SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 05:40:11 +01:00
Code Issues Releases Activity Actions
352 commits 13 branches 34 tags 8.5 MiB
Commit graph

182 commits

Author SHA1 Message Date
Sascha L. Teichmann
527a6f6005
Implement better search for provider-metadata.json 
* Decouple loading of provider metadata from processor and moved in the base library.
* Integrate new code into checker and aggregator
* Adhere to csd02 revision of CSAF 2.0.

resolve #60
 2022-05-31 18:10:18 +02:00
Bernhard Reiter
dca6f2c5c4
Improve version number in checker html result 2022-05-31 17:25:20 +02:00
Bernhard Reiter
b3759b8f9e
Improve version info in checker html result 2022-05-31 17:22:39 +02:00
Sascha L. Teichmann
f823d71ec5
Replace deprecated terminal import 2022-05-31 16:18:28 +02:00
Fadi Abbud
406366e0bd Add short form of flag and description 2022-05-31 08:56:07 +02:00
Sascha L. Teichmann
bc90389090 Use factored out rate throttling client in checker. 2022-05-30 23:25:21 +02:00
Sascha L. Teichmann
07ab770a35 Factored throttling client out of aggregator. 2022-05-30 23:12:08 +02:00
Fadi Abbud
a1036c3847 Add 'Rate' config option for download throttling (Checker) 2022-05-30 13:38:29 +02:00
Sascha L. Teichmann
86070629e2 Forget to add indices in aggregator. 2022-05-25 14:41:30 +02:00
Sascha L. Teichmann
a63911be41 Fix wrong content of ROLIE link 2022-05-25 12:30:33 +02:00
Sascha L. Teichmann
de595f5da9 Add missing category list in ROLIE feeds. Resolves issue #41 2022-05-25 10:17:17 +02:00
Fadi Abbud
13423c3d4d
Add datetime and version info to report of checker 
Resolve #142 

Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2022-05-24 16:59:27 +02:00
Sascha L. Teichmann
17f22855ee
Add filename conformity check 
* Add util function to check a filename for confirming to csaf-v2.0-csd02.
* Add code to reject bad filenames in provider, checker, aggregator and uploader.
 2022-05-20 18:57:27 +02:00
Sascha L. Teichmann
a50ed4ab01 Write correct url prefix to provider-metadata. 2022-05-19 12:22:06 +02:00
Sascha L. Teichmann
6295466ef5 Partially role back last commit. WIP 2022-05-19 11:33:11 +02:00
Sascha L. Teichmann
c69709c1ec Move ROLIE feed to respective folder. For Issue #143, #144 2022-05-19 10:20:20 +02:00
Sascha L. Teichmann
d779a3fd7e
Merge pull request #135 from csaf-poc/link-checker 
Link checker
 2022-05-17 17:26:35 +02:00
Sascha L. Teichmann
16556cd8bb check each advisory is listable 2022-05-17 17:20:43 +02:00
Bernhard Reiter
9eca8a924f
Improved searching for provider-metadata.json 
* Changes order to try the DNS path after security.txt.
* Add diagnostic output which URL is looked for.
 2022-05-17 16:08:38 +02:00
Sascha L. Teichmann
131a7155fa If there are year folders in directory listings, fetch files from the extra level. 2022-05-17 15:58:34 +02:00
Bernhard Reiter
2cfb4b8e49
Fix DNS path check 
* Make it dynamic by the domain given for the check.
 * Change reporting text to be more clear about which is the dynamic
   part (in lack of direct access to the path which was checked.)
 2022-05-17 15:34:39 +02:00
Bernhard Reiter
29f26e0299
Merge branch 'main' into link-checker 2022-05-17 14:45:01 +02:00
Bernhard Reiter
498aa925a8
Fix typo in html template for checker 2022-05-17 14:41:58 +02:00
Fadi Abbud
f5b7f81aa4 Fix path for locating provider-metadata.json 2022-05-17 12:54:14 +02:00
Sascha L. Teichmann
eaa2620eba Harvest only JSON files. 2022-05-17 11:51:29 +02:00
Bernhard Reiter
292e6ce611
Merge branch 'main' into dev-rolie-validation 2022-05-17 09:19:51 +02:00
Sascha L. Teichmann
3bbd37c441 Implemented links on directory listings checking 2022-05-17 01:22:30 +02:00
Sascha L. Teichmann
32be3602b6 Re-started link checker for directory listings 2022-05-16 18:04:15 +02:00
Bernhard Reiter
d5d48c7d2e
Fix typo in long option of uploader 2022-05-16 16:05:44 +02:00
Fadi Abbud
726711c688 Implement validation for ROLIE json schema 2022-05-16 11:15:46 +02:00
Fadi Abbud
17ac0f399a Improve error-handling by wrong config values. 2022-05-13 11:29:19 +02:00
Sascha L. Teichmann
8a1ebe0b7a
Add aggregator; improve itest workflow 
* Factor JSON evaluation and  construction base URLs out of of checker.
* Move json path matching to util.
* Add csaf_aggregator (as additional command)
* Improve itest workflow to checkout the branch where it is running on.

resolve #105
resolve  #72

Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
Co-authored-by: Fadi Abbud <fadi.abbud@intevation.de>
 2022-05-10 18:12:38 +02:00
Bernhard Reiter
9da0589236
Improve uploader exit code 
* Fix returning the error if https upload has failed.
 2022-05-10 17:58:39 +02:00
Sascha L. Teichmann
de872893f1 simplified code 2022-05-10 16:54:58 +02:00
Bernhard Reiter
046e96cfec
Improve exit code for failed upload 
* Add an exit code if an upload failed, but also print all the messages
   as before.
 2022-05-10 16:46:32 +02:00
Fadi Abbud
72e6df2987 Rename some variables 2022-05-04 15:39:22 +02:00
Fadi Abbud
a69d35ab3c Add code documentation 2022-05-04 15:31:26 +02:00
Fadi Abbud
ea9c6b4502 Implement more tests for checker 
* Implement testing if the provider-metadata.json is under
/.well-known/csaf/ available.
* Implement testing if the DNS is available and serves the
provider-metadata.json
 2022-05-04 15:23:03 +02:00
Sascha L. Teichmann
06c995c030 For issue #83 2022-04-29 08:52:39 +02:00
Fadi Abbud
8bf48a2de2
Adjust provider for new CSAF CSD02 schema 
* Replace "pgp_keys" with "public_openpgp_key" in the provider-metadata.json.

resolve #112
 2022-04-28 20:46:37 +02:00
Sascha L. Teichmann
dad549c392
Move code from checker to library 2022-04-28 13:47:35 +02:00
Sascha L. Teichmann
c8b53a8143
provider/create: Update existing security.txt 
* When creating a new provider setup, update the security.txt if it already exists.
   Put the csaf line on the top, so it may be prefered.

resolve #35
 2022-04-22 17:57:58 +02:00
Sascha L. Teichmann
3df91fa051
Type messages of a checker topic to avoid code duplication 2022-04-22 12:02:21 +02:00
Bernhard Reiter
880122315d
Correct minor typo in check output message 2022-04-21 17:16:18 +02:00
Bernhard Reiter
de738d2c56
Add message to explain a stopped check 
* In case of errStop, add a message to show which check aborted the
   others.
 2022-04-21 16:26:11 +02:00
Bernhard Reiter
dd48fc8b6c
Fix minor typo in code comment 2022-04-21 16:16:01 +02:00
Bernhard Reiter
cbb41588ea
Fix minor typos in code comments 2022-04-21 15:40:56 +02:00
Fadi Abbud
6fe6907c1d
Add --version option 
* Add flag to display the version for each binary. It is based on `git describe` but adds
  a number to the PATCH level if we are between annotated tags, so makes it semver.org
 compatible. Use the "-ldflags" method that also works with go 1.17.
* Use Makefile bash and sed magic to do PATCH level increase if needed.

Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2022-04-13 14:27:11 +02:00
Bernhard Reiter
96f4d57b76
Merge branch 'main' into dev-improve-client-certs 2022-04-08 10:06:12 +02:00
Fadi Abbud
a91d36cc95
Add options to use TLS client certificate for authentication (Checker) 
* Add "client-cert" and "client-key" flag options to allow the checker to use TLS client certificate for authentication.
* Fix typo TSL -> TLS in docs.


Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2022-03-31 17:57:43 +02:00