SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions
1023 commits 13 branches 34 tags 8.5 MiB
Commit graph

517 commits

Author SHA1 Message Date
Sascha L. Teichmann
c3a80b9f52 Make defaultLockFile a constant 2023-03-23 10:21:56 +01:00
JanHoefelmeyer
39787503cc Fix typo 2023-03-22 07:09:23 +01:00
JanHoefelmeyer
f638ae9a23 Move disabling of lockfile from explicit option to empty string in lockfile 2023-03-21 08:26:51 +01:00
JanHoefelmeyer
4800f4ec12 Improve formatting 2023-03-20 08:33:29 +01:00
JanHoefelmeyer
0c4ae88ee0 Fix typo: defautLockFile -> defaultLockFile 2023-03-20 08:31:06 +01:00
JanHoefelmeyer
dd0be44e81 Make Aggregator ignore set lockfile if NoLock option is set to true 2023-03-20 08:27:07 +01:00
JanHoefelmeyer
bb053bd427 Add option no_lock to use no lock file if none was configured 2023-03-17 13:00:51 +01:00
JanHoefelmeyer
8f87273837
Remote validator output (#347) 
* The validator is now able to print the details of the remote validations.
---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
Co-authored-by: JanHoefelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2023-03-15 11:02:06 +01:00
Bernhard Reiter
1bdf207e4b Improve aggregator docs and config 
* Fix that TOML key `update_interval` can be processed on top level.
 * Add missing keys to top level and provider entries.
 * Move explanations to first mention of keys.
 * Describe overriding ability and defaults early on and only once.
 2023-02-28 15:09:56 +01:00
JanHoefelmeyer
39b48e083c
Improve docs for checker and downloader 
* make it more clear that a domain can also be interpreted as a direct URL.

resolve #316 
---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2023-02-28 14:11:15 +01:00
JanHoefelmeyer
80195a24c3 improve phrasing in checker 'has not a' 2023-02-03 16:21:15 +01:00
Sascha L. Teichmann
ffb29f5ba4 Replace 'confirming filename' with 'conforming filename' 2023-02-03 16:21:15 +01:00
Sascha L. Teichmann
361656faf0 Fix typo and add a link to source. 2023-02-02 17:26:12 +01:00
Sascha L. Teichmann
7cc37bd9fc Enforce mime type 'application/json' when uploading advisories to the provider. 2023-02-02 17:26:12 +01:00
Sascha L. Teichmann
e998133429 Update cmd/csaf_checker/reporters.go 
Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
 2023-02-02 17:17:50 +01:00
Sascha L. Teichmann
7a5f8701bd Improve reported text a bit. 2023-02-02 17:17:50 +01:00
Sascha L. Teichmann
8425644886 Add new requirement sections 1 and 2 to report 2023-02-02 17:17:50 +01:00
Sascha L. Teichmann
cbd9dead37 Fix small typo in reporting wromg content type 2023-02-02 00:54:39 +01:00
Sascha L. Teichmann
6430712dad Warn in checker and downloader if advisories are delivered as none 'application/json' 2023-02-02 00:54:39 +01:00
Sascha L. Teichmann
052dbbe1d0
Merge pull request #323 from csaf-poc/csaf-validator 
Add csaf_validator
 2023-01-31 11:30:17 +01:00
Sascha L. Teichmann
f60ec5fea4
Merge pull request #312 from csaf-poc/downloader-validator 
Add remote validator support to downloader
 2023-01-30 19:35:48 +01:00
Sascha L. Teichmann
15e615e653
Merge pull request #313 from csaf-poc/checker-validator 
Add remote validator support to checker
 2023-01-30 19:34:20 +01:00
Sascha L. Teichmann
1004fe7c65 Merge branch 'main' into checker-validator 2023-01-30 19:30:36 +01:00
Sascha L. Teichmann
2f280c69ac In case of error, log filename, too. 2023-01-30 19:28:48 +01:00
Sascha L. Teichmann
a8493c0dd2 Check if the file name is valid 2023-01-30 08:29:54 +01:00
Sascha L. Teichmann
6a60e8d8ce Fix crash if remote validator is not configured. Small cosmetics. 2023-01-30 08:23:05 +01:00
JanHoefelmeyer
0c39819930
Merge pull request #318 from csaf-poc/improve-docs26 
Improves aggregator docs
 2023-01-30 07:51:05 +01:00
Sascha L. Teichmann
adf98736cc Add csaf_validator 2023-01-29 19:31:36 +01:00
Sascha L. Teichmann
c8e0804eba Merged main into branch 2023-01-27 18:25:22 +01:00
tschmidtb51
0383e951a8
Merge branch 'main' into checker-validator 2023-01-27 17:58:37 +01:00
Sascha L. Teichmann
9abc83edc1 Set the default of 'validatorpresets' to 'mandatory'. 2023-01-27 17:40:17 +01:00
Sascha L. Teichmann
2a40ab6393 Set the default of 'validatorpresets' to 'mandatory'. 2023-01-27 17:16:45 +01:00
JanHoefelmeyer
ddf0747327
Merge pull request #307 from csaf-poc/issue299 
Extract more than one string from expr: category fields.
 2023-01-27 09:24:06 +01:00
Sascha L. Teichmann
51fba46893 Add extra http header support to downloader and checker. 2023-01-26 22:09:38 +01:00
Sascha L. Teichmann
0745a0943d Separate compiling and evaluation of dynamic categories. 2023-01-26 21:54:46 +01:00
Bernhard Reiter
de64b88491
Improve documentation for aggregator 
* Add term "CSAF proxy provider", because it is mentioned now in
   https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html .
 * Improve formatting and phrasing.
 * Improve description of configuration of update_intervall.
 2023-01-26 16:23:08 +01:00
JanHoefelmeyer
6dedeff7fc
Update actions.go 
Fixes typo: catergory -> category
 2023-01-25 11:40:25 +01:00
Sascha L. Teichmann
e004939abf Implement remote validation in checker. 2023-01-25 10:27:44 +01:00
Sascha L. Teichmann
bcc31c0cd6 Add remote validator support to downloader. 2023-01-25 01:12:18 +01:00
Sascha L. Teichmann
8c8ccf6a2e Extract more than one string from expr: category fields. 2023-01-22 20:55:26 +01:00
Sascha L. Teichmann
1d0499ddea Removed unused doc.go file in aggregator. 2023-01-19 16:45:26 +01:00
Sascha L. Teichmann
5b60e7d728 Add package comments to make revive happy. 2023-01-19 16:45:26 +01:00
Sascha L. Teichmann
c4b70d20cd Demand Go 1.19 in go.mod. Replaced interface{} with any 2023-01-19 16:45:26 +01:00
tschmidtb51
6b9ecead89 refactor: remove temporary solution joinUrlPath and use joinPath from Go 1.19.1 net/url 2022-09-24 18:53:03 +02:00
Sascha L. Teichmann
70b4e18b58
Treat invalid PMDs as error and stop processing if needed 
*  Improve how PMD validation result is used when searching for a valid PMD.
   We now stop if no PMD can be validated against the json schema.
 2022-08-26 16:53:18 +02:00
JanHoefelmeyer
3bb8ea0019
Improve checker regarding PMD location problems 
* Change checking to test for Security, wellknown and DNS requirement at once and only throws error if all three fail.
* Use security.txt parser from csaf/util to extract provider url.
* Improve code comments and messages for the reports.

Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2022-08-26 13:31:56 +02:00
Sascha L. Teichmann
a1f446f443 Use fully quoted CSV writer for changes.csv 2022-08-17 12:08:38 +02:00
Sascha L. Teichmann
37d8a8d6df Conversion provider -> publisher is not worth the method. 2022-08-16 12:28:14 +02:00
Sascha L. Teichmann
b608746fac support publishers in aggregator 2022-08-16 11:55:56 +02:00
Sascha L. Teichmann
696fb74b36 Do not export function in config. 2022-08-03 15:32:05 +02:00