SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions
1028 commits 13 branches 34 tags 8.5 MiB
Commit graph

1028 commits

This branch
This branch
All branches
Author SHA1 Message Date
Bernhard Reiter
b553940769
update prepareUbuntuInstanceForITests.sh 
* to handle a newer nodejs
 * mention that Ubuntu 24.04 TLS was tested as well.
 2024-04-24 17:24:10 +02:00
Christoph Klassen
85b67f64ef
Merge pull request #535 from csaf-poc/MIT-to-Apache2.0 
Mit to apache2.0
 2024-04-24 09:21:36 +02:00
Kunz, Immanuel
005e661479 add config flag to use enumerate-only 2024-04-23 20:24:18 +02:00
Kunz, Immanuel
457d519990 minor updates to Enumerate method, integrate enumerate in cmd downloader 2024-04-23 19:09:22 +02:00
Christian Banse
9b1480ae3d Bumped Go version to Go 1.21. Using log/slog instead of golang.org/x/exp/slog 2024-04-23 15:37:43 +02:00
Kunz, Immanuel
d64aa20cee first draft for downloader using enumerate 2024-04-22 17:53:45 +02:00
Kunz, Immanuel
73aef07063 add enumerate function to ProviderMetadataLoader 2024-04-22 17:48:11 +02:00
JanHoefelmeyer
455a575a70 MIT License needed 2024-04-22 13:22:38 +02:00
JanHoefelmeyer
fa96e69dd1 Undo changing license for generated file 2024-04-22 13:15:50 +02:00
JanHoefelmeyer
39a29e39f1 Change Licenses from MIT to Apache 2.0 2024-04-22 13:11:30 +02:00
Christian Banse
fb1cf32e17 Fixed linting errors 2024-04-19 09:35:36 +02:00
Christian Banse
e658738b56 Added support for structured logging in csaf_aggretator 
This PR adds structured logging for the aggregator service. Currently, only the text handler is used, but I can extend this to use the JSON handler as well. In this case, probably some code that is shared between the aggregator and the downloader would need to be moved to a common package.

I was also wondering, whether this repo is moving to Go 1.21 at the future, since `slog` was introduced in to the standard lib in 1.21. So currently, this still relies on the `x/exp` package.

Fixes #462
 2024-04-18 19:58:02 +02:00
JanHoefelmeyer
d909e9de15
Merge pull request #526 from csaf-poc/docs5 
docs: improve link to CSAF standard documents
 2024-02-29 17:27:39 +01:00
Bernhard Reiter
51a681ef31
docs: improve link to CSAF standard documents 
* Add overview link to csaf.io
 * Fix link to specification and add link to the latest errata document.
 2024-02-27 09:44:41 +01:00
Bernhard E. Reiter
b858640fc1
docs: fix minor typo in test-keys/Readme.md (#525) 2024-02-23 14:48:39 +01:00
Sascha L. Teichmann
9a1c66eb8e
checker: Ensure that the processor is reset before checking each domain. (#523) 2024-01-15 08:59:58 +01:00
JanHoefelmeyer
6c8b3757aa
Older version (#513) 
* Add go_legacy.yml to check for compatibility with older go versions

* Remove tests already done in go.yml

* fix: Update actions, use stable/oldstable in actions

---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
 2023-12-07 16:12:26 +01:00
Sascha L. Teichmann
03e418182d
Advisories: Time filter download by 'updated' field in ROLIE entries. (#519) 
* Use 'updated' field of ROLIE field entries to time filter downloads.

* More suited variable naming
 2023-12-04 11:31:14 +01:00
Juan Ariza Toledano
9073a8a282
feat: Add function to find product identification helpers inspecting the tree (#505) 
* feat: Add function to find product identification helpers inspecting the tree

Signed-off-by: juan131 <jariza@vmware.com>

* fix: simplify unit tests

Signed-off-by: juan131 <jariza@vmware.com>

* fix: also iterate over relationships

Signed-off-by: juan131 <jariza@vmware.com>

* fix: adapt example to use new library function

Signed-off-by: juan131 <jariza@vmware.com>

* Separate collecting and visiting of the product id helpers.

---------

Signed-off-by: juan131 <jariza@vmware.com>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2023-12-01 15:31:25 +01:00
Sascha L. Teichmann
b457dc872f
Remove usage of slices in enum generator. (#516) 2023-12-01 11:45:09 +01:00
JanHoefelmeyer
d4ef21531a
Merge pull request #506 from csaf-poc/support-legacy-security-txt 
PMD: Support legacy security.txt location as fallback.
 2023-11-30 07:34:46 +01:00
Sascha L. Teichmann
91ab7f6b1c
Chance supported minimal Go version back to 1.20 (#514) 2023-11-28 10:37:16 +01:00
JanHoefelmeyer
a6bf44f7cc Removed impossible to achieve condition in reporters 2023-11-22 08:17:05 +01:00
JanHoefelmeyer
fb7c77b419 Remove unnecessary else block 2023-11-21 13:45:46 +01:00
JanHoefelmeyer
4a9f8a6f03 Change: cmd/csaf_checker/processor.go: Improve comment 2023-11-21 12:14:45 +01:00
JanHoefelmeyer
318c898a83 Change: cmd/csaf_checker/processor.go: Seperate check of security.txt under .well-known and legacy location into different messages to improve readability 2023-11-21 12:09:37 +01:00
JanHoefelmeyer
2fe836bed7
Merge pull request #512 from csaf-poc/Download_without_tlp 
Downloader: Add tlp label to path if no custom directory is configured. Refactor accordingly
 2023-11-21 11:46:44 +01:00
Sascha L. Teichmann
3935d9aa7a
Update cmd/csaf_checker/processor.go 
Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
 2023-11-20 21:53:51 +01:00
tschmidtb51
9e4a519fff
Add GH Action execution on PRs (#510) 2023-11-20 21:42:47 +01:00
Sascha L. Teichmann
6f8870154c Break overly long line. Fix typo in comment. 2023-11-20 21:13:24 +01:00
JanHoefelmeyer
a413852627 Downloader: Only add tlp label to path if no custom directory is configured. Refactor accordingly 2023-11-20 11:05:57 +01:00
JanHoefelmeyer
e27d64e42c Add path of offending security.txt to error message since now multiple paths are checked 2023-11-14 07:55:53 +01:00
Sascha L. Teichmann
0a2b69bd55 Adjust checker, too. 2023-11-13 09:59:12 +01:00
Sascha L. Teichmann
e2ab1903e7 Support legacy security.txt location as fallback. 2023-11-12 10:17:28 +01:00
Bernhard E. Reiter
65fae93a81
docs: underline that we are _not_ offering an API yet (#502) 
* docs: move link to final CSAF 2.0 in README

* docs: underline that we are _not_ offering an API yet

* Grammar fix

---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
 2023-11-08 10:40:23 +01:00
JanHoefelmeyer
466d2c6ab7
Merge pull request #476 from fjd-anh/add-mac-build 
Add build for macOS
 2023-11-08 09:43:10 +01:00
Bernhard Reiter
1579065453
docs: be more consistent with names 2023-11-08 09:39:02 +01:00
Bernhard E. Reiter
21ec5ad8e1
docs: move link to final CSAF 2.0 in README (#501) 2023-11-08 09:36:20 +01:00
Sascha L. Teichmann
aa3604ac3d
API examples: Improved wording in examples/README.md (#499) 
* Improved wording in examples/README.md

* Improve wording

* Fix link purl_searcher -> purls_searcher

---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
 2023-11-07 09:46:27 +01:00
JanHoefelmeyer
086c4ab48b
Convert a lot of command line arguments to snake case (#498) 
* Convert a lot of variables to snake case

* Add snakecase for variables made out of two words that had it in no version yet (for consistency)

* Adjust example files too

---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
 2023-11-06 14:33:05 +01:00
JanHoefelmeyer
77cc250561
Merge pull request #496 from csaf-poc/update-dependencies-2023-11-02 
Dependencies: Update 3rd-party dependencies
 2023-11-03 07:09:51 +01:00
JanHoefelmeyer
06d8e59b66
Merge pull request #497 from csaf-poc/example-fix-purls-searcher 
API: Fix pattern matching of purls and document categories in advisory model
 2023-11-03 07:08:39 +01:00
Sascha L. Teichmann
7f9449a12f Fix pattern matching of purls and document categories. Extract purls from relationships. 2023-11-02 18:23:43 +01:00
Sascha L. Teichmann
0fe118f7c1 Update dependencies 2023-11-02 17:13:22 +01:00
Sascha L. Teichmann
effd4a01af
Fix link to development doc page. (#495) 2023-11-02 14:24:59 +01:00
Sascha L. Teichmann
26c630df4a
API examples: move csaf_searcher to a lower prio place (#489) 
* move csaf_searcher to a lower prio place

* Adjust wording

* Grammar fix #2 'this is work in progress' -> 'This is a work in progress'...

---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
 2023-11-02 14:12:41 +01:00
Sascha L. Teichmann
7fbc012e2c
Docs: Add Development.md (#493) 
* Add docs/Development.md

* Fix link
 2023-11-02 13:06:37 +01:00
Sascha L. Teichmann
03a907b9b8
Fix checker doc of TOML config of validator (#492) 2023-11-02 12:19:16 +01:00
Sascha L. Teichmann
21fa98186c
Use Intevation's JSONPath fork (#490) 
* Use Intevation fork of github.com/PaesslerAG/jsonpath

* Remove passus about double quouted jsonpath strings.
 2023-11-02 10:41:24 +01:00
JanHoefelmeyer
0905824e02
Merge pull request #473 from cintek/main 
Adding advisory model
 2023-10-25 09:12:19 +02:00