* Improve error message if filename does not match document/tracking/id and let it be reported by the proper reporter
* style: remove unnecessary "\n"
* style: convert space to tab to calm linter
---------
Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
Co-authored-by: JanHoefelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
* Create ROLIE feed if summaries are empty
* Formatting, Remove sorting of 0 elements
* Handle minimum entry length error as warning in checker
* Use empty array instead of creating an empty array to reference
* Change schema to allow for empty entry arrays
* Use https://raw.githubusercontent.com/oasis-tcs/csaf/81b2663697958bc5f85d14372712a40028fb8338/csaf_2.0/json_schema/ROLIE_feed_json_schema.json as schema for ROLIE feeds
* Change label name from empty to undefined
* Change default of create_service_document for csaf_provider to true
* Config
* Count entries in csaf-checker, warn if there are none.
* Add Comments to csaf/rolie.go's CountEntries function
* Delete index.txt and changes.csv in aggregator if there are no entries.
* Create an empty ROLIE feed document when setting up folders during create
* nit: set update time stamp in structure init.
* Instantiate label checker only once.
* Ignore domain not having roles.
* provider: Create empty entry section in ROLIE feed.
* Stop check for domain if PMD check fails
* Add missing continue statement
* Report missing ROLIE feed entries in ROLIE feed, not Provider Metadata
* Do not ommit empty entries in ROLIE feeds.
* Fixed error handling problem introduced by faulty merge. Removed unused errStop handling while there.
---------
Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
Co-authored-by: JanHoefelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
* Add badROLIEfeed as Topic Message
* Use badROLIEfeed to guarantee existant TLP labels White, Green or unlabeled. (Test not implemented)
* syntax
* Formatting
* Add Tlp check, completion struct
* Add mismatch to completion, add function checkCompletion to fill mismatch and also give an error if invalid tlp levels have been used
* formatting
* Add function to remove incomplete csaf feeds from list of complete csaf feeds for a given tlp level
* Add checkSummary function that checks whether a given feed would qualify as summary feed between all currently checked feeds
* Add completed check of tlp levels
* Add checks for correct hashes and signatures in ROLIE feed
* formatting
* Add rolieFeedReporter functionality
* fix typo
* Add todo, add return values to functions
* Switch error, ... return value so error returns last
* Fix typo
* Remove hash/sig checks that don't work, improve ROLIE message
* Add handling for advisories without tlp level
* Formatting
* Clean up rolie checks.
* Started with simplifying rolie checking
* Every ROLIE with data should have a summary.
* Clean up ROLIE feed label checker.
* if no TLP level can be extracted, return Unlabeled, not WHITE
* Add handling of advisories whose tlp exists, but has no label
* Also check TLP Red for completeness
* Only remove advisory from remain when it has exactly the right tlp color.
* Fix import in new rolie feed checker.
* Update comment to reflect current functionality
* Accept advisory of lesser tlp color in feed as completing.
* Collect advisory labels from advisories.
* Clarify that if no summary feed was found, it may exist but be either not listed or not accessible.
* Do not clone advisory lookup before.
* Move rolie check code to respective file.
---------
Co-authored-by: JanHoefelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
* The validator is now able to print the details of the remote validations.
---------
Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
Co-authored-by: JanHoefelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
* Change checking to test for Security, wellknown and DNS requirement at once and only throws error if all three fail.
* Use security.txt parser from csaf/util to extract provider url.
* Improve code comments and messages for the reports.
Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
Solves #160
* Implements check on whether index.txt/changes.csv and directory listings exist. Also fixes minor grammatical mistakes
* Adds missing else to prevent defaulting to missing-error handling even if another error was found
* Removes comment
* test whether changes.csv or index.txt is empty
* Fixed type mismatching, undeclared variable
* Fixes typo in variable
* Fixes another typo in variable
* Fixes formatting error
* Removed reminder comments
* Fixes formatting errors
* Added check for missing directories
* Moved empty dirlistcheck to the right position
* fixes typo
* fixes typo
* Add info if files are found
* Cleans up code
* simplified check for empty changes.csv and index.txt
Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
