GlobalConfig attribute)
LocalRepoGitService (class in macaron.slsa_analyzer.git_service.local_repo_git_service)
LOW (macaron.slsa_analyzer.checks.check_result.Confidence attribute)
M
macaron
module
macaron.code_analyzer
module
macaron.code_analyzer.call_graph
module
macaron.config
module
macaron.config.defaults
module
macaron.config.global_config
module
macaron.config.target_config
module
macaron.database
module
macaron.database.database_manager
module
macaron.database.db_custom_types
module
macaron.database.table_definitions
module
macaron.database.views
module
macaron.dependency_analyzer
module
macaron.dependency_analyzer.cyclonedx
module
macaron.dependency_analyzer.cyclonedx_gradle
module
macaron.dependency_analyzer.cyclonedx_mvn
module
macaron.dependency_analyzer.cyclonedx_python
module
macaron.environment_variables
module
macaron.errors
module
macaron.json_tools
module
macaron.malware_analyzer
module
macaron.malware_analyzer.datetime_parser
module
macaron.malware_analyzer.pypi_heuristics
module
macaron.malware_analyzer.pypi_heuristics.base_analyzer
module
macaron.malware_analyzer.pypi_heuristics.heuristics
module
macaron.malware_analyzer.pypi_heuristics.metadata
module
macaron.malware_analyzer.pypi_heuristics.metadata.closer_release_join_date
module
macaron.malware_analyzer.pypi_heuristics.metadata.empty_project_link
module
macaron.malware_analyzer.pypi_heuristics.metadata.high_release_frequency
module
macaron.malware_analyzer.pypi_heuristics.metadata.one_release
module
macaron.malware_analyzer.pypi_heuristics.metadata.unchanged_release
module
macaron.malware_analyzer.pypi_heuristics.metadata.unreachable_project_links
module
macaron.malware_analyzer.pypi_heuristics.sourcecode
module
macaron.malware_analyzer.pypi_heuristics.sourcecode.suspicious_setup
module
macaron.output_reporter
module
macaron.output_reporter.jinja2_extensions
module
macaron.output_reporter.reporter
module
macaron.output_reporter.results
module
macaron.output_reporter.scm
module
macaron.parsers
module
macaron.parsers.actionparser
module
macaron.parsers.bashparser
module
macaron.parsers.github_workflow_model
module
macaron.parsers.yaml
module
macaron.parsers.yaml.loader
module
macaron.policy_engine
module
macaron.policy_engine.policy_engine
module
macaron.policy_engine.souffle
module
macaron.policy_engine.souffle_code_generator
module
macaron.repo_finder
module
macaron.repo_finder.commit_finder
module
macaron.repo_finder.provenance_extractor
module
macaron.repo_finder.provenance_finder
module
macaron.repo_finder.repo_finder
module
macaron.repo_finder.repo_finder_base
module
macaron.repo_finder.repo_finder_deps_dev
module
macaron.repo_finder.repo_finder_java
module
macaron.repo_finder.repo_validator
module
macaron.slsa_analyzer
module
macaron.slsa_analyzer.analyze_context
module
macaron.slsa_analyzer.analyzer
module
macaron.slsa_analyzer.asset
module
macaron.slsa_analyzer.build_tool
module
macaron.slsa_analyzer.build_tool.base_build_tool
module
macaron.slsa_analyzer.build_tool.docker
module
macaron.slsa_analyzer.build_tool.go
module
macaron.slsa_analyzer.build_tool.gradle
module
macaron.slsa_analyzer.build_tool.language
module
macaron.slsa_analyzer.build_tool.maven
module
macaron.slsa_analyzer.build_tool.npm
module
macaron.slsa_analyzer.build_tool.pip
module
macaron.slsa_analyzer.build_tool.poetry
module
macaron.slsa_analyzer.build_tool.yarn
module
macaron.slsa_analyzer.checks
module
macaron.slsa_analyzer.checks.base_check
module
macaron.slsa_analyzer.checks.build_as_code_check
module
macaron.slsa_analyzer.checks.build_script_check
module
macaron.slsa_analyzer.checks.build_service_check
module
macaron.slsa_analyzer.checks.check_result
module
macaron.slsa_analyzer.checks.detect_malicious_metadata_check
module
macaron.slsa_analyzer.checks.infer_artifact_pipeline_check
module
macaron.slsa_analyzer.checks.provenance_available_check
module
macaron.slsa_analyzer.checks.provenance_commit_check
module
macaron.slsa_analyzer.checks.provenance_l3_check
module
macaron.slsa_analyzer.checks.provenance_l3_content_check
module
macaron.slsa_analyzer.checks.provenance_repo_check
module
macaron.slsa_analyzer.checks.provenance_verified_check
module
macaron.slsa_analyzer.checks.provenance_witness_l1_check
module
macaron.slsa_analyzer.checks.trusted_builder_l3_check
module
macaron.slsa_analyzer.checks.vcs_check
module
macaron.slsa_analyzer.ci_service
module
macaron.slsa_analyzer.ci_service.base_ci_service
module
macaron.slsa_analyzer.ci_service.circleci
module
macaron.slsa_analyzer.ci_service.github_actions
module
macaron.slsa_analyzer.ci_service.github_actions.analyzer
module
macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci
module
macaron.slsa_analyzer.ci_service.gitlab_ci
module
macaron.slsa_analyzer.ci_service.jenkins
module
macaron.slsa_analyzer.ci_service.travis
module
macaron.slsa_analyzer.database_store
module
macaron.slsa_analyzer.git_service
module
macaron.slsa_analyzer.git_service.api_client
module
macaron.slsa_analyzer.git_service.base_git_service
module
macaron.slsa_analyzer.git_service.bitbucket
module
macaron.slsa_analyzer.git_service.github
module
macaron.slsa_analyzer.git_service.gitlab
module
macaron.slsa_analyzer.git_service.local_repo_git_service
module
macaron.slsa_analyzer.git_url
module
macaron.slsa_analyzer.levels
module
macaron.slsa_analyzer.package_registry
module
macaron.slsa_analyzer.package_registry.jfrog_maven_registry
module
macaron.slsa_analyzer.package_registry.maven_central_registry
module
macaron.slsa_analyzer.package_registry.npm_registry
module
macaron.slsa_analyzer.package_registry.package_registry
module
macaron.slsa_analyzer.package_registry.pypi_registry
module
macaron.slsa_analyzer.provenance
module
macaron.slsa_analyzer.provenance.expectations
module
macaron.slsa_analyzer.provenance.expectations.cue
module
macaron.slsa_analyzer.provenance.expectations.cue.cue_validator
module
macaron.slsa_analyzer.provenance.expectations.expectation
module
macaron.slsa_analyzer.provenance.expectations.expectation_registry
module
macaron.slsa_analyzer.provenance.intoto
module
macaron.slsa_analyzer.provenance.intoto.errors
module
macaron.slsa_analyzer.provenance.intoto.v01
module
macaron.slsa_analyzer.provenance.intoto.v1
module
macaron.slsa_analyzer.provenance.loader
module
macaron.slsa_analyzer.provenance.provenance
module
macaron.slsa_analyzer.provenance.slsa
module
macaron.slsa_analyzer.provenance.witness
module
macaron.slsa_analyzer.provenance.witness.attestor
module
macaron.slsa_analyzer.registry
module
macaron.slsa_analyzer.slsa_req
module
macaron.slsa_analyzer.specs
module
macaron.slsa_analyzer.specs.build_spec
module
macaron.slsa_analyzer.specs.ci_spec
module
macaron.slsa_analyzer.specs.inferred_provenance
module
macaron.slsa_analyzer.specs.package_registry_spec
module
macaron.util
module
macaron.vsa
module
macaron.vsa.vsa
module
macaron_path (macaron.config.global_config.GlobalConfig attribute)
macaron_version (macaron.database.table_definitions.Analysis attribute)
MacaronError
make_expectation() (macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation class method)
(macaron.slsa_analyzer.provenance.expectations.expectation.Expectation class method)
MaliciousMetadataFacts (class in macaron.slsa_analyzer.checks.detect_malicious_metadata_check)
MappedCheckResult (class in macaron.database.table_definitions)
match_cmd_args() (macaron.slsa_analyzer.build_tool.base_build_tool.BaseBuildTool method)
match_tags() (in module macaron.repo_finder.commit_finder)
Maven (class in macaron.slsa_analyzer.build_tool.maven)
MAVEN (macaron.repo_finder.repo_finder_deps_dev.DepsDevType attribute)
MavenCentralRegistry (class in macaron.slsa_analyzer.package_registry.maven_central_registry)
media_type (macaron.slsa_analyzer.provenance.intoto.v1.InTotoV1ResourceDescriptor attribute)
MEDIUM (macaron.slsa_analyzer.checks.check_result.Confidence attribute)
merge_configs() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer static method)
merge_group (macaron.parsers.github_workflow_model.On attribute)
metadata (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAsset attribute)
(macaron.slsa_analyzer.specs.package_registry_spec.PackageRegistryInfo attribute)
milestone (macaron.parsers.github_workflow_model.On attribute)
MISSING_SCM (macaron.output_reporter.scm.SCMStatus attribute)
module
macaron
macaron.code_analyzer
macaron.code_analyzer.call_graph
macaron.config
macaron.config.defaults
macaron.config.global_config
macaron.config.target_config
macaron.database
macaron.database.database_manager
macaron.database.db_custom_types
macaron.database.table_definitions
macaron.database.views
macaron.dependency_analyzer
macaron.dependency_analyzer.cyclonedx
macaron.dependency_analyzer.cyclonedx_gradle
macaron.dependency_analyzer.cyclonedx_mvn
macaron.dependency_analyzer.cyclonedx_python
macaron.environment_variables
macaron.errors
macaron.json_tools
macaron.malware_analyzer
macaron.malware_analyzer.datetime_parser
macaron.malware_analyzer.pypi_heuristics
macaron.malware_analyzer.pypi_heuristics.base_analyzer
macaron.malware_analyzer.pypi_heuristics.heuristics
macaron.malware_analyzer.pypi_heuristics.metadata
macaron.malware_analyzer.pypi_heuristics.metadata.closer_release_join_date
macaron.malware_analyzer.pypi_heuristics.metadata.empty_project_link
macaron.malware_analyzer.pypi_heuristics.metadata.high_release_frequency
macaron.malware_analyzer.pypi_heuristics.metadata.one_release
macaron.malware_analyzer.pypi_heuristics.metadata.unchanged_release
macaron.malware_analyzer.pypi_heuristics.metadata.unreachable_project_links
macaron.malware_analyzer.pypi_heuristics.sourcecode
macaron.malware_analyzer.pypi_heuristics.sourcecode.suspicious_setup
macaron.output_reporter
macaron.output_reporter.jinja2_extensions
macaron.output_reporter.reporter
macaron.output_reporter.results
macaron.output_reporter.scm
macaron.parsers
macaron.parsers.actionparser
macaron.parsers.bashparser
macaron.parsers.github_workflow_model
macaron.parsers.yaml
macaron.parsers.yaml.loader
macaron.policy_engine
macaron.policy_engine.policy_engine
macaron.policy_engine.souffle
macaron.policy_engine.souffle_code_generator
macaron.repo_finder
macaron.repo_finder.commit_finder
macaron.repo_finder.provenance_extractor
macaron.repo_finder.provenance_finder
macaron.repo_finder.repo_finder
macaron.repo_finder.repo_finder_base
macaron.repo_finder.repo_finder_deps_dev
macaron.repo_finder.repo_finder_java
macaron.repo_finder.repo_validator
macaron.slsa_analyzer
macaron.slsa_analyzer.analyze_context
macaron.slsa_analyzer.analyzer
macaron.slsa_analyzer.asset
macaron.slsa_analyzer.build_tool
macaron.slsa_analyzer.build_tool.base_build_tool
macaron.slsa_analyzer.build_tool.docker
macaron.slsa_analyzer.build_tool.go
macaron.slsa_analyzer.build_tool.gradle
macaron.slsa_analyzer.build_tool.language
macaron.slsa_analyzer.build_tool.maven
macaron.slsa_analyzer.build_tool.npm
macaron.slsa_analyzer.build_tool.pip
macaron.slsa_analyzer.build_tool.poetry
macaron.slsa_analyzer.build_tool.yarn
macaron.slsa_analyzer.checks
macaron.slsa_analyzer.checks.base_check
macaron.slsa_analyzer.checks.build_as_code_check
macaron.slsa_analyzer.checks.build_script_check
macaron.slsa_analyzer.checks.build_service_check
macaron.slsa_analyzer.checks.check_result
macaron.slsa_analyzer.checks.detect_malicious_metadata_check
macaron.slsa_analyzer.checks.infer_artifact_pipeline_check
macaron.slsa_analyzer.checks.provenance_available_check
macaron.slsa_analyzer.checks.provenance_commit_check
macaron.slsa_analyzer.checks.provenance_l3_check
macaron.slsa_analyzer.checks.provenance_l3_content_check
macaron.slsa_analyzer.checks.provenance_repo_check
macaron.slsa_analyzer.checks.provenance_verified_check
macaron.slsa_analyzer.checks.provenance_witness_l1_check
macaron.slsa_analyzer.checks.trusted_builder_l3_check
macaron.slsa_analyzer.checks.vcs_check
macaron.slsa_analyzer.ci_service
macaron.slsa_analyzer.ci_service.base_ci_service
macaron.slsa_analyzer.ci_service.circleci
macaron.slsa_analyzer.ci_service.github_actions
macaron.slsa_analyzer.ci_service.github_actions.analyzer
macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci
macaron.slsa_analyzer.ci_service.gitlab_ci
macaron.slsa_analyzer.ci_service.jenkins
macaron.slsa_analyzer.ci_service.travis
macaron.slsa_analyzer.database_store
macaron.slsa_analyzer.git_service
macaron.slsa_analyzer.git_service.api_client
macaron.slsa_analyzer.git_service.base_git_service
macaron.slsa_analyzer.git_service.bitbucket
macaron.slsa_analyzer.git_service.github
macaron.slsa_analyzer.git_service.gitlab
macaron.slsa_analyzer.git_service.local_repo_git_service
macaron.slsa_analyzer.git_url
macaron.slsa_analyzer.levels
macaron.slsa_analyzer.package_registry
macaron.slsa_analyzer.package_registry.jfrog_maven_registry
macaron.slsa_analyzer.package_registry.maven_central_registry
macaron.slsa_analyzer.package_registry.npm_registry
macaron.slsa_analyzer.package_registry.package_registry
macaron.slsa_analyzer.package_registry.pypi_registry
macaron.slsa_analyzer.provenance
macaron.slsa_analyzer.provenance.expectations
macaron.slsa_analyzer.provenance.expectations.cue
macaron.slsa_analyzer.provenance.expectations.cue.cue_validator
macaron.slsa_analyzer.provenance.expectations.expectation
macaron.slsa_analyzer.provenance.expectations.expectation_registry
macaron.slsa_analyzer.provenance.intoto
macaron.slsa_analyzer.provenance.intoto.errors
macaron.slsa_analyzer.provenance.intoto.v01
macaron.slsa_analyzer.provenance.intoto.v1
macaron.slsa_analyzer.provenance.loader
macaron.slsa_analyzer.provenance.provenance
macaron.slsa_analyzer.provenance.slsa
macaron.slsa_analyzer.provenance.witness
macaron.slsa_analyzer.provenance.witness.attestor
macaron.slsa_analyzer.registry
macaron.slsa_analyzer.slsa_req
macaron.slsa_analyzer.specs
macaron.slsa_analyzer.specs.build_spec
macaron.slsa_analyzer.specs.ci_spec
macaron.slsa_analyzer.specs.inferred_provenance
macaron.slsa_analyzer.specs.package_registry_spec
macaron.util
macaron.vsa
macaron.vsa.vsa
N
name (macaron.database.table_definitions.Component attribute)
(macaron.database.table_definitions.PackageURLMixin attribute)
(macaron.database.table_definitions.ReleaseArtifact attribute)
(macaron.database.table_definitions.Repository attribute)
(macaron.parsers.github_workflow_model.Environment attribute)
(macaron.parsers.github_workflow_model.ReusableWorkflowCallJob attribute)
(macaron.slsa_analyzer.asset.AssetLocator property)
(macaron.slsa_analyzer.asset.VirtualReleaseAsset attribute)
(macaron.slsa_analyzer.checks.check_result.Evidence attribute)
(macaron.slsa_analyzer.git_service.api_client.GitHubReleaseAsset attribute)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAsset attribute)
(macaron.slsa_analyzer.package_registry.npm_registry.NPMAttestationAsset property)
(macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset property)
(macaron.slsa_analyzer.provenance.intoto.v01.InTotoV01Subject attribute)
(macaron.slsa_analyzer.provenance.intoto.v1.InTotoV1ResourceDescriptor attribute)
namespace (macaron.database.table_definitions.Component attribute)
(macaron.database.table_definitions.PackageURLMixin attribute)
(macaron.slsa_analyzer.package_registry.npm_registry.NPMAttestationAsset attribute)
needs (macaron.parsers.github_workflow_model.ReusableWorkflowCallJob attribute)
NONE (macaron.parsers.bashparser.BashScriptType attribute)
NoneCIService (class in macaron.slsa_analyzer.ci_service.base_ci_service)
NoneDependencyAnalyzer (class in macaron.dependency_analyzer.cyclonedx)
NoneGitService (class in macaron.slsa_analyzer.git_service.base_git_service)
normalize() (macaron.slsa_analyzer.checks.check_result.Confidence class method)
note (macaron.dependency_analyzer.cyclonedx.DependencyInfo attribute)
NPM (class in macaron.slsa_analyzer.build_tool.npm)
(macaron.repo_finder.repo_finder_deps_dev.DepsDevType attribute)
npm_registry (macaron.slsa_analyzer.package_registry.npm_registry.NPMAttestationAsset attribute)
NPMAttestationAsset (class in macaron.slsa_analyzer.package_registry.npm_registry)
NPMRegistry (class in macaron.slsa_analyzer.package_registry.npm_registry)
NUGET (macaron.repo_finder.repo_finder_deps_dev.DepsDevType attribute)
O
obj (macaron.parsers.github_workflow_model.Identified attribute)
On (class in macaron.parsers.github_workflow_model)
ONE_RELEASE (macaron.malware_analyzer.pypi_heuristics.heuristics.Heuristics attribute)
OneReleaseAnalyzer (class in macaron.malware_analyzer.pypi_heuristics.metadata.one_release)
options (macaron.parsers.github_workflow_model.Container attribute)
(macaron.parsers.github_workflow_model.Inputs1 attribute)
OracleSetupJava (class in macaron.slsa_analyzer.ci_service.github_actions.analyzer)
output_path (macaron.config.global_config.GlobalConfig attribute)
owner (macaron.database.table_definitions.Repository attribute)
P
package_json (macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset attribute)
package_registries (macaron.slsa_analyzer.analyze_context.ChecksOutputs attribute)
package_registry (macaron.slsa_analyzer.specs.package_registry_spec.PackageRegistryInfo attribute)
PackageRegistry (class in macaron.slsa_analyzer.package_registry.package_registry)
PackageRegistryInfo (class in macaron.slsa_analyzer.specs.package_registry_spec)
PackageURLMixin (class in macaron.database.table_definitions)
page_build (macaron.parsers.github_workflow_model.On attribute)
PARAMETERLESS (macaron.slsa_analyzer.slsa_req.ReqName attribute)
parse() (in module macaron.parsers.actionparser)
(in module macaron.parsers.bashparser)
parse_datetime() (in module macaron.malware_analyzer.datetime_parser)
parse_file() (in module macaron.parsers.bashparser)
parse_git_branch_output() (in module macaron.slsa_analyzer.git_url)
parse_purl() (macaron.slsa_analyzer.analyzer.Analyzer static method)
parse_remote_url() (in module macaron.slsa_analyzer.git_url)
parsed_purl (macaron.slsa_analyzer.analyzer.Analyzer.AnalysisTarget attribute)
ParseError
PASS (macaron.malware_analyzer.pypi_heuristics.heuristics.HeuristicResult attribute)
passed (macaron.database.table_definitions.MappedCheckResult attribute)
PASSED (macaron.slsa_analyzer.checks.check_result.CheckResultType attribute)
(macaron.vsa.vsa.VerificationResult attribute)
password (macaron.parsers.github_workflow_model.Credentials attribute)
path (macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
(macaron.slsa_analyzer.provenance.expectations.expectation.Expectation attribute)
payload (macaron.slsa_analyzer.provenance.provenance.DownloadedProvenanceData property)
(macaron.slsa_analyzer.provenance.slsa.SLSAProvenanceData attribute)
(macaron.slsa_analyzer.provenance.witness.WitnessProvenanceData attribute)
(macaron.vsa.vsa.Vsa attribute)
payloadType (macaron.vsa.vsa.Vsa attribute)
permissions (macaron.parsers.github_workflow_model.ReusableWorkflowCallJob attribute)
Pip (class in macaron.slsa_analyzer.build_tool.pip)
Poetry (class in macaron.slsa_analyzer.build_tool.poetry)
Policy (class in macaron.vsa.vsa)
policy (macaron.vsa.vsa.VsaPredicate attribute)
PolicyReporter (class in macaron.output_reporter.reporter)
ports (macaron.parsers.github_workflow_model.Container attribute)
pre_config (macaron.output_reporter.results.Record attribute)
predicate (macaron.slsa_analyzer.provenance.intoto.v01.InTotoV01Statement attribute)
(macaron.slsa_analyzer.provenance.intoto.v1.InTotoV1Statement attribute)
(macaron.vsa.vsa.VsaStatement attribute)
predicate_types (macaron.slsa_analyzer.provenance.witness.WitnessVerifierConfig attribute)
predicateType (macaron.slsa_analyzer.provenance.intoto.v01.InTotoV01Statement attribute)
(macaron.slsa_analyzer.provenance.intoto.v1.InTotoV1Statement attribute)
(macaron.vsa.vsa.VsaStatement attribute)
prepare() (macaron.slsa_analyzer.registry.Registry method)
prepare_config_files() (macaron.slsa_analyzer.build_tool.base_build_tool.BaseBuildTool method)
(macaron.slsa_analyzer.build_tool.docker.Docker method)
(macaron.slsa_analyzer.build_tool.go.Go method)
(macaron.slsa_analyzer.build_tool.gradle.Gradle method)
(macaron.slsa_analyzer.build_tool.maven.Maven method)
(macaron.slsa_analyzer.build_tool.npm.NPM method)
(macaron.slsa_analyzer.build_tool.pip.Pip method)
(macaron.slsa_analyzer.build_tool.poetry.Poetry method)
(macaron.slsa_analyzer.build_tool.yarn.Yarn method)
process_bind_param() (macaron.database.db_custom_types.DBJsonDict method)
(macaron.database.db_custom_types.RFC3339DateTime method)
process_result_value() (macaron.database.db_custom_types.DBJsonDict method)
(macaron.database.db_custom_types.RFC3339DateTime method)
project (macaron.parsers.github_workflow_model.On attribute)
project_card (macaron.parsers.github_workflow_model.On attribute)
project_column (macaron.parsers.github_workflow_model.On attribute)
project_join_table_souffle_relation() (in module macaron.policy_engine.souffle_code_generator)
project_table_to_key() (in module macaron.policy_engine.souffle_code_generator)
project_with_fk_join() (in module macaron.policy_engine.souffle_code_generator)
PROV_AUTH (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_AVAILABLE (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_CONT_ARTI (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_CONT_BUILD_INS (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_CONT_BUILD_PARAMS (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_CONT_BUILDER (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_CONT_ENTRY (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_CONT_META_DATA (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_CONT_REPRODUCIBLE_INFO (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_CONT_SOURCE (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_CONT_TRANSITIVE_DEPS (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_DEPENDENCIES_COMPLETE (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_NON_FALSIFIABLE (macaron.slsa_analyzer.slsa_req.ReqName attribute)
PROV_SERVICE_GEN (macaron.slsa_analyzer.slsa_req.ReqName attribute)
Provenance (class in macaron.database.table_definitions)
(class in macaron.slsa_analyzer.specs.inferred_provenance)
provenance (macaron.database.table_definitions.Component attribute)
(macaron.database.table_definitions.ReleaseArtifact attribute)
(macaron.slsa_analyzer.analyze_context.ChecksOutputs attribute)
PROVENANCE (macaron.slsa_analyzer.slsa_req.Category attribute)
provenance_assets (macaron.slsa_analyzer.specs.ci_spec.CIInfo attribute)
provenance_commit_digest (macaron.slsa_analyzer.analyze_context.ChecksOutputs attribute)
PROVENANCE_CONTENT (macaron.slsa_analyzer.slsa_req.Category attribute)
provenance_id (macaron.database.table_definitions.ReleaseArtifact attribute)
provenance_json (macaron.database.table_definitions.Provenance attribute)
provenance_name (macaron.slsa_analyzer.checks.provenance_witness_l1_check.WitnessProvenanceAvailableFacts attribute)
provenance_repo_url (macaron.slsa_analyzer.analyze_context.ChecksOutputs attribute)
provenance_subject (macaron.database.table_definitions.Component attribute)
provenance_url (macaron.slsa_analyzer.checks.provenance_witness_l1_check.WitnessProvenanceAvailableFacts attribute)
provenance_verified (macaron.slsa_analyzer.analyze_context.ChecksOutputs attribute)
ProvenanceAvailableCheck (class in macaron.slsa_analyzer.checks.provenance_available_check)
ProvenanceAvailableException
ProvenanceAvailableFacts (class in macaron.slsa_analyzer.checks.provenance_available_check)
ProvenanceDerivedCommitCheck (class in macaron.slsa_analyzer.checks.provenance_commit_check)
ProvenanceDerivedCommitFacts (class in macaron.slsa_analyzer.checks.provenance_commit_check)
ProvenanceDerivedRepoCheck (class in macaron.slsa_analyzer.checks.provenance_repo_check)
ProvenanceDerivedRepoFacts (class in macaron.slsa_analyzer.checks.provenance_repo_check)
ProvenanceError
ProvenanceFinder (class in macaron.repo_finder.provenance_finder)
ProvenanceL3Check (class in macaron.slsa_analyzer.checks.provenance_l3_check)
ProvenanceL3ContentCheck (class in macaron.slsa_analyzer.checks.provenance_l3_content_check)
ProvenanceL3VerifiedFacts (class in macaron.slsa_analyzer.checks.provenance_l3_check)
provenances (macaron.slsa_analyzer.analyze_context.AnalyzeContext property)
(macaron.slsa_analyzer.specs.ci_spec.CIInfo attribute)
(macaron.slsa_analyzer.specs.package_registry_spec.PackageRegistryInfo attribute)
ProvenanceSubject (class in macaron.database.table_definitions)
ProvenanceSubjectPURLMatcher (class in macaron.slsa_analyzer.provenance.intoto)
ProvenanceVerifiedCheck (class in macaron.slsa_analyzer.checks.provenance_verified_check)
ProvenanceVerifiedFacts (class in macaron.slsa_analyzer.checks.provenance_verified_check)
ProvenanceWitnessL1Check (class in macaron.slsa_analyzer.checks.provenance_witness_l1_check)
public (macaron.parsers.github_workflow_model.On attribute)
PubliclyHostedGitLab (class in macaron.slsa_analyzer.git_service.gitlab)
pull_request (macaron.parsers.github_workflow_model.On attribute)
pull_request_review (macaron.parsers.github_workflow_model.On attribute)
pull_request_review_comment (macaron.parsers.github_workflow_model.On attribute)
pull_request_target (macaron.parsers.github_workflow_model.On attribute)
purl (macaron.database.table_definitions.Component attribute)
(macaron.dependency_analyzer.cyclonedx.DependencyInfo attribute)
purl_tools (macaron.slsa_analyzer.specs.build_spec.BuildSpec attribute)
PURLNotFoundError
push (macaron.parsers.github_workflow_model.On attribute)
PYPI (macaron.repo_finder.repo_finder_deps_dev.DepsDevType attribute)
pypi_registry (macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset attribute)
PyPIPackageJsonAsset (class in macaron.slsa_analyzer.package_registry.pypi_registry)
PyPIRegistry (class in macaron.slsa_analyzer.package_registry.pypi_registry)
PYTHON (macaron.slsa_analyzer.build_tool.language.BuildLanguage attribute)
python_venv_path (macaron.config.global_config.GlobalConfig attribute)
Q
qualifiers (macaron.database.table_definitions.Component attribute)
(macaron.database.table_definitions.PackageURLMixin attribute)
R
reachable_secrets (macaron.slsa_analyzer.build_tool.base_build_tool.BuildToolCommand attribute)
reached (macaron.database.table_definitions.SLSALevel attribute)
Record (class in macaron.output_reporter.results)
record_id (macaron.output_reporter.results.Record attribute)
register() (macaron.slsa_analyzer.registry.Registry method)
Registry (class in macaron.slsa_analyzer.registry)
registry_package (macaron.parsers.github_workflow_model.On attribute)
release (macaron.parsers.github_workflow_model.On attribute)
(macaron.slsa_analyzer.specs.ci_spec.CIInfo attribute)
release_commit_sha (macaron.database.table_definitions.Provenance attribute)
release_tag (macaron.database.table_definitions.Provenance attribute)
(macaron.database.table_definitions.Repository attribute)
ReleaseArtifact (class in macaron.database.table_definitions)
remote_path (macaron.database.table_definitions.Repository attribute)
remove_sboms() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer method)
(macaron.dependency_analyzer.cyclonedx.NoneDependencyAnalyzer method)
(macaron.dependency_analyzer.cyclonedx_gradle.CycloneDxGradle method)
(macaron.dependency_analyzer.cyclonedx_mvn.CycloneDxMaven method)
(macaron.dependency_analyzer.cyclonedx_python.CycloneDxPython method)
repo_path (macaron.slsa_analyzer.analyzer.Analyzer.AnalysisTarget attribute)
RepoAttestor (class in macaron.slsa_analyzer.provenance.witness.attestor)
RepoCheckOutError
RepoNotFoundError
Report (class in macaron.output_reporter.results)
report_dir_name (macaron.database.table_definitions.Component property)
report_file_name (macaron.database.table_definitions.Component property)
report_file_purl (macaron.database.table_definitions.Component property)
Repository (class in macaron.database.table_definitions)
repository (macaron.database.table_definitions.Component attribute)
REPOSITORY (macaron.repo_finder.commit_finder.AbstractPurlType attribute)
repository_dispatch (macaron.parsers.github_workflow_model.On attribute)
repository_info (macaron.slsa_analyzer.checks.provenance_repo_check.ProvenanceDerivedRepoFacts attribute)
REPRODUCIBLE (macaron.slsa_analyzer.slsa_req.ReqName attribute)
ReqName (class in macaron.slsa_analyzer.slsa_req)
required (macaron.parsers.github_workflow_model.Inputs attribute)
(macaron.parsers.github_workflow_model.Inputs1 attribute)
(macaron.parsers.github_workflow_model.Secrets attribute)
requirement_name (macaron.database.table_definitions.SLSARequirement attribute)
requirement_short_description (macaron.database.table_definitions.SLSARequirement attribute)
resolve_dependencies() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer static method)
resolve_matrix_variable() (in module macaron.slsa_analyzer.ci_service.github_actions.analyzer)
resolve_redirects() (in module macaron.repo_finder.repo_validator)
resources_path (macaron.config.global_config.GlobalConfig attribute)
resourceUri (macaron.vsa.vsa.VsaPredicate attribute)
restrict_to_analysis() (in module macaron.policy_engine.souffle_code_generator)
result (macaron.slsa_analyzer.checks.check_result.CheckResult attribute)
(macaron.slsa_analyzer.checks.detect_malicious_metadata_check.MaliciousMetadataFacts attribute)
result_on_skip (macaron.slsa_analyzer.checks.base_check.BaseCheck property)
result_tables (macaron.slsa_analyzer.checks.check_result.CheckResultData attribute)
result_type (macaron.slsa_analyzer.checks.check_result.CheckResultData attribute)
RETAINED_INDEFINITELY (macaron.slsa_analyzer.slsa_req.ReqName attribute)
REUSABLE (macaron.slsa_analyzer.ci_service.github_actions.analyzer.GitHubWorkflowType attribute)
ReusableWorkflowCallJob (class in macaron.parsers.github_workflow_model)
RFC3339DateTime (class in macaron.database.db_custom_types)
rules (macaron.policy_engine.souffle_code_generator.SouffleProgram attribute)
run (macaron.parsers.github_workflow_model.Defaults attribute)
(macaron.parsers.github_workflow_model.Step2 attribute)
run() (macaron.slsa_analyzer.analyzer.Analyzer method)
(macaron.slsa_analyzer.checks.base_check.BaseCheck method)
run_check() (macaron.slsa_analyzer.checks.base_check.BaseCheck method)
(macaron.slsa_analyzer.checks.build_as_code_check.BuildAsCodeCheck method)
(macaron.slsa_analyzer.checks.build_script_check.BuildScriptCheck method)
(macaron.slsa_analyzer.checks.build_service_check.BuildServiceCheck method)
(macaron.slsa_analyzer.checks.detect_malicious_metadata_check.DetectMaliciousMetadataCheck method)
(macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineCheck method)
(macaron.slsa_analyzer.checks.provenance_available_check.ProvenanceAvailableCheck method)
(macaron.slsa_analyzer.checks.provenance_commit_check.ProvenanceDerivedCommitCheck method)
(macaron.slsa_analyzer.checks.provenance_l3_check.ProvenanceL3Check method)
(macaron.slsa_analyzer.checks.provenance_l3_content_check.ProvenanceL3ContentCheck method)
(macaron.slsa_analyzer.checks.provenance_repo_check.ProvenanceDerivedRepoCheck method)
(macaron.slsa_analyzer.checks.provenance_verified_check.ProvenanceVerifiedCheck method)
(macaron.slsa_analyzer.checks.provenance_witness_l1_check.ProvenanceWitnessL1Check method)
(macaron.slsa_analyzer.checks.trusted_builder_l3_check.TrustedBuilderL3Check method)
(macaron.slsa_analyzer.checks.vcs_check.VCSCheck method)
run_heuristics() (macaron.slsa_analyzer.checks.detect_malicious_metadata_check.DetectMaliciousMetadataCheck method)
run_policy_engine() (in module macaron.policy_engine.policy_engine)
run_single() (macaron.slsa_analyzer.analyzer.Analyzer method)
run_souffle() (in module macaron.policy_engine.policy_engine)
run_url (macaron.slsa_analyzer.checks.infer_artifact_pipeline_check.InferArtifactPipelineFacts attribute)
RunsOn (class in macaron.parsers.github_workflow_model)
RuntimeOptions (class in macaron.slsa_analyzer.build_tool.base_build_tool)
S
scan() (macaron.slsa_analyzer.registry.Registry method)
schedule (macaron.parsers.github_workflow_model.On attribute)
ScheduleItem (class in macaron.parsers.github_workflow_model)
SCMStatus (class in macaron.output_reporter.scm)
SCRIPTED_BUILD (macaron.slsa_analyzer.slsa_req.ReqName attribute)
search() (macaron.slsa_analyzer.git_service.api_client.GhAPIClient method)
search_for_workflow_run() (macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci.GitHubActions method)
Secrets (class in macaron.parsers.github_workflow_model)
secrets (macaron.parsers.github_workflow_model.ReusableWorkflowCallJob attribute)
(macaron.parsers.github_workflow_model.WorkflowCall attribute)
SECURITY (macaron.slsa_analyzer.slsa_req.ReqName attribute)
SelfHostedGitLab (class in macaron.slsa_analyzer.git_service.gitlab)
send_get_http() (in module macaron.util)
send_get_http_raw() (in module macaron.util)
serialize_to_json() (macaron.slsa_analyzer.build_tool.base_build_tool.BaseBuildTool method)
service (macaron.slsa_analyzer.specs.ci_spec.CIInfo attribute)
set_api_client() (macaron.slsa_analyzer.ci_service.base_ci_service.BaseCIService method)
(macaron.slsa_analyzer.ci_service.base_ci_service.NoneCIService method)
(macaron.slsa_analyzer.ci_service.circleci.CircleCI method)
(macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci.GitHubActions method)
(macaron.slsa_analyzer.ci_service.gitlab_ci.GitLabCI method)
(macaron.slsa_analyzer.ci_service.jenkins.Jenkins method)
(macaron.slsa_analyzer.ci_service.travis.Travis method)
set_status() (macaron.slsa_analyzer.slsa_req.SLSAReqStatus method)
set_value() (macaron.config.target_config.Configuration method)
SetupJava (class in macaron.slsa_analyzer.ci_service.github_actions.analyzer)
sha (macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
(macaron.slsa_analyzer.provenance.expectations.expectation.Expectation attribute)
sha256 (macaron.database.table_definitions.ProvenanceSubject attribute)
sha256_digest (macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAsset property)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAssetMetadata attribute)
show_prelude() (in module macaron.policy_engine.policy_engine)
size_in_bytes (macaron.slsa_analyzer.asset.AssetLocator property)
(macaron.slsa_analyzer.asset.VirtualReleaseAsset attribute)
(macaron.slsa_analyzer.git_service.api_client.GitHubReleaseAsset attribute)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAsset property)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAssetMetadata attribute)
(macaron.slsa_analyzer.package_registry.npm_registry.NPMAttestationAsset attribute)
(macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset property)
SKIP (macaron.malware_analyzer.pypi_heuristics.heuristics.HeuristicResult attribute)
SKIPPED (macaron.slsa_analyzer.checks.check_result.CheckResultType attribute)
SkippedInfo (class in macaron.slsa_analyzer.checks.check_result)
SLSA
slsa_level (macaron.database.table_definitions.SLSALevel attribute)
slsa_verified (macaron.database.table_definitions.ReleaseArtifact attribute)
SLSALevel (class in macaron.database.table_definitions)
slsalevel (macaron.database.table_definitions.Component attribute)
SLSALevels (class in macaron.slsa_analyzer.levels)
SLSAProvenanceData (class in macaron.slsa_analyzer.provenance.slsa)
SLSAReq (class in macaron.slsa_analyzer.slsa_req)
SLSAReqStatus (class in macaron.slsa_analyzer.slsa_req)
SLSARequirement (class in macaron.database.table_definitions)
slsarequirement (macaron.database.table_definitions.Component attribute)
SouffleError
SouffleProgram (class in macaron.policy_engine.souffle_code_generator)
SouffleWrapper (class in macaron.policy_engine.souffle)
SOURCE (macaron.slsa_analyzer.slsa_req.Category attribute)
statement (macaron.slsa_analyzer.provenance.intoto.InTotoV01Payload attribute)
(macaron.slsa_analyzer.provenance.intoto.InTotoV1Payload attribute)
status (macaron.output_reporter.results.Record attribute)
(macaron.parsers.github_workflow_model.On attribute)
(macaron.slsa_analyzer.specs.build_spec.BuildInfo attribute)
Step1 (class in macaron.parsers.github_workflow_model)
Step2 (class in macaron.parsers.github_workflow_model)
step_node (macaron.slsa_analyzer.build_tool.base_build_tool.BuildToolCommand attribute)
store_analyze_context_to_db() (in module macaron.slsa_analyzer.database_store)
store_inferred_provenance() (in module macaron.slsa_analyzer.analyze_context)
strategy (macaron.parsers.github_workflow_model.ReusableWorkflowCallJob attribute)
subject (macaron.slsa_analyzer.provenance.intoto.v01.InTotoV01Statement attribute)
(macaron.slsa_analyzer.provenance.intoto.v1.InTotoV1Statement attribute)
(macaron.vsa.vsa.VsaStatement attribute)
subpath (macaron.database.table_definitions.Component attribute)
(macaron.database.table_definitions.PackageURLMixin attribute)
SUPERUSERS (macaron.slsa_analyzer.slsa_req.ReqName attribute)
suppress_comment (macaron.slsa_analyzer.checks.check_result.SkippedInfo attribute)
SUSPICIOUS_SETUP (macaron.malware_analyzer.pypi_heuristics.heuristics.Heuristics attribute)
SuspiciousSetupAnalyzer (class in macaron.malware_analyzer.pypi_heuristics.sourcecode.suspicious_setup)
T
table_to_declaration() (in module macaron.policy_engine.souffle_code_generator)
target (macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
(macaron.slsa_analyzer.provenance.expectations.expectation.Expectation attribute)
TARGET_CONFIG_SCHEMA (in module macaron.config.target_config)
test_extensions (in module macaron.output_reporter.jinja2_extensions)
TEXT (macaron.slsa_analyzer.checks.check_result.JustificationType attribute)
text (macaron.slsa_analyzer.provenance.expectations.cue.CUEExpectation attribute)
(macaron.slsa_analyzer.provenance.expectations.expectation.Expectation attribute)
ThirdPartyAction (class in macaron.slsa_analyzer.ci_service.github_actions.analyzer)
timeVerified (macaron.vsa.vsa.VsaPredicate attribute)
to_analysis_target() (macaron.slsa_analyzer.analyzer.Analyzer static method)
to_domain_from_known_purl_types() (in module macaron.repo_finder.repo_finder)
to_repo_path() (in module macaron.repo_finder.repo_finder)
tool_valid() (macaron.dependency_analyzer.cyclonedx.DependencyAnalyzer static method)
tools (macaron.slsa_analyzer.specs.build_spec.BuildSpec attribute)
Travis (class in macaron.slsa_analyzer.ci_service.travis)
TrustedBuilderFacts (class in macaron.slsa_analyzer.checks.trusted_builder_l3_check)
TrustedBuilderL3Check (class in macaron.slsa_analyzer.checks.trusted_builder_l3_check)
TWO_PERSON_REVIEWED (macaron.slsa_analyzer.slsa_req.ReqName attribute)
type (macaron.database.table_definitions.Component attribute)
(macaron.database.table_definitions.PackageURLMixin attribute)
(macaron.database.table_definitions.Repository attribute)
(macaron.parsers.github_workflow_model.Inputs attribute)
(macaron.parsers.github_workflow_model.Inputs1 attribute)
U
UNCHANGED_RELEASE (macaron.malware_analyzer.pypi_heuristics.heuristics.Heuristics attribute)
UnchangedReleaseAnalyzer (class in macaron.malware_analyzer.pypi_heuristics.metadata.unchanged_release)
unique_dep_repos (macaron.output_reporter.results.DepSummary attribute)
UNKNOWN (macaron.slsa_analyzer.checks.check_result.CheckResultType attribute)
UNREACHABLE_PROJECT_LINKS (macaron.malware_analyzer.pypi_heuristics.heuristics.Heuristics attribute)
UnreachableProjectLinksAnalyzer (class in macaron.malware_analyzer.pypi_heuristics.metadata.unreachable_project_links)
UNSUPPORTED (macaron.repo_finder.commit_finder.AbstractPurlType attribute)
UnsupportedInTotoVersionError
update() (macaron.policy_engine.souffle_code_generator.SouffleProgram method)
update_req_status() (macaron.slsa_analyzer.analyze_context.AnalyzeContext method)
update_result() (macaron.slsa_analyzer.checks.check_result.EvidenceWeightMap method)
uri (macaron.slsa_analyzer.provenance.intoto.v1.InTotoV1ResourceDescriptor attribute)
url (macaron.dependency_analyzer.cyclonedx.DependencyInfo attribute)
(macaron.parsers.github_workflow_model.Environment attribute)
(macaron.slsa_analyzer.asset.AssetLocator property)
(macaron.slsa_analyzer.asset.VirtualReleaseAsset attribute)
(macaron.slsa_analyzer.git_service.api_client.GitHubReleaseAsset attribute)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAsset property)
(macaron.slsa_analyzer.package_registry.npm_registry.NPMAttestationAsset property)
(macaron.slsa_analyzer.package_registry.pypi_registry.PyPIPackageJsonAsset property)
username (macaron.parsers.github_workflow_model.Credentials attribute)
uses (macaron.parsers.github_workflow_model.ReusableWorkflowCallJob attribute)
(macaron.parsers.github_workflow_model.Step1 attribute)
V
validate() (macaron.slsa_analyzer.provenance.expectations.expectation.Expectation method)
validate_expectation() (in module macaron.slsa_analyzer.provenance.expectations.cue.cue_validator)
validate_intoto_payload() (in module macaron.slsa_analyzer.provenance.intoto)
validate_intoto_statement() (in module macaron.slsa_analyzer.provenance.intoto.v01)
(in module macaron.slsa_analyzer.provenance.intoto.v1)
validate_intoto_subject() (in module macaron.slsa_analyzer.provenance.intoto.v01)
(in module macaron.slsa_analyzer.provenance.intoto.v1)
validate_yaml_data() (macaron.parsers.yaml.loader.YamlLoader class method)
ValidateInTotoPayloadError
VCS (macaron.slsa_analyzer.slsa_req.ReqName attribute)
VCSCheck (class in macaron.slsa_analyzer.checks.vcs_check)
VCSFacts (class in macaron.slsa_analyzer.checks.vcs_check)
VerificationResult (class in macaron.vsa.vsa)
verificationResult (macaron.vsa.vsa.VsaPredicate attribute)
VERIFIED_HISTORY (macaron.slsa_analyzer.slsa_req.ReqName attribute)
verifiedLevels (macaron.vsa.vsa.VsaPredicate attribute)
Verifier (class in macaron.vsa.vsa)
verifier (macaron.vsa.vsa.VsaPredicate attribute)
verify_artifact_assets() (in module macaron.slsa_analyzer.checks.provenance_witness_l1_check)
verify_npm_provenance() (in module macaron.repo_finder.provenance_finder)
verify_provenance() (macaron.repo_finder.provenance_finder.ProvenanceFinder method)
version (macaron.database.table_definitions.Component attribute)
(macaron.database.table_definitions.PackageURLMixin attribute)
(macaron.database.table_definitions.Provenance attribute)
(macaron.slsa_analyzer.package_registry.jfrog_maven_registry.JFrogMavenAsset attribute)
(macaron.slsa_analyzer.package_registry.npm_registry.NPMAttestationAsset attribute)
(macaron.vsa.vsa.Verifier attribute)
view_doesnt_exist() (in module macaron.database.views)
view_exists() (in module macaron.database.views)
VirtualReleaseAsset (class in macaron.slsa_analyzer.asset)
volumes (macaron.parsers.github_workflow_model.Container attribute)
VSA
Vsa (class in macaron.vsa.vsa)
VsaPredicate (class in macaron.vsa.vsa)
VsaStatement (class in macaron.vsa.vsa)
W
watch (macaron.parsers.github_workflow_model.On attribute)
weight (macaron.slsa_analyzer.checks.check_result.Evidence attribute)
with (macaron.parsers.github_workflow_model.ReusableWorkflowCallJob attribute)
Witness
WitnessProvenanceAvailableFacts (class in macaron.slsa_analyzer.checks.provenance_witness_l1_check)
WitnessProvenanceData (class in macaron.slsa_analyzer.provenance.witness)
WitnessProvenanceException
WitnessVerifierConfig (class in macaron.slsa_analyzer.provenance.witness)
workflow_call (macaron.parsers.github_workflow_model.On attribute)
workflow_dispatch (macaron.parsers.github_workflow_model.On attribute)
workflow_run (macaron.parsers.github_workflow_model.On attribute)
workflow_run_in_date_time_range() (macaron.slsa_analyzer.ci_service.base_ci_service.BaseCIService method)
(macaron.slsa_analyzer.ci_service.github_actions.github_actions_ci.GitHubActions method)
WorkflowCall (class in macaron.parsers.github_workflow_model)
WorkflowDispatch (class in macaron.parsers.github_workflow_model)
write_file() (macaron.output_reporter.reporter.FileReporter method)
Y
YamlLoader (class in macaron.parsers.yaml.loader)
Yarn (class in macaron.slsa_analyzer.build_tool.yarn)