SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 05:40:11 +01:00
Code Issues Releases Activity Actions
1166 commits 13 branches 34 tags 8.5 MiB
Commit graph

1166 commits

This branch
This branch
All branches
Author SHA1 Message Date
Paul Schwabauer
f7dc3f5ec7
Use .test TLD for integration setup (#577) 
.local is reserved for local-area networks, and .localhost is reserved for loopback devices. Using .test allows easier usage for different test setups.

 * https://www.rfc-editor.org/rfc/rfc2606#section-2 defines the "test." top level domain and "localhost.".
* https://www.rfc-editor.org/rfc/rfc6761.html#section-6.2 explains how different implementations can use "test.".
 2024-09-29 09:08:01 +02:00
koplas
c0de0c2b6d Check if hash present, before sending a request 2024-09-27 15:20:36 +02:00
JanHoefelmeyer
a70a04e169
Merge pull request #573 from csaf-poc/go122 
Upgrade to go v1.22
 2024-09-26 11:13:30 +02:00
koplas
f36c96e798
Upgrade to go v1.22 
Closes #570
 2024-09-12 13:45:59 +02:00
4echow
c148a18dba docs:: fix miner typo in csaf_downloader.md 2024-09-12 10:09:34 +02:00
JanHoefelmeyer
464e88b530
Merge pull request #571 from csaf-poc/fingerprint-no-breaking 
Improve PGP fingerprint handling
 2024-09-09 11:51:09 +02:00
koplas
37c9eaf346
Add CLI flags to specify what hash is preferred 2024-09-09 10:35:41 +02:00
Bernhard Reiter
5231b3386b
docs: improve code comment (minor) 2024-09-07 09:58:14 +02:00
koplas
c2e24f7bbb Remove check for empty fingerprint 
The schema validation already catches this error and this check will
never run.
 2024-09-06 18:21:25 +02:00
JanHoefelmeyer
108c2f5508
Merge pull request #553 from csaf-poc/user-agent 
Use a default user agent
 2024-08-09 14:28:29 +02:00
koplas
9037574d96
Improve PGP fingerprint handling 
Warn if no fingerprint is specified and give more details, if
fingerprint comparison fails.

Closes #555
 2024-08-08 12:42:19 +02:00
JanHoefelmeyer
8feddc70e1 feat: no longer require to be root user to call setup scripts 2024-08-05 16:41:55 +02:00
koplas
13a635c7e3
Add user-agent documentation to aggregator 2024-08-01 15:43:35 +02:00
Bernhard Reiter
1a2ce684ff
improve default header 
* use `csaf_distribution` with an underscore as underscores
   are allowed by RFC9110 and it is more consistent as it is used
   with underscore at other places.
 * change example to `VERSION` to indicate that this is dynamic.
 2024-08-01 14:53:23 +02:00
koplas
be2e4e7424
Improve hash path handling of directory feeds 2024-07-31 11:42:45 +02:00
koplas
3a67fb5210
Add user-agent documentation 2024-07-31 11:00:40 +02:00
koplas
0ab851a874
Use a default user agent 2024-07-31 10:16:08 +02:00
koplas
a131b0fb4b
Improve SHA* marking 2024-07-25 15:39:40 +02:00
JanHoefelmeyer
257c316894
Merge pull request #548 from greenbone/fix-error-message 
fix error message in csaf downloader
 2024-07-18 07:47:48 +02:00
Marius Goetze
bcf4d2f64a fix error message 
The error message had a trailing `:` which suggest that there are some details which were truncated. However the details are already printed before in the log.
 2024-07-16 12:00:09 +02:00
Marius Goetze
1e531de82d fix: don't require debug level to print error details on failed loading of provider metadata json 2024-07-15 14:22:15 +02:00
Marius Goetze
51dc9b5bcb refactor: deduplicate filtering pmd results from security.txt 
already done in `loadFromSecurity`
 2024-07-15 14:22:15 +02:00
Marius Goetze
a46c286cf4 fix: don't drop error messages from loading provider-metadata.json 
previously in case case of trying last resort dns, all other error messages were dropped
 2024-07-15 14:22:15 +02:00
JanHoefelmeyer
cb1ed601dd
Merge pull request #545 from csaf-poc/expand-util-tests 
Extend unit test coverage in util
 2024-06-24 14:48:05 +02:00
Sascha L. Teichmann
5c6736b178
Remove data races in downloader caused by shared use of json path eval. (#547) 2024-06-24 11:57:38 +02:00
koplas
3084cdbc37
Address comments 2024-06-21 15:35:30 +02:00
Bernhard E. Reiter
56fadc3a80
docs: fix typo in examples/aggregator.toml (#539) 2024-06-21 14:04:20 +02:00
Bernhard E. Reiter
e2ad3d3f83
docs: fix licensing info for generated files (#542) 
* docs: fix licensing info for generated files

 * change generate_cvss_enums.go to note that the input file is
   relevant for the license.
 * change license and copyright of cvss20enums.go and cvss3enums.go
   to BSD-3-Clause and FIRST.
 * add reuse.software 3.0 compatible files for the schema cvss files.

* Stamp right license into generated files.

---------

Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2024-06-21 14:02:51 +02:00
koplas
33bd6bd787 Extend unittest coverage in util 2024-06-12 10:11:31 +02:00
Florian von Samson
7a5347803a
docs: improve README.md's first sentence 
* Improve the structure of the sentence and the two links.
 2024-05-13 14:36:03 +02:00
Bernhard E. Reiter
2f9d5658eb
docs: remove unused license file (#544) 
* Remove LICENSES/LicenseRef-Go119-BSD-Patentgrant.txt as the only code
   using it was already removed with 6b9ecead89.
 2024-05-13 11:50:06 +02:00
JanHoefelmeyer
158b322a15
Merge pull request #537 from csaf-poc/dev-prepareubuntu 
update prepareUbuntuInstanceForITests.sh
 2024-05-08 07:57:30 +02:00
Bernhard Herzog
617deb4c17
Merge pull request #530 from oxisto/slog 
Added support for structured logging in `csaf_aggregator`
 2024-04-25 13:13:11 +02:00
Thomas Junk
1ec4a5cb5b
Merge pull request #536 from immqu/main 
Print provider-metadata.json files per domain
 2024-04-25 11:00:20 +02:00
immqu immqu@users.noreply.github.com
a608cb0b17 Apply automatic changes 2024-04-25 07:43:28 +00:00
Immanuel Kunz
c704275a38
Merge branch 'csaf-poc:main' into main 2024-04-25 09:42:51 +02:00
Kunz, Immanuel
684770ff2e fix typo, fix linting errors 2024-04-24 17:53:47 +02:00
Christian Banse
1fde81b779 Symbol -> sym link 2024-04-24 17:49:01 +02:00
Bernhard Reiter
b553940769
update prepareUbuntuInstanceForITests.sh 
* to handle a newer nodejs
 * mention that Ubuntu 24.04 TLS was tested as well.
 2024-04-24 17:24:10 +02:00
Christoph Klassen
85b67f64ef
Merge pull request #535 from csaf-poc/MIT-to-Apache2.0 
Mit to apache2.0
 2024-04-24 09:21:36 +02:00
Kunz, Immanuel
005e661479 add config flag to use enumerate-only 2024-04-23 20:24:18 +02:00
Kunz, Immanuel
457d519990 minor updates to Enumerate method, integrate enumerate in cmd downloader 2024-04-23 19:09:22 +02:00
Christian Banse
9b1480ae3d Bumped Go version to Go 1.21. Using log/slog instead of golang.org/x/exp/slog 2024-04-23 15:37:43 +02:00
Kunz, Immanuel
d64aa20cee first draft for downloader using enumerate 2024-04-22 17:53:45 +02:00
Kunz, Immanuel
73aef07063 add enumerate function to ProviderMetadataLoader 2024-04-22 17:48:11 +02:00
JanHoefelmeyer
455a575a70 MIT License needed 2024-04-22 13:22:38 +02:00
JanHoefelmeyer
fa96e69dd1 Undo changing license for generated file 2024-04-22 13:15:50 +02:00
JanHoefelmeyer
39a29e39f1 Change Licenses from MIT to Apache 2.0 2024-04-22 13:11:30 +02:00
Christian Banse
fb1cf32e17 Fixed linting errors 2024-04-19 09:35:36 +02:00
Christian Banse
e658738b56 Added support for structured logging in csaf_aggretator 
This PR adds structured logging for the aggregator service. Currently, only the text handler is used, but I can extend this to use the JSON handler as well. In this case, probably some code that is shared between the aggregator and the downloader would need to be moved to a common package.

I was also wondering, whether this repo is moving to Go 1.21 at the future, since `slog` was introduced in to the standard lib in 1.21. So currently, this still relies on the `x/exp` package.

Fixes #462
 2024-04-18 19:58:02 +02:00