SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 05:40:11 +01:00
Code Issues Releases Activity Actions
751 commits 13 branches 34 tags 8.5 MiB
Commit graph

751 commits

This branch
This branch
All branches
Author SHA1 Message Date
s-l-teichmann s-l-teichmann@users.noreply.github.com
d28869f083 Apply automatic changes 2022-09-02 12:19:28 +00:00
JanHoefelmeyer
87b7844b8b
Fixes canonical url prefix not being quoted and an extra ' at line 67 in the provider_config.toml (#293) 
Co-authored-by: JanHoefelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
 2022-09-02 14:18:34 +02:00
Sascha L. Teichmann
4b13e77f6c Removed Status Release Candidate from README 2022-08-31 11:52:30 +02:00
Sascha L. Teichmann
70b4e18b58
Treat invalid PMDs as error and stop processing if needed 
*  Improve how PMD validation result is used when searching for a valid PMD.
   We now stop if no PMD can be validated against the json schema.
 2022-08-26 16:53:18 +02:00
JanHoefelmeyer
3bb8ea0019
Improve checker regarding PMD location problems 
* Change checking to test for Security, wellknown and DNS requirement at once and only throws error if all three fail.
* Use security.txt parser from csaf/util to extract provider url.
* Improve code comments and messages for the reports.

Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2022-08-26 13:31:56 +02:00
bernhardreiter bernhardreiter@users.noreply.github.com
a62484c31c Apply automatic changes 2022-08-26 10:24:45 +00:00
Bernhard E. Reiter
124794c4aa
Improve DNS example and itest setup (#285) 
* Make nginx only try to map the root (URL /) request to the
   provider-metadata.json for DNSPath, otherwise /index.txt will
   also serve that file.
 2022-08-26 12:23:51 +02:00
Fadi Abbud
65c7925ed2
Merge pull request #282 from csaf-poc/create_once_docs 
Create once docs
 2022-08-24 09:13:48 +02:00
Fadi Abbud
0e1b908695 Fix typo 2022-08-24 09:07:56 +02:00
Sascha L. Teichmann
2575302fbd Mentioned the OpenPGP keys 2022-08-23 15:48:17 +02:00
Bernhard Reiter
26a8fb0b55
Improve provider documentation 
* Add description about the api endpoints offered by the provider
   and why create should only be called once.

improves #168
 2022-08-23 14:50:39 +02:00
Bernhard Reiter
2656312ab1
Indicate status as release candidate 
* Fix one minor documentation typo.
 2022-08-23 14:33:37 +02:00
JanHoefelmeyer
7dbc918721
Merge pull request #280 from csaf-poc/fully-quoted-changes-csv 
Use fully quoted CSV writer for changes.csv

Tested by uploading multiple different files. Changes.csv now in requested output.
 2022-08-18 09:08:45 +02:00
Sascha L. Teichmann
a98aa794a8 Merge branch 'main' into fully-quoted-changes-csv 2022-08-17 19:21:09 +02:00
s-l-teichmann s-l-teichmann@users.noreply.github.com
f0567ffa15 Apply automatic changes 2022-08-17 11:16:10 +00:00
mfd2007
06bd16db47
Add documention for update_interval (#281) 
Add documentation for new option "update_interval" and behavior from #278.
 2022-08-17 13:15:03 +02:00
Sascha L. Teichmann
a1f446f443 Use fully quoted CSV writer for changes.csv 2022-08-17 12:08:38 +02:00
JanHoefelmeyer
4f3f7efd5a
Merge pull request #278 from csaf-poc/aggregator_publishers 
Tested multiple times, works as intended.
 2022-08-16 14:55:06 +02:00
Sascha L. Teichmann
37d8a8d6df Conversion provider -> publisher is not worth the method. 2022-08-16 12:28:14 +02:00
Sascha L. Teichmann
b608746fac support publishers in aggregator 2022-08-16 11:55:56 +02:00
Sascha L. Teichmann
8e0812c82f add model for publishers in aggregator 2022-08-16 11:35:51 +02:00
Sascha L. Teichmann
696fb74b36 Do not export function in config. 2022-08-03 15:32:05 +02:00
Fadi Abbud
fd0ae57443
Merge pull request #275 from csaf-poc/rework-interim 
Rework interim
 2022-08-03 10:48:18 +02:00
Sascha L. Teichmann
28616755dd Merge branch 'main' into rework-interim 2022-08-03 09:35:29 +02:00
Sascha L. Teichmann
f469df7cec Fix build error with Go 1.19 2022-08-03 09:34:52 +02:00
Sascha L. Teichmann
b6f4172ff9 s/iterim/interim/ 2022-08-02 22:21:38 +02:00
Sascha L. Teichmann
bdb24e72ab Ensure that interims.csv is deleted as soon as the last entry is removed from it. 2022-08-02 22:12:56 +02:00
Sascha L. Teichmann
00a0fb68d2 Fix transaction part two 2022-08-02 21:52:02 +02:00
Sascha L. Teichmann
9a7fbea7b6 Fix first part of transaction. 2022-08-02 18:36:20 +02:00
Sascha L. Teichmann
bf95140dbe if all interims have not changed do nothing 2022-08-02 18:20:04 +02:00
Sascha L. Teichmann
c27fa41c2f Fixed index bug in accessing column of interims.csv 2022-08-02 18:11:25 +02:00
Sascha L. Teichmann
2f65019e45 Merge remote-tracking branch 'origin/unify-spelling-interims-csv' into rework-interim 2022-08-02 17:06:39 +02:00
Sascha L. Teichmann
ef829131e1 reworked loading, checking and storing interims. 2022-08-02 17:01:48 +02:00
Sascha L. Teichmann
6547ed0a4b Fixed spelling of interims.csv 2022-08-02 14:12:41 +02:00
Fadi Abbud
892a0b941b
Merge pull request #267 from csaf-poc/directory-url 
Directory url
 2022-08-01 15:35:22 +02:00
Sascha L. Teichmann
29d7dd1223 Make URLs absolute in integrity check 2022-08-01 14:46:57 +02:00
Sascha L. Teichmann
fad70b4dd5 Merge branch 'main' into directory-url 2022-08-01 13:20:04 +02:00
JanHoefelmeyer
9890a417b4
Merge pull request #268 from csaf-poc/no-rolie-index-changes-listings 
There are no index.txt, changes.csv in ROLIE dists.
 2022-08-01 13:18:36 +02:00
JanHoefelmeyer
141fbe21ca
Find missing (#269) 
Solves #160 

* Implements check on whether index.txt/changes.csv and directory listings exist. Also fixes minor grammatical mistakes

* Adds missing else to prevent defaulting to missing-error handling even if another error was found

* Removes comment

* test whether changes.csv or index.txt is empty

* Fixed type mismatching, undeclared variable

* Fixes typo in variable

* Fixes another typo in variable

* Fixes formatting error

* Removed reminder comments

* Fixes formatting errors

* Added check for missing directories

* Moved empty dirlistcheck to the right position

* fixes typo

* fixes typo

* Add info if files are found

* Cleans up code

* simplified check for empty changes.csv and index.txt

Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2022-08-01 13:17:35 +02:00
Sascha L. Teichmann
050e225d07 Fix type assertions from directory_url expression result 2022-08-01 13:00:10 +02:00
Sascha L. Teichmann
ada8070c63 There are no index.txt, changes.csv in ROLIE dists. 2022-08-01 07:20:52 +02:00
Sascha L. Teichmann
8e13d37756 If we do directory distributions write directory_urls 2022-08-01 07:09:21 +02:00
Sascha L. Teichmann
dce3d1f4a7 load advisories via directory_urls 2022-08-01 06:46:05 +02:00
Sascha L. Teichmann
8af0aeea46 Write directory_urls in provider if write indices. 2022-07-30 12:20:21 +02:00
s-l-teichmann s-l-teichmann@users.noreply.github.com
4c0785c060 Apply automatic changes 2022-07-29 09:34:13 +00:00
mfd2007
f325723e74
Update config option (#266) 
Update names of config options and add new options.
 2022-07-29 11:33:30 +02:00
Fadi Abbud
8478322111
Merge pull request #265 from csaf-poc/unify-client-cert-loading 
Unify loading of client certs in checker and uploader.
 2022-07-27 09:55:10 +02:00
Fadi Abbud
fcafcbf13f Remove code duplication 
* The availability check of both the cert and key file is done in the
"prepare" function.
 2022-07-27 09:40:10 +02:00
Sascha L. Teichmann
e5f584092c Unify loading of client certs in checker and uploader. 2022-07-27 01:28:37 +02:00
Sascha L. Teichmann
1241429d19
Load client certs early to detect misconfiguration 
* Move loading of client certificate into the TLS handling code
   to an earlier position.
 2022-07-26 18:00:07 +02:00