Commit Graph

221 Commits

Author SHA1 Message Date
MaineK00n
e57b35fc33
fix(rocky): skip when repository is extras and there is no updateinfo in repomd.xml (#132) 2022-01-24 14:17:54 +02:00
MaineK00n
9cc80909f0
feat(rocky): add source package info (#131) 2022-01-19 08:25:49 +02:00
MaineK00n
4d919c3b2a
feat(rocky): support Rocky Linux (#107) 2022-01-18 15:45:06 +02:00
dependabot[bot]
9b3980a85f
chore(deps): bump github.com/spf13/afero from 1.7.0 to 1.8.0 (#127) 2022-01-17 16:23:16 +02:00
dependabot[bot]
b609e41474
chore(deps): bump github.com/hashicorp/go-getter from 1.5.9 to 1.5.11 (#126)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-16 20:55:23 +02:00
afdesk
d7e5ea99dd
feat(ghsa): store CVSS score/vector for Github Security Advisory (#128) 2022-01-16 18:44:06 +02:00
MaineK00n
6e141c6628
chore: add Red Hat Security Data API 2022 (#125) 2022-01-07 08:37:10 +02:00
Teppei Fukuda
2f521d3302
feat(redhat-oval): store repository-to-cpe.json (#121)
* test(redhat): simplify

* feat(redhat): store repository-to-cpe.json
2021-12-29 14:05:21 +02:00
dependabot[bot]
9fb6868b65
chore(deps): bump github.com/spf13/afero from 1.6.0 to 1.7.0 (#123) 2021-12-28 10:35:17 +02:00
dependabot[bot]
ba03918cea
chore(deps): bump github.com/spf13/afero from 1.2.2 to 1.6.0 (#115) 2021-12-20 18:01:05 +02:00
dependabot[bot]
9998152300
chore(deps): bump github.com/PuerkitoBio/goquery from 1.6.0 to 1.8.0 (#116) 2021-12-20 18:00:31 +02:00
Teppei Fukuda
87765ef560
feat(go): add Go Vulnerability Database (#120)
* feat(go): add Go Vulnerability Database

* refactor: use retry
2021-12-20 17:25:43 +02:00
DmitriyLewen
93a39619f8
feat(osv) : add osv support (#113)
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
2021-12-19 14:02:42 +02:00
dependabot[bot]
72e0b9b07d
chore(deps): bump gopkg.in/yaml.v2 from 2.2.2 to 2.4.0 (#117)
Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.2.2 to 2.4.0.
- [Release notes](https://github.com/go-yaml/yaml/releases)
- [Commits](https://github.com/go-yaml/yaml/compare/v2.2.2...v2.4.0)

---
updated-dependencies:
- dependency-name: gopkg.in/yaml.v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-19 12:05:59 +02:00
dependabot[bot]
3363ad7971
chore(deps): bump github.com/stretchr/testify from 1.5.1 to 1.7.0 (#118) 2021-12-12 08:39:50 +02:00
dependabot[bot]
b3d8df0709
chore(deps): bump github.com/hashicorp/go-getter from 1.5.8 to 1.5.9 (#119) 2021-12-12 08:38:11 +02:00
dependabot[bot]
e9ef1231f9
chore(deps): bump actions/checkout from 1 to 2.4.0 (#114) 2021-12-12 08:12:29 +02:00
Matthieu MOREL
f3de9c552d
chore(ci) : setup dependabot (#104) 2021-12-12 08:09:08 +02:00
rahul2393
809b210fda
feat(debian-oval): removing debian oval from vuln-list-update (#112) 2021-11-14 18:48:51 +02:00
Naimuddin Shaik
73466dc046
chore(cron): add alpine-unfixed (#110)
* fix(alpine-unfixed): update in cron yaml

* updated the format
2021-09-30 14:21:58 +03:00
Teppei Fukuda
cccad02d55
fix(debian): handle severity properly (#109)
* test(debian): add a failure case

* fix(debian): handle severity
2021-09-28 09:48:35 +03:00
Teppei Fukuda
127afe7c71
feat(alpine-unfixed): add cpe (#106) 2021-09-16 22:18:29 +03:00
Teppei Fukuda
7d2eb302d1
feat(debian): replace JSON API with salsa repo (#95) 2021-09-15 22:49:22 +03:00
Naimuddin Shaik
3104324321
feat(alpine): add support of unfixed vulnerabilities (#93)
Co-authored-by: knqyf263 <knqyf263@gmail.com>
2021-09-12 20:30:20 +03:00
Teppei Fukuda
d212042d1b
feat(download): add downloader (#105) 2021-09-11 18:51:34 +03:00
MaineK00n
e081c6e763
feat(alma): support AlmaLinux (#98)
* feat(alma): support AlmaLinux Errata

* style(alma): change var name

* fix(alma): fix test case

* chore: fix typo

* chore: use pb/v3

* chore: change by review

* style: rename var

* fix(alma): change location of the module field

* feat(alma): more detailed by year

* refactor(alma): do not loop twice

* refactor(alma): use IssuedDate

* refactor(alma): remove magic number

* refactor(alma): use time.UnixMilli
2021-09-03 01:02:09 +03:00
Teppei Fukuda
b646ca8fb9
chore(ci): bump up Go to 1.17 (#100) 2021-09-03 00:53:56 +03:00
patryk4815
378edf0454
Add golang support in ghsa source (#99)
Add golang support in ghsa source
2021-09-02 19:06:08 +03:00
Teppei Fukuda
efb2c4325b
feat(debian/oval): add bullseye (#97) 2021-09-01 13:04:46 +03:00
Teppei Fukuda
2a67b66eff
chore(cron): fix a broken yaml (#91) 2021-06-15 15:49:37 +03:00
santhosh1729
96e4364d1b
Arch linux folder name change (#90) 2021-06-15 15:43:31 +03:00
santhosh1729
71d82581c9
feat: add Arch Linux Tracker (#88)
* Arch Linux Tracker to collect vulnerabilities

* refactor(arch)

* chore: go mod tidy

Co-authored-by: knqyf263 <knqyf263@gmail.com>
2021-06-06 19:14:28 +03:00
rahul2393
6926908ba2
Skip empty oval file (#89) 2021-05-27 17:10:38 +03:00
Masahiro331
668f12a150
chore(ci): add GitLab Advisory Database (#85) 2021-04-28 03:47:05 +03:00
Teppei Fukuda
357afc54d8
feat: support GitLab Advisory Database (#73)
* initial commit

* chore(mod): update

* test(gemnasium): add tests

* feat(main): add target

* change(GitLab Advisories Database) gemnasium to advisories community

* fix(GitLab Advisory Database) Identifer to upper case

* test(GitLab Advisory Database) add lower case identifer test

* fix(GitLab Advisory Database) no newline at end of file

* fix(GitLab Advisory Database) fix test use JSONEq

* fix(GitLab Advisory Database) fix clone community advisory branch name

* change(git) CloneOrPull use default branch

* refactor(glad)

Co-authored-by: masahiro331 <mur4m4s4.331@gmail.com>
2021-04-27 13:59:59 +03:00
rahul2393
a62fe1fcc1
Refactored based on operating system (#81) 2021-04-23 11:21:27 +03:00
aprp
e75006e8cd
ubuntu: remove dir if clone/pull fails halfway (#79)
* ubuntu: remove dir if clone/pull fails halfway

* ubuntu: remove dir if clone/pull fails halfway (nit)

https://github.com/aquasecurity/vuln-list-update/pull/79#discussion_r592879762
2021-03-15 06:30:12 +02:00
aprp
dae5f0ef64
ubuntu: remove vuln-dir before update (#78)
* add ignored to ubuntu target

* add ubuntu repo url

* remove vuln-list dir before update

* scope error handling
2021-03-11 10:23:41 +02:00
aprp
1e28a8e150
fix(photon): skip empty CVE-IDs (#75)
* photon: display warning on invalid CVE-ID

* photon: CVE-ID: ignore on empty, error on invalid

* photon: update test cases

* photon: separate tests for empty and invalid CVE-ID
2021-03-10 12:40:38 +02:00
Teppei Fukuda
03e56c5a5d
chore(ci): update advisories every 6 hours (#74) 2021-03-10 08:55:31 +02:00
Teppei Fukuda
706ce31e67
chore(actions): add 2021 for Red Hat Security Data API (#72) 2021-01-20 09:08:54 +02:00
Teppei Fukuda
36b46f6775
feat(redhat): add all OVAL files (#71) 2021-01-17 17:06:09 +02:00
Carol Valencia
08bab60ece
chore: update Apache icon in Readme (#64)
Co-authored-by: Carol Valencia <krol3@users.noreply.github.com>
2021-01-17 10:19:57 +02:00
Teppei Fukuda
cfec30da40
chore(actions): run steps always (#70) 2021-01-17 06:32:27 +02:00
Teppei Fukuda
4d89e3c744
feat: clean repository at the end (#69)
* feat: add debug flag

* refactor(git): remove unnecessary methods

* feat: git reset and clean

* refactor: fix a lint issue
2021-01-17 06:31:52 +02:00
Teppei Fukuda
8f3abd6a6c
feat(alpine): migrate to a new secdb (#68)
* refactor: replace a method to a function

* feat(alpine): migrate to a new secdb

* lint fix

* feat(alpine): split files
2021-01-11 17:08:29 +02:00
Teppei Fukuda
5206d8df5c
refactor: replace a method to a function (#67) 2021-01-04 14:44:37 +02:00
Masahiro331
6637c53214
Update update.yml (#66)
add workflow_dispatch
2020-12-31 23:38:27 +09:00
Masahiro331
9cdf1c8d60
Support Red Hat OVAL v2 (#65)
* [WIP] ovalv2

* Add redhat ovalv2

* delete debug struct

* referctoring json file

* refactor error message

* refactor test comment

* change command target

* update workflows

* fix xml

* add omitempty

* update test data

* add remove dicectory option

* fix error message

* change redhat2 oval workflow

* delete  -remove-redhat-ovalv2 flag

* update test code

* feat(main): add VULN_LIST_ENV for debugging

* feat(oval/redhat2): add RHEL5 from OVALv1

* test(redhat2): add RHEL5

* update bagzilla

* update test

* Revert "test(redhat2): add RHEL5"

This reverts commit 226645438212fcaf0b5ed3428c40aa3b06e37e22.

* Revert "feat(oval/redhat2): add RHEL5 from OVALv1"

This reverts commit c8bad1c051020eb0fa67f6e355208f549a136106.

* fix(main): early return

* refactor(main): fix log messages

* refactor(redhat2)

* fix(redhat2): use ID

* refactor

* refactor(redhat): replace redhat with redhat2

Co-authored-by: knqyf263 <knqyf263@gmail.com>
2020-12-31 15:38:53 +02:00
Teppei Fukuda
38a3516f0a
fix: migrate from master to main (#63) 2020-12-17 17:05:35 +02:00