gocsaf

mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00

Author	SHA1	Message	Date
Marius Goetze	51dc9b5bcb	refactor: deduplicate filtering pmd results from security.txt already done in `loadFromSecurity`	2024-07-15 14:22:15 +02:00
Marius Goetze	a46c286cf4	fix: don't drop error messages from loading provider-metadata.json previously in case case of trying last resort dns, all other error messages were dropped	2024-07-15 14:22:15 +02:00
JanHoefelmeyer	cb1ed601dd	Merge pull request #545 from csaf-poc/expand-util-tests Extend unit test coverage in util	2024-06-24 14:48:05 +02:00
Sascha L. Teichmann	5c6736b178	Remove data races in downloader caused by shared use of json path eval. (#547 )	2024-06-24 11:57:38 +02:00
koplas	3084cdbc37	Address comments	2024-06-21 15:35:30 +02:00
Bernhard E. Reiter	56fadc3a80	docs: fix typo in examples/aggregator.toml (#539 )	2024-06-21 14:04:20 +02:00
Bernhard E. Reiter	e2ad3d3f83	docs: fix licensing info for generated files (#542 ) * docs: fix licensing info for generated files * change generate_cvss_enums.go to note that the input file is relevant for the license. * change license and copyright of cvss20enums.go and cvss3enums.go to BSD-3-Clause and FIRST. * add reuse.software 3.0 compatible files for the schema cvss files. * Stamp right license into generated files. --------- Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>	2024-06-21 14:02:51 +02:00
koplas	33bd6bd787	Extend unittest coverage in util	2024-06-12 10:11:31 +02:00
Florian von Samson	7a5347803a	docs: improve README.md's first sentence * Improve the structure of the sentence and the two links.	2024-05-13 14:36:03 +02:00
Bernhard E. Reiter	2f9d5658eb	docs: remove unused license file (#544 ) * Remove LICENSES/LicenseRef-Go119-BSD-Patentgrant.txt as the only code using it was already removed with `6b9ecead89`.	2024-05-13 11:50:06 +02:00
JanHoefelmeyer	158b322a15	Merge pull request #537 from csaf-poc/dev-prepareubuntu update prepareUbuntuInstanceForITests.sh	2024-05-08 07:57:30 +02:00
Bernhard Herzog	617deb4c17	Merge pull request #530 from oxisto/slog Added support for structured logging in `csaf_aggregator`	2024-04-25 13:13:11 +02:00
Thomas Junk	1ec4a5cb5b	Merge pull request #536 from immqu/main Print provider-metadata.json files per domain	2024-04-25 11:00:20 +02:00
immqu immqu@users.noreply.github.com	a608cb0b17	Apply automatic changes	2024-04-25 07:43:28 +00:00
Immanuel Kunz	c704275a38	Merge branch 'csaf-poc:main' into main	2024-04-25 09:42:51 +02:00
Kunz, Immanuel	684770ff2e	fix typo, fix linting errors	2024-04-24 17:53:47 +02:00
Christian Banse	1fde81b779	Symbol -> sym link	2024-04-24 17:49:01 +02:00
Bernhard Reiter	b553940769	update prepareUbuntuInstanceForITests.sh * to handle a newer nodejs * mention that Ubuntu 24.04 TLS was tested as well.	2024-04-24 17:24:10 +02:00
Christoph Klassen	85b67f64ef	Merge pull request #535 from csaf-poc/MIT-to-Apache2.0 Mit to apache2.0	2024-04-24 09:21:36 +02:00
Kunz, Immanuel	005e661479	add config flag to use enumerate-only	2024-04-23 20:24:18 +02:00
Kunz, Immanuel	457d519990	minor updates to Enumerate method, integrate enumerate in cmd downloader	2024-04-23 19:09:22 +02:00
Christian Banse	9b1480ae3d	Bumped Go version to Go 1.21. Using log/slog instead of golang.org/x/exp/slog	2024-04-23 15:37:43 +02:00
Kunz, Immanuel	d64aa20cee	first draft for downloader using enumerate	2024-04-22 17:53:45 +02:00
Kunz, Immanuel	73aef07063	add enumerate function to ProviderMetadataLoader	2024-04-22 17:48:11 +02:00
JanHoefelmeyer	455a575a70	MIT License needed	2024-04-22 13:22:38 +02:00
JanHoefelmeyer	fa96e69dd1	Undo changing license for generated file	2024-04-22 13:15:50 +02:00
JanHoefelmeyer	39a29e39f1	Change Licenses from MIT to Apache 2.0	2024-04-22 13:11:30 +02:00
Christian Banse	fb1cf32e17	Fixed linting errors	2024-04-19 09:35:36 +02:00
Christian Banse	e658738b56	Added support for structured logging in `csaf_aggretator` This PR adds structured logging for the aggregator service. Currently, only the text handler is used, but I can extend this to use the JSON handler as well. In this case, probably some code that is shared between the aggregator and the downloader would need to be moved to a common package. I was also wondering, whether this repo is moving to Go 1.21 at the future, since `slog` was introduced in to the standard lib in 1.21. So currently, this still relies on the `x/exp` package. Fixes #462	2024-04-18 19:58:02 +02:00
JanHoefelmeyer	d909e9de15	Merge pull request #526 from csaf-poc/docs5 docs: improve link to CSAF standard documents	2024-02-29 17:27:39 +01:00
Bernhard Reiter	51a681ef31	docs: improve link to CSAF standard documents * Add overview link to csaf.io * Fix link to specification and add link to the latest errata document.	2024-02-27 09:44:41 +01:00
Bernhard E. Reiter	b858640fc1	docs: fix minor typo in test-keys/Readme.md (#525 )	2024-02-23 14:48:39 +01:00
Sascha L. Teichmann	9a1c66eb8e	checker: Ensure that the processor is reset before checking each domain. (#523 )	2024-01-15 08:59:58 +01:00
JanHoefelmeyer	6c8b3757aa	Older version (#513 ) * Add go_legacy.yml to check for compatibility with older go versions * Remove tests already done in go.yml * fix: Update actions, use stable/oldstable in actions --------- Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>	2023-12-07 16:12:26 +01:00
Sascha L. Teichmann	03e418182d	Advisories: Time filter download by 'updated' field in ROLIE entries. (#519 ) * Use 'updated' field of ROLIE field entries to time filter downloads. * More suited variable naming	2023-12-04 11:31:14 +01:00
Juan Ariza Toledano	9073a8a282	feat: Add function to find product identification helpers inspecting the tree (#505 ) * feat: Add function to find product identification helpers inspecting the tree Signed-off-by: juan131 <jariza@vmware.com> * fix: simplify unit tests Signed-off-by: juan131 <jariza@vmware.com> * fix: also iterate over relationships Signed-off-by: juan131 <jariza@vmware.com> * fix: adapt example to use new library function Signed-off-by: juan131 <jariza@vmware.com> * Separate collecting and visiting of the product id helpers. --------- Signed-off-by: juan131 <jariza@vmware.com> Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>	2023-12-01 15:31:25 +01:00
Sascha L. Teichmann	b457dc872f	Remove usage of slices in enum generator. (#516 )	2023-12-01 11:45:09 +01:00
JanHoefelmeyer	d4ef21531a	Merge pull request #506 from csaf-poc/support-legacy-security-txt PMD: Support legacy security.txt location as fallback.	2023-11-30 07:34:46 +01:00
Sascha L. Teichmann	91ab7f6b1c	Chance supported minimal Go version back to 1.20 (#514 )	2023-11-28 10:37:16 +01:00
JanHoefelmeyer	a6bf44f7cc	Removed impossible to achieve condition in reporters	2023-11-22 08:17:05 +01:00
JanHoefelmeyer	fb7c77b419	Remove unnecessary else block	2023-11-21 13:45:46 +01:00
JanHoefelmeyer	4a9f8a6f03	Change: cmd/csaf_checker/processor.go: Improve comment	2023-11-21 12:14:45 +01:00
JanHoefelmeyer	318c898a83	Change: cmd/csaf_checker/processor.go: Seperate check of security.txt under .well-known and legacy location into different messages to improve readability	2023-11-21 12:09:37 +01:00
JanHoefelmeyer	2fe836bed7	Merge pull request #512 from csaf-poc/Download_without_tlp Downloader: Add tlp label to path if no custom directory is configured. Refactor accordingly	2023-11-21 11:46:44 +01:00
Sascha L. Teichmann	3935d9aa7a	Update cmd/csaf_checker/processor.go Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>	2023-11-20 21:53:51 +01:00
tschmidtb51	9e4a519fff	Add GH Action execution on PRs (#510 )	2023-11-20 21:42:47 +01:00
Sascha L. Teichmann	6f8870154c	Break overly long line. Fix typo in comment.	2023-11-20 21:13:24 +01:00
JanHoefelmeyer	a413852627	Downloader: Only add tlp label to path if no custom directory is configured. Refactor accordingly	2023-11-20 11:05:57 +01:00
JanHoefelmeyer	e27d64e42c	Add path of offending security.txt to error message since now multiple paths are checked	2023-11-14 07:55:53 +01:00
Sascha L. Teichmann	0a2b69bd55	Adjust checker, too.	2023-11-13 09:59:12 +01:00

1 2 3 4 5 ...

1045 commits