aprp
1e28a8e150
fix(photon): skip empty CVE-IDs ( #75 )
...
* photon: display warning on invalid CVE-ID
* photon: CVE-ID: ignore on empty, error on invalid
* photon: update test cases
* photon: separate tests for empty and invalid CVE-ID
2021-03-10 12:40:38 +02:00
Teppei Fukuda
03e56c5a5d
chore(ci): update advisories every 6 hours ( #74 )
2021-03-10 08:55:31 +02:00
Teppei Fukuda
706ce31e67
chore(actions): add 2021 for Red Hat Security Data API ( #72 )
2021-01-20 09:08:54 +02:00
Teppei Fukuda
36b46f6775
feat(redhat): add all OVAL files ( #71 )
2021-01-17 17:06:09 +02:00
Carol Valencia
08bab60ece
chore: update Apache icon in Readme ( #64 )
...
Co-authored-by: Carol Valencia <krol3@users.noreply.github.com>
2021-01-17 10:19:57 +02:00
Teppei Fukuda
cfec30da40
chore(actions): run steps always ( #70 )
2021-01-17 06:32:27 +02:00
Teppei Fukuda
4d89e3c744
feat: clean repository at the end ( #69 )
...
* feat: add debug flag
* refactor(git): remove unnecessary methods
* feat: git reset and clean
* refactor: fix a lint issue
2021-01-17 06:31:52 +02:00
Teppei Fukuda
8f3abd6a6c
feat(alpine): migrate to a new secdb ( #68 )
...
* refactor: replace a method to a function
* feat(alpine): migrate to a new secdb
* lint fix
* feat(alpine): split files
2021-01-11 17:08:29 +02:00
Teppei Fukuda
5206d8df5c
refactor: replace a method to a function ( #67 )
2021-01-04 14:44:37 +02:00
Masahiro331
6637c53214
Update update.yml ( #66 )
...
add workflow_dispatch
2020-12-31 23:38:27 +09:00
Masahiro331
9cdf1c8d60
Support Red Hat OVAL v2 ( #65 )
...
* [WIP] ovalv2
* Add redhat ovalv2
* delete debug struct
* referctoring json file
* refactor error message
* refactor test comment
* change command target
* update workflows
* fix xml
* add omitempty
* update test data
* add remove dicectory option
* fix error message
* change redhat2 oval workflow
* delete -remove-redhat-ovalv2 flag
* update test code
* feat(main): add VULN_LIST_ENV for debugging
* feat(oval/redhat2): add RHEL5 from OVALv1
* test(redhat2): add RHEL5
* update bagzilla
* update test
* Revert "test(redhat2): add RHEL5"
This reverts commit 226645438212fcaf0b5ed3428c40aa3b06e37e22.
* Revert "feat(oval/redhat2): add RHEL5 from OVALv1"
This reverts commit c8bad1c051020eb0fa67f6e355208f549a136106.
* fix(main): early return
* refactor(main): fix log messages
* refactor(redhat2)
* fix(redhat2): use ID
* refactor
* refactor(redhat): replace redhat with redhat2
Co-authored-by: knqyf263 <knqyf263@gmail.com>
2020-12-31 15:38:53 +02:00
Teppei Fukuda
38a3516f0a
fix: migrate from master to main ( #63 )
2020-12-17 17:05:35 +02:00
Teppei Fukuda
3747382c12
fix(photon): migrate the repository ( #62 )
...
* chore: skip Photon security advisories temporarily
* fix(photon): migrate the repository
* Revert "chore: skip Photon security advisories temporarily"
This reverts commit edcfbd5f9c783e7d2648b5cf3dcace8bc27e58d7.
2020-12-14 08:54:46 +02:00
Teppei Fukuda
b6ebf0551c
chore(actions): deprecate set-env ( #60 )
2020-11-19 13:09:28 +02:00
Teppei Fukuda
ade2d21f6e
fix(cvrf/suse): handle invalid UTF-8 characters ( #58 )
...
* fix(cvrf/suse): handle invalid UTF-8 characters
* refactor(cvrf/suse): inline
Co-authored-by: Simarpreet Singh <simar@linux.com>
Co-authored-by: Simarpreet Singh <simar@linux.com>
2020-11-04 15:51:14 +02:00
Neha Viswanathan
1fec39744a
remove travis info ( #55 )
2020-10-15 10:44:55 +03:00
Sudipto Ghosh
05b52e2e89
feat: utilise golangci-lint-action in workflow ( #52 )
2020-10-14 17:36:42 +03:00
Neha Viswanathan
17ee611c15
update CI with latest versions of go and golangci-lint ( #50 )
2020-10-14 11:10:10 +03:00
rahul2393
38108d7f2d
Updated logic to parse patches in ubuntu CVE file ( #44 )
...
* Updated logic to parse patches in ubuntu CVE file
* test(ubuntu): add the test case
* test(ubuntu): add a new case causing a problem
* test(ubuntu): pending case
* test(ubuntu): multiple upstreams
* fix(ubuntu): handle corner cases
Co-authored-by: knqyf263 <knqyf263@gmail.com>
2020-08-17 14:51:04 +03:00
Simarpreet Singh
0692711618
cwe: Add a commit message to updates ( #43 )
...
Signed-off-by: Simarpreet Singh <simar@linux.com>
2020-08-06 10:22:55 +03:00
Simarpreet Singh
319f079602
cwe: Add initial logic to download and save CWE files ( #40 )
...
* cwe: Add initial logic to download and save CWE files
Signed-off-by: Simarpreet Singh <simar@linux.com>
* cwe: Add logic to parse and save XML data as file
Signed-off-by: Simarpreet Singh <simar@linux.com>
* cwe: Dont save XML file as output
Signed-off-by: Simarpreet Singh <simar@linux.com>
* cwe: Save each CWE-ID as a JSON document
Signed-off-by: Simarpreet Singh <simar@linux.com>
* cwe: Address nits
Signed-off-by: Simarpreet Singh <simar@linux.com>
2020-08-04 14:01:18 -07:00
rahul2393
aea7ab0073
Update to use github cron workflow ( #38 )
2020-07-14 08:46:22 +03:00
rahul2393
6087c10f73
Removed travis file and added github workflow ( #37 )
...
* Removed travis file and added github workflow
* Updated action name
2020-07-13 20:20:47 +03:00
Teppei Fukuda
ed1ba45061
fix(alpine): replace go-version with go-apk-version ( #34 )
...
* test(alpine): add a failing test
* fix(alpine): replace go-version with go-apk-version
2020-06-29 20:55:16 +03:00
Teppei Fukuda
95bdc43aeb
fix(alpine): handle security fixes ( #35 )
...
* test(alpine): add a failing test
* fix(alpine): handle security fixes
2020-06-29 20:54:35 +03:00
Simarpreet Singh
478299d366
nvd: bump to use 1.1 schema for baseMetricsV3
...
Signed-off-by: Simarpreet Singh <simar@linux.com>
2020-05-06 09:45:29 -07:00
Teppei Fukuda
e308afb79a
fix(git): fetch all branches ( #32 )
2020-04-06 12:57:24 +03:00
Liz Rice
9ad10fa73b
Merge pull request #31 from aquasecurity/license
...
Change license to Apache 2.0
2020-03-13 09:50:12 +00:00
Liz Rice
af559da030
Change license to Apache 2.0
2020-03-13 09:29:26 +00:00
Masahiro Fujimura
11f2a4cbee
Add GitHub Security Advisory Database ( #29 )
...
* Add GitHub Security Advisory
* Update go.mod
* Fix main.go
* Exec go mod tidy
* Change travis ci
* Fix Bugs...
* Add remobe directory
* Update review
* ghsa: Remove package level state
Signed-off-by: Simarpreet Singh <simar@linux.com>
* Add retry test
* test(ghsa): remove unneeded testdata
* refactor(ghsa): rename VersionAdvisories to Versions
* refactor(ghsa): unexport members
* refactor(ghsa): fix warnings
* refactor(ghsa): replace githubql with githubv4
* refactor(ghsa): update log messages
* refactor(ghsa): update error messages
* refactor(ghsa): unexport a function
* refactor(ghsa): make it possible to replace wait function
* Fix empty line
Co-authored-by: Simarpreet Singh <simar@linux.com>
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
2020-02-28 08:15:34 +02:00
Teppei Fukuda
0fcaa3e3d3
fix(amazon): handle removed ALAS ( #28 )
...
* test(amazon): add a file to be removed
* fix(amazon): remove the entire dir once before updating ALAS
2020-01-29 22:05:10 +02:00
Masahiro Fujimura
a128f2f876
Ignore dev version ( #27 )
...
* Ignore dev version
* Review commit
2020-01-25 09:10:37 +02:00
Vesnica
9b951419fb
Use shallow clone ( #26 )
2020-01-24 21:29:24 +02:00
Masahiro Fujimura
2b121145c6
Change ci order ( #25 )
2019-12-25 16:13:05 +02:00
Masahiro Fujimura
69b1818a1c
Add photon advisory ( #24 )
...
* Add photon advisory
* refactor(photon): rename
* refactor(photon): update errors
* test(photon): add require.NotNil
* fix(photon): use pkg name as dir name
* test(photon): add invalid photon_versions.json
* test(photon): add invalid CVE-ID
* test(photon): rename testdata file name
* fix(photon): rename function name
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
2019-12-25 15:36:25 +02:00
Masahiro Fujimura
280f2c7390
Add SUSE oses support ( #23 )
...
* Add suse
* Add SUSE CVRF, Delete SUSE OVAL
* chore(dependency): update
* fix(suse): change struct
* fix(suse): change Threats to array
* fix(suse): change ProductStatus to array
* fix(suse): add omitempty
2019-12-15 21:28:23 +02:00
Masahiro Fujimura
e0b00010f2
Add oracle job ( #22 )
2019-11-17 12:26:28 +02:00
Masahiro Fujimura
afc3143fc1
Support Oracle Linux Security Advisory ( #18 )
...
* Add oracle vulnsrc
* Refactoring
* Review fixed
* Fix tests
2019-11-13 16:38:30 +02:00
Teppei Fukuda
bd6da033c2
fix(redhat-oval): replace os.MkdirAll with AppFs.MkdirAll ( #21 )
2019-11-13 12:44:21 +02:00
knqyf263
99ce5d6c70
chore(ci): add Red Hat OVAL
2019-11-08 09:19:50 -08:00
Simarpreet Singh
5c569c3d79
redhat_test: Added ErrInvalidRHSAFormat for format failures
...
Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-11-07 08:38:27 -08:00
knqyf263
b01356e537
test(fs): use other fs
2019-11-07 08:38:27 -08:00
Simarpreet Singh
07e6cada1f
fs_test: Add testing for WriteJSON
...
Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-11-07 08:38:27 -08:00
Simarpreet Singh
51dffd9ee8
redhat_test: Add a failing test for saveRHSAPerYear failure
...
Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-11-07 08:38:27 -08:00
knqyf263
1a6d9b7f1e
test(redhat_oval): handle an error
2019-11-07 08:38:27 -08:00
knqyf263
a98f189278
feat(rhel_oval): support RHEL OVAL
2019-11-07 08:38:27 -08:00
Itay Shakury
01c3455fc8
add contribution guidelines ( #16 )
...
* add contribution guidelines
same as Trivy's
* Update CONTRIBUTING.md
Co-Authored-By: Teppei Fukuda <knqyf263@gmail.com>
2019-10-31 22:22:18 +02:00
Harshit Singh
1441d86894
Update .gitignore ( #17 )
2019-10-31 22:21:42 +02:00
Teppei Fukuda
3d158c2bf9
fix(debian): remove rejected vulnerabilities ( #15 )
...
* fix(debian): remove rejected vulnerabilities
* test(debian): remove a debug line
* debian_test: strengthen asserts with assert.NoError
Signed-off-by: Simarpreet Singh <simar@linux.com>
* debian_test: Remove un-needed subtest and add TODO
Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-10-16 10:53:47 +03:00
Itay Shakury
78d448d53f
remove contributing section
2019-10-15 09:05:34 +03:00