koplas
01c43d96ce
Fix checker url base handling
2025-07-02 16:27:58 +02:00
Christoph Klassen
c833c00f84
Merge pull request #649 from gocsaf/url-join
...
generate-markdown / auto-update-readme (push) Has been cancelled
Go / build (push) Has been cancelled
Go / run_modver (push) Has been cancelled
Use JoinPath
2025-06-26 08:18:39 +02:00
JanHoefelmeyer
5d37dd1339
Move PMD error from logs to report.
Go / build (push) Has been cancelled
Go / run_modver (push) Has been cancelled
2025-06-25 09:31:50 +02:00
JanHoefelmeyer
d09db6635d
Fix: Assume most restrictive role to prevent false-positives
Go / build (push) Waiting to run
Go / run_modver (push) Blocked by required conditions
2025-06-24 17:24:08 +02:00
koplas
3f4fe5cf18
Also generate report when role is not available
2025-06-24 17:18:42 +02:00
JanHoefelmeyer
02d4931152
Fix: Return properly early
2025-06-24 17:06:55 +02:00
koplas
1098c6add0
Use correct base URL
Go / build (push) Has been cancelled
Go / run_modver (push) Has been cancelled
2025-06-20 16:37:37 +02:00
koplas
091854a248
Always generate report
...
Go / build (push) Has been cancelled
Go / run_modver (push) Has been cancelled
Closes #385
2025-06-20 14:24:05 +02:00
koplas
6ac97810d0
Use JoinPath
...
This avoids issues where parts of the URL are discarded.
2025-06-19 15:11:45 +02:00
JanHoefelmeyer
8163f57851
Compare changes dates ( #609 )
...
* Feat: Compare dates in changes.csv to those within the files if existent
* Fix: remove debug output and fix typo
* Make map handling consistent
* Improve: refactor time extraction
* fix: some syntax fixes
* Small nits
* Fix: Check changes before stopping the scan of already tested advisories
* Revert "Fix: Check changes before stopping the scan of already tested advisories - bad way to solve the problem, can cause problems"
This reverts commit d38dc285cc
2025-03-14 10:05:56 +01:00
koplas
534d6f049f
Add content-type error report test
2025-03-10 12:04:46 +01:00
koplas
3cfafa8263
Report error in checker if content type is not correct
...
Related: #606
2025-03-10 11:11:34 +01:00
koplas
1d1c5698da
Merge branch 'main' into sha-handling
2025-03-05 09:41:29 +01:00
JanHoefelmeyer
82a6929e4d
Fix: Poor phrasing corrected
2025-01-29 09:41:16 +01:00
JanHoefelmeyer
02787b24b7
Update comments, clean up security check
2025-01-29 09:26:59 +01:00
JanHoefelmeyer
7d74543bbb
Fix: Now give errors if lookup methods fail, refactor accordingly
2025-01-29 09:02:18 +01:00
koplas
028f468d6f
Fix typo in error message
...
Closes #608
2025-01-23 10:32:13 +01:00
JanHoefelmeyer
b6721e1d5a
Add check for missing either sha256 or sha512 hashes only
2025-01-10 11:42:54 +01:00
koplas
d8e903587a
Warn only if the other hash could be fetched
2024-12-18 15:37:58 +01:00
koplas
d38150c6a0
Add testdata for individual hash forbidden tests
2024-12-16 12:57:28 +01:00
koplas
b1a7620763
Extend processor SHA fetching tests
...
Allow to forbid individual hashes from downloading. This allows to for
testing the behavior, if one of the hashes could not be downloaded.
2024-12-16 12:23:10 +01:00
koplas
9dd4b7fc8d
Add tests for no hash given or available
2024-12-13 15:54:39 +01:00
koplas
a3d6d6acfb
Downgrade error to info in directory hash fetching
2024-12-13 14:26:00 +01:00
koplas
68bd04676c
Add requirement checker test data
2024-12-06 13:11:07 +01:00
koplas
5b6af7a4ad
WIP: Add requirement tests
2024-12-04 18:04:08 +01:00
koplas
a51964be3f
Add initial csaf_checker provider test
2024-12-04 16:02:03 +01:00
ncsc-ie-devs
1daaed2c51
ensure HTTP requests use proxy env vars ( #597 )
...
* fix: ensure HTTP requests use proxy env vars
Updated all instances of `http.Transport` to include the `Proxy` field set to `http.ProxyFromEnvironment`. This ensures that the application respects proxy configuration defined by the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environment variables.
### Changes:
- Modified `http.Transport` initialization across the codebase to use:
```go
Proxy: http.ProxyFromEnvironment
```
- Ensured TLS configurations remain intact by preserving `TLSClientConfig`.
### Why:
- Previously, HTTP requests bypassed proxy settings due to missing configuration in the transport layer.
- This fix enables compatibility with proxied environments, aligning with standard Go behavior.
### Impact:
- All HTTP and HTTPS traffic now adheres to proxy settings.
- Domains listed in `NO_PROXY` bypass the proxy as expected.
### Verification:
- Tested with proxy environment variables set (`HTTP_PROXY`, `HTTPS_PROXY`).
- Verified requests route through the proxy and `NO_PROXY` works as intended.
* reformat with fmt
---------
Co-authored-by: Cormac Doherty <cormac.doherty@ncsc.gov.ie>
2024-12-02 11:42:54 +01:00
koplas
56509bbb4d
Use new path in tests
2024-11-27 12:51:38 +01:00
koplas
a5f4b10c4e
Merge branch 'main' into sha-handling
2024-11-27 12:39:14 +01:00
koplas
ffb4eff933
Merge unittest into sha-handling
...
commit 990c74a1a686d7ce17824f3b86d7ce13dca6807d279b890079b89009dda6807d24d6ddb5518d18d2c3d18d2c3bf1ddb5518c6d13c94f4fa01819b4896b989e3667ba714735d74ad488e39947a9bf9da1306ca6dfee2520bee797c68e4e5080733ba29f94dedee55aafd9cd9338ae72
2024-11-27 12:15:21 +01:00
Bernhard Reiter
e8706e5eb9
feat: perform go path repo move
...
* Change the go module path
from github.com/csaf-poc/csaf_distribution to github.com/gocsaf/csaf.
* Rename archive for release tarballs.
* Adjust testing scripts and documentation.
2024-11-04 13:20:47 +01:00
koplas
c0de0c2b6d
Check if hash present, before sending a request
2024-09-27 15:20:36 +02:00
JanHoefelmeyer
464e88b530
Merge pull request #571 from csaf-poc/fingerprint-no-breaking
...
Improve PGP fingerprint handling
2024-09-09 11:51:09 +02:00
Bernhard Reiter
5231b3386b
docs: improve code comment (minor)
2024-09-07 09:58:14 +02:00
koplas
c2e24f7bbb
Remove check for empty fingerprint
...
The schema validation already catches this error and this check will
never run.
2024-09-06 18:21:25 +02:00
koplas
9037574d96
Improve PGP fingerprint handling
...
Warn if no fingerprint is specified and give more details, if
fingerprint comparison fails.
Closes #555
2024-08-08 12:42:19 +02:00
koplas
be2e4e7424
Improve hash path handling of directory feeds
2024-07-31 11:42:45 +02:00
koplas
0ab851a874
Use a default user agent
2024-07-31 10:16:08 +02:00
koplas
a131b0fb4b
Improve SHA* marking
2024-07-25 15:39:40 +02:00
JanHoefelmeyer
39a29e39f1
Change Licenses from MIT to Apache 2.0
2024-04-22 13:11:30 +02:00
Sascha L. Teichmann
9a1c66eb8e
checker: Ensure that the processor is reset before checking each domain. ( #523 )
2024-01-15 08:59:58 +01:00
Sascha L. Teichmann
03e418182d
Advisories: Time filter download by 'updated' field in ROLIE entries. ( #519 )
...
* Use 'updated' field of ROLIE field entries to time filter downloads.
* More suited variable naming
2023-12-04 11:31:14 +01:00
JanHoefelmeyer
a6bf44f7cc
Removed impossible to achieve condition in reporters
2023-11-22 08:17:05 +01:00
JanHoefelmeyer
fb7c77b419
Remove unnecessary else block
2023-11-21 13:45:46 +01:00
JanHoefelmeyer
4a9f8a6f03
Change: cmd/csaf_checker/processor.go: Improve comment
2023-11-21 12:14:45 +01:00
JanHoefelmeyer
318c898a83
Change: cmd/csaf_checker/processor.go: Seperate check of security.txt under .well-known and legacy location into different messages to improve readability
2023-11-21 12:09:37 +01:00
Sascha L. Teichmann
3935d9aa7a
Update cmd/csaf_checker/processor.go
...
Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
2023-11-20 21:53:51 +01:00
JanHoefelmeyer
e27d64e42c
Add path of offending security.txt to error message since now multiple paths are checked
2023-11-14 07:55:53 +01:00
Sascha L. Teichmann
0a2b69bd55
Adjust checker, too.
2023-11-13 09:59:12 +01:00
JanHoefelmeyer
086c4ab48b
Convert a lot of command line arguments to snake case ( #498 )
...
* Convert a lot of variables to snake case
* Add snakecase for variables made out of two words that had it in no version yet (for consistency)
* Adjust example files too
---------
Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
2023-11-06 14:33:05 +01:00
