SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions
1041 commits 13 branches 34 tags 8.5 MiB
Commit graph

1041 commits

This branch
This branch
All branches
Author SHA1 Message Date
koplas
bc5d149f74 Use exit code 1 for general errors, fix documentation 2024-12-16 19:28:24 +01:00
koplas
df65ad13cb
Fix: return correct exit code 2024-12-10 10:13:42 +01:00
Sascha L. Teichmann
16e86051c5 Be more precise about exit codes. 2024-12-04 14:27:24 +01:00
koplas
938ceb872a Return exit code based on validation result 2024-12-04 13:54:38 +01:00
koplas
57953e495f Warn if no remote validator was specified 2024-12-04 13:23:57 +01:00
ncsc-ie-devs
1daaed2c51
ensure HTTP requests use proxy env vars (#597) 
* fix: ensure HTTP requests use proxy env vars

Updated all instances of `http.Transport` to include the `Proxy` field set to `http.ProxyFromEnvironment`. This ensures that the application respects proxy configuration defined by the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environment variables.

### Changes:
- Modified `http.Transport` initialization across the codebase to use:
  ```go
  Proxy: http.ProxyFromEnvironment
  ```
- Ensured TLS configurations remain intact by preserving `TLSClientConfig`.

### Why:
- Previously, HTTP requests bypassed proxy settings due to missing configuration in the transport layer.
- This fix enables compatibility with proxied environments, aligning with standard Go behavior.

### Impact:
- All HTTP and HTTPS traffic now adheres to proxy settings.
- Domains listed in `NO_PROXY` bypass the proxy as expected.

### Verification:
- Tested with proxy environment variables set (`HTTP_PROXY`, `HTTPS_PROXY`).
- Verified requests route through the proxy and `NO_PROXY` works as intended.

* reformat with fmt

---------

Co-authored-by: Cormac Doherty <cormac.doherty@ncsc.gov.ie>
 2024-12-02 11:42:54 +01:00
JanHoefelmeyer
18af28f475
Merge pull request #600 from gocsaf/docs-proxy-for-2 
fix docs link to standard
 2024-12-02 10:41:57 +01:00
Bernhard Reiter
b8a98033bf
fix docs link to standard 2024-11-28 15:58:20 +01:00
JanHoefelmeyer
678f232a9a
Merge pull request #593 from gocsaf/add-upload-permission 
Add required upload permissions
 2024-11-27 10:04:06 +01:00
JanHoefelmeyer
2435abe3e1
Merge pull request #594 from gocsaf/update_go_3rd_party_libs_2024_11_22 
Update Go 3rd party libs
 2024-11-26 08:23:18 +01:00
JanHoefelmeyer
3dc84f3537
Merge pull request #598 from gocsaf/docs-readme-12 
Update README.md that go paths can be adjusted
 2024-11-26 07:08:57 +01:00
Bernhard Reiter
b2180849e9
Update README.md that go paths can be adjusted 2024-11-25 09:38:13 +01:00
Sascha L. Teichmann
9495d8b1c3 Update Go 3rd party libs 2024-11-22 16:10:54 +01:00
koplas
f6d7589fde Add required upload permissions 2024-11-22 15:58:41 +01:00
JanHoefelmeyer
fe4f01d062
fix: Link to file was not working (#592) 2024-11-22 14:52:56 +01:00
JanHoefelmeyer
01645f5559 Fix: Update downloader docs 2024-11-21 14:55:41 +01:00
Bernhard Reiter
1e3504c753 improve Makefile improvement 2024-11-15 19:54:00 +01:00
Bernhard Reiter
ace8aeaf98 fix: build-in version for release tags 
* Change Makefile to remove the leading `v` from the git tag
   in the case of release tags. Previously this was only done for
   pre-release git tags.
 2024-11-15 19:54:00 +01:00
JanHoefelmeyer
3e9b5e1ebb
Merge pull request #584 from gocsaf/dev-12 
improve test setup scripts by adding missing package
 2024-11-05 09:22:35 +01:00
Bernhard Reiter
e8706e5eb9 feat: perform go path repo move 
* Change the go module path
   from github.com/csaf-poc/csaf_distribution to github.com/gocsaf/csaf.
 * Rename archive for release tarballs.
 * Adjust testing scripts and documentation.
 2024-11-04 13:20:47 +01:00
Bernhard Reiter
ffadad38c6
improve test setupscript by adding missing zip 
Add zip as packages to be installed in preparation as
 the `make dist` target uses it.
 2024-10-30 15:53:22 +01:00
JanHoefelmeyer
91207f2b7b
Merge pull request #581 from gocsaf/repomove-alert 
docs: add link update alert to README.md
 2024-10-30 12:24:29 +01:00
JanHoefelmeyer
1c860a1ab2
Update README.md: Fix: typo 2024-10-30 11:22:24 +01:00
Bernhard E. Reiter
1aad5331d2
Update README.md 
reformat a bit
 2024-10-30 11:15:31 +01:00
Sascha L. Teichmann
7aa95c03ca
fix: bring aggregator schema to errata01 (#583) 2024-10-30 11:03:18 +01:00
Bernhard E. Reiter
6ebe7f5f5d
Update repo move alert in README.md 
use a better phrasing
 2024-10-30 10:53:15 +01:00
Bernhard E. Reiter
bf057e2fa8
Update repo move alert in README.md 
HTML links can be adjusted right now, go module paths will have to wait a bit.
 2024-10-30 10:51:38 +01:00
Bernhard E. Reiter
bdd8aa0a94
Update README.md 2024-10-29 09:50:26 +01:00
Bernhard E. Reiter
18e2e35e7c
Update README.md with link update alert 2024-10-29 09:49:27 +01:00
Paul Schwabauer
f7dc3f5ec7
Use .test TLD for integration setup (#577) 
.local is reserved for local-area networks, and .localhost is reserved for loopback devices. Using .test allows easier usage for different test setups.

 * https://www.rfc-editor.org/rfc/rfc2606#section-2 defines the "test." top level domain and "localhost.".
* https://www.rfc-editor.org/rfc/rfc6761.html#section-6.2 explains how different implementations can use "test.".
 2024-09-29 09:08:01 +02:00
JanHoefelmeyer
a70a04e169
Merge pull request #573 from csaf-poc/go122 
Upgrade to go v1.22
 2024-09-26 11:13:30 +02:00
koplas
f36c96e798
Upgrade to go v1.22 
Closes #570
 2024-09-12 13:45:59 +02:00
4echow
c148a18dba docs:: fix miner typo in csaf_downloader.md 2024-09-12 10:09:34 +02:00
JanHoefelmeyer
464e88b530
Merge pull request #571 from csaf-poc/fingerprint-no-breaking 
Improve PGP fingerprint handling
 2024-09-09 11:51:09 +02:00
Bernhard Reiter
5231b3386b
docs: improve code comment (minor) 2024-09-07 09:58:14 +02:00
koplas
c2e24f7bbb Remove check for empty fingerprint 
The schema validation already catches this error and this check will
never run.
 2024-09-06 18:21:25 +02:00
JanHoefelmeyer
108c2f5508
Merge pull request #553 from csaf-poc/user-agent 
Use a default user agent
 2024-08-09 14:28:29 +02:00
koplas
9037574d96
Improve PGP fingerprint handling 
Warn if no fingerprint is specified and give more details, if
fingerprint comparison fails.

Closes #555
 2024-08-08 12:42:19 +02:00
JanHoefelmeyer
8feddc70e1 feat: no longer require to be root user to call setup scripts 2024-08-05 16:41:55 +02:00
koplas
13a635c7e3
Add user-agent documentation to aggregator 2024-08-01 15:43:35 +02:00
Bernhard Reiter
1a2ce684ff
improve default header 
* use `csaf_distribution` with an underscore as underscores
   are allowed by RFC9110 and it is more consistent as it is used
   with underscore at other places.
 * change example to `VERSION` to indicate that this is dynamic.
 2024-08-01 14:53:23 +02:00
koplas
3a67fb5210
Add user-agent documentation 2024-07-31 11:00:40 +02:00
koplas
0ab851a874
Use a default user agent 2024-07-31 10:16:08 +02:00
JanHoefelmeyer
257c316894
Merge pull request #548 from greenbone/fix-error-message 
fix error message in csaf downloader
 2024-07-18 07:47:48 +02:00
Marius Goetze
bcf4d2f64a fix error message 
The error message had a trailing `:` which suggest that there are some details which were truncated. However the details are already printed before in the log.
 2024-07-16 12:00:09 +02:00
Marius Goetze
1e531de82d fix: don't require debug level to print error details on failed loading of provider metadata json 2024-07-15 14:22:15 +02:00
Marius Goetze
51dc9b5bcb refactor: deduplicate filtering pmd results from security.txt 
already done in `loadFromSecurity`
 2024-07-15 14:22:15 +02:00
Marius Goetze
a46c286cf4 fix: don't drop error messages from loading provider-metadata.json 
previously in case case of trying last resort dns, all other error messages were dropped
 2024-07-15 14:22:15 +02:00
JanHoefelmeyer
cb1ed601dd
Merge pull request #545 from csaf-poc/expand-util-tests 
Extend unit test coverage in util
 2024-06-24 14:48:05 +02:00
Sascha L. Teichmann
5c6736b178
Remove data races in downloader caused by shared use of json path eval. (#547) 2024-06-24 11:57:38 +02:00