SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 05:40:11 +01:00
Code Issues Releases Activity Actions
1188 commits 13 branches 34 tags 8.5 MiB
Commit graph

152 commits

Author SHA1 Message Date
JanHoefelmeyer
502376ce3a fix typo: contibutor -> contributor
Some checks failed
Go Test (oldstable) / build (push) Has been cancelled
Details
Go / build (push) Has been cancelled
Details
Go / run_modver (push) Has been cancelled
Details
2025-11-28 16:12:10 +01:00
Sascha L. Teichmann
9a37a8ecfa Add more fields to rolie entry.
Some checks are pending
Go Test (oldstable) / build (push) Waiting to run
Details
Go / build (push) Waiting to run
Details
Go / run_modver (push) Blocked by required conditions
Details
2025-11-27 15:23:34 +01:00
Sascha L. Teichmann
d6bac95e45 Removed debugging code 2025-11-19 12:56:04 +01:00
Sascha L. Teichmann
5a1c2a0873 Add category field to ROLIE feed model. 2025-11-19 12:12:43 +01:00
Bernhard Reiter
cf9c62fcc0
silence revive linter warnings 
that we cannot or do not want to fix yet
 2025-10-23 16:09:18 +02:00
Paul Schwabauer
187d114631
Remove unnecessary URL joins (#676)
Some checks failed
generate-markdown / auto-update-readme (push) Has been cancelled
Details
Go / build (push) Has been cancelled
Details
Go / run_modver (push) Has been cancelled
Details 
This should avoid bugs for more complex scenarios.
 2025-09-01 16:13:57 +02:00
JanHoefelmeyer
ae184eb189
Merge pull request #655 from gocsaf/json-eof
Some checks failed
generate-markdown / auto-update-readme (push) Has been cancelled
Details
Go / build (push) Has been cancelled
Details
Go / run_modver (push) Has been cancelled
Details 
Make json parsing more strict
 2025-07-08 07:46:07 +02:00
JanHoefelmeyer
4b4d6ed594 Remove uknown field tests
Some checks failed
Go / build (push) Has been cancelled
Details
Go / run_modver (push) Has been cancelled
Details
2025-07-07 11:45:36 +02:00
koplas
c81f55a752
Add LoadAdvisory tests
Some checks failed
Go / build (push) Has been cancelled
Details
Go / run_modver (push) Has been cancelled
Details
2025-07-04 15:29:03 +02:00
koplas
fc3837d655
Make json parsing more strict
Some checks are pending
Go / build (push) Waiting to run
Details
Go / run_modver (push) Blocked by required conditions
Details
2025-07-02 17:06:25 +02:00
Bernhard Reiter
a6d0a0c790
docs: extend package csaf doc comment 
* fix sentence.
  * add link to the section in the top-level readme that has the limits
    on the use as a library.
 2025-06-27 10:20:56 +02:00
koplas
1098c6add0 Use correct base URL
Some checks failed
Go / build (push) Has been cancelled
Details
Go / run_modver (push) Has been cancelled
Details
2025-06-20 16:37:37 +02:00
koplas
6ac97810d0
Use JoinPath 
This avoids issues where parts of the URL are discarded.
 2025-06-19 15:11:45 +02:00
koplas
34705f3c6e Address comments
Some checks failed
Go / build (push) Has been cancelled
Details
2025-06-13 11:01:43 +02:00
koplas
fc64bf7165
Upgrade jsonschema to v6 2025-06-12 15:53:39 +02:00
Paul Schwabauer
5709b14650
Extend structured logging usage in aggregator (#622) 
* Extend structured logging usage in aggregator

* Use structured logging in advisories processor

* Remove unnecessary inner function

* Format

* Feat: Add verbose flag to example aggregator toml (in comment)

---------

Co-authored-by: JanHoefelmeyer <jan.hoefelmeyer@intevation.de>
 2025-03-19 09:04:19 +01:00
koplas
a5f4b10c4e
Merge branch 'main' into sha-handling 2024-11-27 12:39:14 +01:00
koplas
ffb4eff933
Merge unittest into sha-handling 
commit 990c74a1a6
Merge: 86d7ce1 7824f3b
Author: koplas <pschwabauer@intevation.de>
Date:   Fri Nov 22 16:58:46 2024 +0100

    Merge branch 'sha-handling' into unittest

commit 86d7ce13dc
Merge: a6807d2 79b8900
Author: koplas <pschwabauer@intevation.de>
Date:   Fri Nov 22 16:54:45 2024 +0100

    Merge branch 'sha-handling' into unittest

commit 79b89009dd
Author: koplas <pschwabauer@intevation.de>
Date:   Fri Nov 22 16:31:56 2024 +0100

    Improve hash fetching and logging

commit a6807d24d6
Merge: ddb5518 d18d2c3
Author: koplas <pschwabauer@intevation.de>
Date:   Fri Nov 22 16:51:55 2024 +0100

    Merge branch 'sha-handling' into unittest

commit d18d2c3bf1
Author: koplas <pschwabauer@intevation.de>
Date:   Fri Nov 22 16:31:56 2024 +0100

    Improve hash fetching and logging

commit ddb5518c6d
Author: koplas <54645365+koplas@users.noreply.github.com>
Date:   Tue Sep 17 10:45:25 2024 +0200

    Extend SHA marking tests

commit 13c94f4fa0
Author: koplas <pschwabauer@intevation.de>
Date:   Mon Sep 16 20:46:31 2024 +0200

    Use temp directory for downloads

commit 1819b4896b
Author: koplas <pschwabauer@intevation.de>
Date:   Mon Sep 16 20:37:55 2024 +0200

    Fix rolie feed

commit 989e3667ba
Author: koplas <pschwabauer@intevation.de>
Date:   Mon Sep 16 20:23:22 2024 +0200

    Fix provider-metadata.json

commit 714735d74a
Author: koplas <pschwabauer@intevation.de>
Date:   Mon Sep 16 20:08:21 2024 +0200

    Implement provider handler

commit d488e39947
Author: koplas <pschwabauer@intevation.de>
Date:   Mon Sep 16 16:26:37 2024 +0200

    Add info about gpg key

commit a9bf9da130
Author: koplas <pschwabauer@intevation.de>
Date:   Mon Sep 16 16:12:49 2024 +0200

    Rename directory testdata

commit 6ca6dfee25
Author: koplas <pschwabauer@intevation.de>
Date:   Mon Sep 16 16:01:41 2024 +0200

    Add initial downloader tests

commit 20bee797c6
Author: koplas <pschwabauer@intevation.de>
Date:   Mon Sep 16 15:58:31 2024 +0200

    Fix: Remove unecessary error print

commit 8e4e508073
Author: koplas <pschwabauer@intevation.de>
Date:   Mon Sep 16 14:50:48 2024 +0200

    Extend links test

commit 3ba29f94de
Author: koplas <pschwabauer@intevation.de>
Date:   Mon Sep 16 14:11:14 2024 +0200

    Add initial directory feed testdata

commit dee55aafd9
Author: koplas <54645365+koplas@users.noreply.github.com>
Date:   Mon Sep 16 10:47:32 2024 +0200

    Add initial testdata

commit cd9338ae72
Author: koplas <54645365+koplas@users.noreply.github.com>
Date:   Thu Sep 12 15:54:42 2024 +0200

    Add initial download unittests
 2024-11-27 12:15:21 +01:00
Bernhard Reiter
e8706e5eb9 feat: perform go path repo move 
* Change the go module path
   from github.com/csaf-poc/csaf_distribution to github.com/gocsaf/csaf.
 * Rename archive for release tarballs.
 * Adjust testing scripts and documentation.
 2024-11-04 13:20:47 +01:00
Sascha L. Teichmann
7aa95c03ca
fix: bring aggregator schema to errata01 (#583) 2024-10-30 11:03:18 +01:00
koplas
be2e4e7424
Improve hash path handling of directory feeds 2024-07-31 11:42:45 +02:00
koplas
a131b0fb4b
Improve SHA* marking 2024-07-25 15:39:40 +02:00
Marius Goetze
51dc9b5bcb refactor: deduplicate filtering pmd results from security.txt 
already done in `loadFromSecurity`
 2024-07-15 14:22:15 +02:00
Marius Goetze
a46c286cf4 fix: don't drop error messages from loading provider-metadata.json 
previously in case case of trying last resort dns, all other error messages were dropped
 2024-07-15 14:22:15 +02:00
Bernhard E. Reiter
e2ad3d3f83
docs: fix licensing info for generated files (#542) 
* docs: fix licensing info for generated files

 * change generate_cvss_enums.go to note that the input file is
   relevant for the license.
 * change license and copyright of cvss20enums.go and cvss3enums.go
   to BSD-3-Clause and FIRST.
 * add reuse.software 3.0 compatible files for the schema cvss files.

* Stamp right license into generated files.

---------

Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2024-06-21 14:02:51 +02:00
Bernhard Herzog
617deb4c17
Merge pull request #530 from oxisto/slog 
Added support for structured logging in `csaf_aggregator`
 2024-04-25 13:13:11 +02:00
Immanuel Kunz
c704275a38
Merge branch 'csaf-poc:main' into main 2024-04-25 09:42:51 +02:00
Kunz, Immanuel
684770ff2e fix typo, fix linting errors 2024-04-24 17:53:47 +02:00
Kunz, Immanuel
005e661479 add config flag to use enumerate-only 2024-04-23 20:24:18 +02:00
Kunz, Immanuel
457d519990 minor updates to Enumerate method, integrate enumerate in cmd downloader 2024-04-23 19:09:22 +02:00
Kunz, Immanuel
73aef07063 add enumerate function to ProviderMetadataLoader 2024-04-22 17:48:11 +02:00
JanHoefelmeyer
fa96e69dd1 Undo changing license for generated file 2024-04-22 13:15:50 +02:00
JanHoefelmeyer
39a29e39f1 Change Licenses from MIT to Apache 2.0 2024-04-22 13:11:30 +02:00
Christian Banse
e658738b56 Added support for structured logging in csaf_aggretator 
This PR adds structured logging for the aggregator service. Currently, only the text handler is used, but I can extend this to use the JSON handler as well. In this case, probably some code that is shared between the aggregator and the downloader would need to be moved to a common package.

I was also wondering, whether this repo is moving to Go 1.21 at the future, since `slog` was introduced in to the standard lib in 1.21. So currently, this still relies on the `x/exp` package.

Fixes #462
 2024-04-18 19:58:02 +02:00
Sascha L. Teichmann
03e418182d
Advisories: Time filter download by 'updated' field in ROLIE entries. (#519) 
* Use 'updated' field of ROLIE field entries to time filter downloads.

* More suited variable naming
 2023-12-04 11:31:14 +01:00
Juan Ariza Toledano
9073a8a282
feat: Add function to find product identification helpers inspecting the tree (#505) 
* feat: Add function to find product identification helpers inspecting the tree

Signed-off-by: juan131 <jariza@vmware.com>

* fix: simplify unit tests

Signed-off-by: juan131 <jariza@vmware.com>

* fix: also iterate over relationships

Signed-off-by: juan131 <jariza@vmware.com>

* fix: adapt example to use new library function

Signed-off-by: juan131 <jariza@vmware.com>

* Separate collecting and visiting of the product id helpers.

---------

Signed-off-by: juan131 <jariza@vmware.com>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2023-12-01 15:31:25 +01:00
Sascha L. Teichmann
b457dc872f
Remove usage of slices in enum generator. (#516) 2023-12-01 11:45:09 +01:00
Sascha L. Teichmann
e2ab1903e7 Support legacy security.txt location as fallback. 2023-11-12 10:17:28 +01:00
Sascha L. Teichmann
7f9449a12f Fix pattern matching of purls and document categories. Extract purls from relationships. 2023-11-02 18:23:43 +01:00
cintek
c05a4023ff
Merge branch 'csaf-poc:main' into main 2023-10-12 14:18:42 +02:00
Sascha L. Teichmann
3ba37b41c7 Add AssertFormat flag to schema compiler 2023-09-30 07:49:44 +02:00
Sascha L. Teichmann
7a8cdb6d19
Lift distribution from v2 to v3. (#467) 
* v2 -> v3

* Increase version within Makefile

---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
 2023-09-27 15:46:57 +02:00
Sascha L. Teichmann
20b2bd27b3 Fix typo in comment. 2023-09-13 14:35:22 +02:00
Christoph Klassen
37cdda7c42 dont use pointer for lists of elements 2023-09-13 08:55:28 +02:00
Christoph Klassen
c8f1361c52 added validation for vulnerabilites 2023-09-12 17:26:28 +02:00
Christoph Klassen
b5db976f05 completed validation of product tree 2023-09-12 16:21:00 +02:00
cintek
094fe37026
Merge branch 'main' into cleanup-validation 2023-09-12 15:37:51 +02:00
Christoph Klassen
bdd7f24b31 fix: product tree properties 2023-09-11 21:31:45 +02:00
Sascha L. Teichmann
4da9f67e2e Distribute the validation to the types to reduce the overall complexity. 2023-09-09 21:15:25 +02:00
Christoph Klassen
ed42f193d1 added function to validate ProductTree 2023-09-08 20:04:04 +02:00