SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 05:40:11 +01:00
Code Issues Releases Activity Actions

refactor: deduplicate filtering pmd results from security.txt

Browse source 
already done in `loadFromSecurity`
This commit is contained in:
Marius Goetze 2024-04-19 14:06:56 +02:00 committed by Paul Schwabauer
parent a46c286cf4
commit 51dc9b5bcb
1 changed files with 2 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

17
csaf/providermetaloader.go
View file

@ -178,20 +178,7 @@ func (pmdl *ProviderMetadataLoader) Load(domain string) *LoadedProviderMetadata
}
// Next load the PMDs from security.txt
secResults := pmdl.loadFromSecurity(domain)
// Filter out the results which are valid.
var secGoods []*LoadedProviderMetadata
for _, result := range secResults {
if len(result.Messages) > 0 {
// If there where validation issues append them
// to the overall report
pmdl.messages.AppendUnique(pmdl.messages)
} else {
secGoods = append(secGoods, result)
}
}
secGoods := pmdl.loadFromSecurity(domain)
// Mention extra CSAF entries in security.txt.
ignoreExtras := func() {
@ -246,7 +233,7 @@ func (pmdl *ProviderMetadataLoader) Load(domain string) *LoadedProviderMetadata
return dnsURLResult
}
// loadFromSecurity loads the PMDs mentioned in the security.txt.
// loadFromSecurity loads the PMDs mentioned in the security.txt. Only valid PMDs are returned.
func (pmdl *ProviderMetadataLoader) loadFromSecurity(domain string) []*LoadedProviderMetadata {
// If .well-known fails try legacy location.