koplas
ffb4eff933
Merge unittest into sha-handling
...
commit 990c74a1a686d7ce17824f3b86d7ce13dca6807d279b890079b89009dda6807d24d6ddb5518d18d2c3d18d2c3bf1ddb5518c6d13c94f4fa01819b4896b989e3667ba714735d74ad488e39947a9bf9da1306ca6dfee2520bee797c68e4e5080733ba29f94dedee55aafd9cd9338ae72
2024-11-27 12:15:21 +01:00
koplas
7824f3b48d
Improve hash fetching and logging
2024-11-22 16:56:58 +01:00
koplas
c00dc36547
Remove -h for preferred hash configuration
...
This option was in conflict with the help display.
2024-11-21 12:31:58 +01:00
Bernhard Reiter
e8706e5eb9
feat: perform go path repo move
...
* Change the go module path
from github.com/csaf-poc/csaf_distribution to github.com/gocsaf/csaf.
* Rename archive for release tarballs.
* Adjust testing scripts and documentation.
2024-11-04 13:20:47 +01:00
koplas
c0de0c2b6d
Check if hash present, before sending a request
2024-09-27 15:20:36 +02:00
JanHoefelmeyer
464e88b530
Merge pull request #571 from csaf-poc/fingerprint-no-breaking
...
Improve PGP fingerprint handling
2024-09-09 11:51:09 +02:00
koplas
37c9eaf346
Add CLI flags to specify what hash is preferred
2024-09-09 10:35:41 +02:00
Bernhard Reiter
5231b3386b
docs: improve code comment (minor)
2024-09-07 09:58:14 +02:00
koplas
c2e24f7bbb
Remove check for empty fingerprint
...
The schema validation already catches this error and this check will
never run.
2024-09-06 18:21:25 +02:00
koplas
9037574d96
Improve PGP fingerprint handling
...
Warn if no fingerprint is specified and give more details, if
fingerprint comparison fails.
Closes #555
2024-08-08 12:42:19 +02:00
koplas
be2e4e7424
Improve hash path handling of directory feeds
2024-07-31 11:42:45 +02:00
koplas
0ab851a874
Use a default user agent
2024-07-31 10:16:08 +02:00
koplas
a131b0fb4b
Improve SHA* marking
2024-07-25 15:39:40 +02:00
Marius Goetze
bcf4d2f64a
fix error message
...
The error message had a trailing `:` which suggest that there are some details which were truncated. However the details are already printed before in the log.
2024-07-16 12:00:09 +02:00
Marius Goetze
1e531de82d
fix: don't require debug level to print error details on failed loading of provider metadata json
2024-07-15 14:22:15 +02:00
Sascha L. Teichmann
5c6736b178
Remove data races in downloader caused by shared use of json path eval. ( #547 )
2024-06-24 11:57:38 +02:00
Bernhard Herzog
617deb4c17
Merge pull request #530 from oxisto/slog
...
Added support for structured logging in `csaf_aggregator`
2024-04-25 13:13:11 +02:00
Immanuel Kunz
c704275a38
Merge branch 'csaf-poc:main' into main
2024-04-25 09:42:51 +02:00
Kunz, Immanuel
684770ff2e
fix typo, fix linting errors
2024-04-24 17:53:47 +02:00
Christian Banse
1fde81b779
Symbol -> sym link
2024-04-24 17:49:01 +02:00
Kunz, Immanuel
005e661479
add config flag to use enumerate-only
2024-04-23 20:24:18 +02:00
Kunz, Immanuel
457d519990
minor updates to Enumerate method, integrate enumerate in cmd downloader
2024-04-23 19:09:22 +02:00
Christian Banse
9b1480ae3d
Bumped Go version to Go 1.21. Using log/slog instead of golang.org/x/exp/slog
2024-04-23 15:37:43 +02:00
Kunz, Immanuel
d64aa20cee
first draft for downloader using enumerate
2024-04-22 17:53:45 +02:00
JanHoefelmeyer
39a29e39f1
Change Licenses from MIT to Apache 2.0
2024-04-22 13:11:30 +02:00
Christian Banse
fb1cf32e17
Fixed linting errors
2024-04-19 09:35:36 +02:00
Christian Banse
e658738b56
Added support for structured logging in csaf_aggretator
...
This PR adds structured logging for the aggregator service. Currently, only the text handler is used, but I can extend this to use the JSON handler as well. In this case, probably some code that is shared between the aggregator and the downloader would need to be moved to a common package.
I was also wondering, whether this repo is moving to Go 1.21 at the future, since `slog` was introduced in to the standard lib in 1.21. So currently, this still relies on the `x/exp` package.
Fixes #462
2024-04-18 19:58:02 +02:00
Sascha L. Teichmann
9a1c66eb8e
checker: Ensure that the processor is reset before checking each domain. ( #523 )
2024-01-15 08:59:58 +01:00
Sascha L. Teichmann
03e418182d
Advisories: Time filter download by 'updated' field in ROLIE entries. ( #519 )
...
* Use 'updated' field of ROLIE field entries to time filter downloads.
* More suited variable naming
2023-12-04 11:31:14 +01:00
JanHoefelmeyer
d4ef21531a
Merge pull request #506 from csaf-poc/support-legacy-security-txt
...
PMD: Support legacy security.txt location as fallback.
2023-11-30 07:34:46 +01:00
Sascha L. Teichmann
91ab7f6b1c
Chance supported minimal Go version back to 1.20 ( #514 )
2023-11-28 10:37:16 +01:00
JanHoefelmeyer
a6bf44f7cc
Removed impossible to achieve condition in reporters
2023-11-22 08:17:05 +01:00
JanHoefelmeyer
fb7c77b419
Remove unnecessary else block
2023-11-21 13:45:46 +01:00
JanHoefelmeyer
4a9f8a6f03
Change: cmd/csaf_checker/processor.go: Improve comment
2023-11-21 12:14:45 +01:00
JanHoefelmeyer
318c898a83
Change: cmd/csaf_checker/processor.go: Seperate check of security.txt under .well-known and legacy location into different messages to improve readability
2023-11-21 12:09:37 +01:00
Sascha L. Teichmann
3935d9aa7a
Update cmd/csaf_checker/processor.go
...
Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
2023-11-20 21:53:51 +01:00
Sascha L. Teichmann
6f8870154c
Break overly long line. Fix typo in comment.
2023-11-20 21:13:24 +01:00
JanHoefelmeyer
a413852627
Downloader: Only add tlp label to path if no custom directory is configured. Refactor accordingly
2023-11-20 11:05:57 +01:00
JanHoefelmeyer
e27d64e42c
Add path of offending security.txt to error message since now multiple paths are checked
2023-11-14 07:55:53 +01:00
Sascha L. Teichmann
0a2b69bd55
Adjust checker, too.
2023-11-13 09:59:12 +01:00
JanHoefelmeyer
086c4ab48b
Convert a lot of command line arguments to snake case ( #498 )
...
* Convert a lot of variables to snake case
* Add snakecase for variables made out of two words that had it in no version yet (for consistency)
* Adjust example files too
---------
Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
2023-11-06 14:33:05 +01:00
Sascha L. Teichmann
26c630df4a
API examples: move csaf_searcher to a lower prio place ( #489 )
...
* move csaf_searcher to a lower prio place
* Adjust wording
* Grammar fix #2 'this is work in progress' -> 'This is a work in progress'...
---------
Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
2023-11-02 14:12:41 +01:00
JanHoefelmeyer
0905824e02
Merge pull request #473 from cintek/main
...
Adding advisory model
2023-10-25 09:12:19 +02:00
JanHoefelmeyer
5215d78331
Adjust requirement
2023-10-18 11:22:32 +02:00
JanHoefelmeyer
226dc961f3
Merge branch 'main' into csaf_searcher
2023-10-18 10:24:34 +02:00
Sascha L. Teichmann
8f6e6ee8bb
improve logging output
2023-10-17 18:52:38 +02:00
Bernhard Reiter
3923dc7044
fix: improve logging for downloader and aggregator
...
* use full name for printing out the used logfile for the downloader.
* for debug or verbose, log the timeintervall that will be used
for downloader and aggregator. (The checker has this as part
of its output already.)
2023-10-17 11:33:03 +02:00
JanHoefelmeyer
5f2596665a
Add new binary, the searcher(, the main and docs) from https://github.com/cintek/csaf_advisory_example+
2023-10-12 12:07:40 +02:00
Sascha L. Teichmann
716f128754
Fix year folder check ( #472 )
2023-09-29 09:47:11 +02:00
Sascha L. Teichmann
1cc42f0ec0
Downloader: unit test forwarder ( #470 )
...
* Simplify forward method
* Add unit test for validation status
* Add unit test for stats logging in forwarder.
* Add unit test for http client creation.
* Add unit test for replaceExt
* Add unit test for buildRequest
* Add unit test for limitedString
* Add unit test for storeFailedAdvisory
* Add unit test for storeFailedAdvisory ... fixed
* Add unit test for storeFailed
* Add unit test for forward
* comment wording
2023-09-29 09:46:51 +02:00
