SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Merge branch 'main' into checker-validator

Browse source
This commit is contained in:
tschmidtb51 2023-01-27 17:58:37 +01:00 committed by GitHub
commit 0383e951a8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 202 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

4
docs/csaf_checker.md
View file

@ -19,13 +19,15 @@ Application Options:
--validator=URL URL to validate documents remotely
--validatorcache=FILE FILE to cache remote validations
--validatorpreset= One or more presets to validate remotely (default: mandatory)
-H, --header= One or more extra HTTP header fields
Help Options:
-h, --help Show this help message
```
Usage example:
` ./csaf_checker example.com -f html --rate=5.3 -o check-results.html`
` ./csaf_checker example.com -f html --rate=5.3 -H apikey:SECRET -o check-results.html`
Each performed check has a return type of either 0,1 or 2:
```

4
docs/csaf_downloader.md
View file

@ -4,8 +4,7 @@ A tool to download CSAF content from a specific domain/provider.
### Usage
```
Usage:
csaf_downloader [OPTIONS] domain...
csaf_downloader [OPTIONS] domain...
Application Options:
-d, --directory= Directory to store the downloaded files in
@ -13,6 +12,7 @@ Application Options:
--version Display version of the binary
-v, --verbose Verbose output
-r, --rate= The average upper limit of https operations per second
-H, --header= One or more extra HTTP header fields
Help Options:
-h, --help Show this help message

12
docs/csaf_provider.md
View file

@ -106,6 +106,18 @@ The following example file documents all available configuration options:
# If a list item starts with `expr:`
# the rest of the string is used as a JsonPath expression
# to extract a string from the incoming advisories.
# If the result of the expression is a string this string
# is used. If the result is an array each element of
# this array is tested if it is a string or an array.
# If this test fails the expression fails. If the
# test succeeds the rules are applied recursively to
# collect all strings in the result.
# Suggested expressions are:
# - vendor, product family and product names: "expr:$.product_tree..branches[?(@.category==\"vendor\" || @.category==\"product_family\" || @.category==\"product_name\")].name"
# - CVEs: "expr:$.vulnerabilities[*].cve"
# - CWEs: "expr:$.vulnerabilities[*].cwe.id"
# The used implementation to evaluate JSONPath expressions does
# not support the use of single-quotes. Double quotes have to be quoted.
# Strings not starting with `expr:` are taken verbatim.
# By default no category documents are created.
# This example provides an overview over the syntax,

1
docs/scripts/prepareUbuntuInstanceForITests.sh
View file

@ -11,4 +11,5 @@ apt install -y make bash sed tar git nginx fcgiwrap gnutls-bin
# Install Go from binary distribution
latest_go="$(curl https://go.dev/VERSION\?m=text).linux-amd64.tar.gz"
curl -O https://dl.google.com/go/$latest_go
rm -rf /usr/local/go # be sure that we do not have an old installation
tar -C /usr/local -xzf $latest_go