SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Improve checker regarding PMD location problems

Browse source 
* Change checking to test for Security, wellknown and DNS requirement at once and only throws error if all three fail.
* Use security.txt parser from csaf/util to extract provider url.
* Improve code comments and messages for the reports.

Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
This commit is contained in:
JanHoefelmeyer 2022-08-26 13:31:56 +02:00 committed by GitHub
parent a62484c31c
commit 3bb8ea0019
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 112 additions and 104 deletions
Download patch file Download diff file Expand all files Collapse all files

4
cmd/csaf_checker/reporters.go
View file

@ -156,11 +156,11 @@ func (r *wellknownMetadataReporter) report(p *processor, domain *Domain) {
req.Messages = p.badWellknownMetadata
}
// report tests if the "csaf.data.security.domain.tld" DNS record available and serves the "provider-metadata.json"
// report outputs the result of the the explicit DNS test.
func (r *dnsPathReporter) report(p *processor, domain *Domain) {
req := r.requirement(domain)
if !p.badDNSPath.used() {
req.message(InfoType, "No download from https://csaf.data.security.DOMAIN attempted.")
req.message(InfoType, "No check about contents from https://csaf.data.security.DOMAIN performed.")
return
}
if len(p.badDNSPath) == 0 {