SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 18:15:42 +01:00
Code Issues Releases Activity Actions
1101 commits 13 branches 34 tags 8.5 MiB
Commit graph

546 commits

Author SHA1 Message Date
Bernhard E. Reiter
cf49c7e414
Fix go.mod and internal dependencies (#371) 
* Use a "/v2" in the module path to match the git version tag which
   lead with a 2. Change all mention of the module as dependency
   internally as well.
 2023-06-05 10:24:35 +02:00
JanHoefelmeyer
9d1000d773 Slightly improve phrasing 2023-06-02 13:32:55 +02:00
JanHoefelmeyer
3eced62af6 Stop checking a Provider Metadata if it could not be parsed 2023-06-02 13:30:28 +02:00
Bernhard Herzog
02d476360b
Merge pull request #366 from csaf-poc/cleanup_provider_metadata_loading 
Prepare infrastructure for role based reporting
 2023-05-16 17:53:18 +02:00
JanHoefelmeyer
4461bd6892
Merge pull request #365 from csaf-poc/filename-id 
Check that filename matches /document/tracking/id
 2023-05-16 08:50:48 +02:00
Sascha L. Teichmann
1dab0cc9ff Move code to more suited place. 2023-05-15 14:29:47 +02:00
Sascha L. Teichmann
a0b272a60d Deactivate TLP reporters 2023-05-15 14:15:20 +02:00
JanHoefelmeyer
150db4d31b Add new reporters to list of reporters in csaf_checker/main.go 2023-05-15 14:12:16 +02:00
Sascha L. Teichmann
068a94235c Add PMD loading errors to bad provider metadata report. 2023-05-15 14:01:27 +02:00
Sascha L. Teichmann
9ac902347c Fix revive 2023-05-15 13:54:21 +02:00
JanHoefelmeyer
aeff511895 Add reporters for missing requirements and their respective report functions 2023-05-15 13:49:27 +02:00
Sascha L. Teichmann
bd7831d7c3 Build reporters from role 2023-05-15 12:12:42 +02:00
Sascha L. Teichmann
2e968b197d Removed old pmd loader. 2023-05-15 08:47:18 +02:00
Sascha L. Teichmann
c4e9637f2b Re-use eval of processor. 2023-05-11 15:25:31 +02:00
Bernhard Herzog
821f018a98 Check that filename matches ID in csaf_uploader 2023-05-11 13:54:42 +02:00
Bernhard Herzog
5b4c621616 Check that filename matches ID in csaf_aggregator 2023-05-09 20:06:58 +02:00
Bernhard Herzog
6a91c29baf Check that filename matches ID in csaf_provider 2023-05-09 18:46:00 +02:00
Sascha L. Teichmann
c263391821
Be more verbose in case of signature check failures (#361) 
* Simplify handling of signature keys. Be more verbose in case of signature check failures.

* Fixed check for having no OpenPGP loaded
 2023-05-05 15:02:53 +02:00
Sascha L. Teichmann
f32fba683d
Add concurrent downloads to downloader. (#363) 
* Add concurrent downloads to downloader.

* Moved to Go 1.20

* close files channel on producer side.

* Improve error handling

* New flag to ignore signature check results. Improve docs. Do not use number of CPUs to determine number of download workers.

* Set number of default workers in downloader to two.
 2023-05-02 10:10:12 +02:00
Bernhard E. Reiter
8ad805e1e5
doc: improve rate default documentation (#364) 
* doc: improve rate default documentation

solve #359

* Adjust downloader doc, too.

* doc(csaf_checker): Add missing phrase, correct spelling

* docs(csaf_checker): correct format mistake

---------

Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
 2023-05-01 20:38:19 +02:00
Bernhard Herzog
c37b127d82 Check that filename matches ID in csaf_checker 2023-04-25 19:24:59 +02:00
Bernhard Herzog
900da91687 Check that filename matches ID in csaf_validator 2023-04-25 18:38:49 +02:00
Bernhard Herzog
a92c033a5e Check that filename matches ID in csaf_downloader 2023-04-25 18:28:07 +02:00
JanHoefelmeyer
3590cf1ef2
Rephrase csaf validation result (#356) 
* Rephrase csaf validation result

* Change Checker report depending on whether and how a remote validator was used.

* Formatting

* Improve code readability

---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2023-03-30 19:09:51 +02:00
JanHoefelmeyer
1529821c2c
Merge pull request #351 from csaf-poc/lockfile_aggregator 
Lockfile aggregator
 2023-03-28 07:24:56 +02:00
Sascha L. Teichmann
e39fc34599 Fix typo 2023-03-27 13:17:49 +02:00
JanHoefelmeyer
c59a8f07a3 Create lockfile directory if it doesn't exist yet 2023-03-27 11:51:15 +02:00
JanHoefelmeyer
b0d7df69b8 Change default location of lock file for csaf aggregator and rephrase error message if lock is in use. 2023-03-27 11:05:59 +02:00
Sascha L. Teichmann
0c2768b711 Fix header client. Simplify code. 2023-03-24 13:40:31 +01:00
Sascha L. Teichmann
c3a80b9f52 Make defaultLockFile a constant 2023-03-23 10:21:56 +01:00
JanHoefelmeyer
39787503cc Fix typo 2023-03-22 07:09:23 +01:00
JanHoefelmeyer
f638ae9a23 Move disabling of lockfile from explicit option to empty string in lockfile 2023-03-21 08:26:51 +01:00
JanHoefelmeyer
4800f4ec12 Improve formatting 2023-03-20 08:33:29 +01:00
JanHoefelmeyer
0c4ae88ee0 Fix typo: defautLockFile -> defaultLockFile 2023-03-20 08:31:06 +01:00
JanHoefelmeyer
dd0be44e81 Make Aggregator ignore set lockfile if NoLock option is set to true 2023-03-20 08:27:07 +01:00
JanHoefelmeyer
bb053bd427 Add option no_lock to use no lock file if none was configured 2023-03-17 13:00:51 +01:00
JanHoefelmeyer
8f87273837
Remote validator output (#347) 
* The validator is now able to print the details of the remote validations.
---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
Co-authored-by: JanHoefelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2023-03-15 11:02:06 +01:00
Bernhard Reiter
1bdf207e4b Improve aggregator docs and config 
* Fix that TOML key `update_interval` can be processed on top level.
 * Add missing keys to top level and provider entries.
 * Move explanations to first mention of keys.
 * Describe overriding ability and defaults early on and only once.
 2023-02-28 15:09:56 +01:00
JanHoefelmeyer
39b48e083c
Improve docs for checker and downloader 
* make it more clear that a domain can also be interpreted as a direct URL.

resolve #316 
---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2023-02-28 14:11:15 +01:00
JanHoefelmeyer
80195a24c3 improve phrasing in checker 'has not a' 2023-02-03 16:21:15 +01:00
Sascha L. Teichmann
ffb29f5ba4 Replace 'confirming filename' with 'conforming filename' 2023-02-03 16:21:15 +01:00
Sascha L. Teichmann
361656faf0 Fix typo and add a link to source. 2023-02-02 17:26:12 +01:00
Sascha L. Teichmann
7cc37bd9fc Enforce mime type 'application/json' when uploading advisories to the provider. 2023-02-02 17:26:12 +01:00
Sascha L. Teichmann
e998133429 Update cmd/csaf_checker/reporters.go 
Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
 2023-02-02 17:17:50 +01:00
Sascha L. Teichmann
7a5f8701bd Improve reported text a bit. 2023-02-02 17:17:50 +01:00
Sascha L. Teichmann
8425644886 Add new requirement sections 1 and 2 to report 2023-02-02 17:17:50 +01:00
Sascha L. Teichmann
cbd9dead37 Fix small typo in reporting wromg content type 2023-02-02 00:54:39 +01:00
Sascha L. Teichmann
6430712dad Warn in checker and downloader if advisories are delivered as none 'application/json' 2023-02-02 00:54:39 +01:00
Sascha L. Teichmann
052dbbe1d0
Merge pull request #323 from csaf-poc/csaf-validator 
Add csaf_validator
 2023-01-31 11:30:17 +01:00
Sascha L. Teichmann
f60ec5fea4
Merge pull request #312 from csaf-poc/downloader-validator 
Add remote validator support to downloader
 2023-01-30 19:35:48 +01:00