pepelyaevip/vuln-list-update
1
0
Fork 0
Code Pull Requests Actions Packages Releases Activity
73 Commits 1 Branch 0 Tags 6.2 MiB
9cdf1c8d60
Commit Graph

73 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Masahiro331
9cdf1c8d60
Support Red Hat OVAL v2 (#65) 
* [WIP] ovalv2

* Add redhat ovalv2

* delete debug struct

* referctoring json file

* refactor error message

* refactor test comment

* change command target

* update workflows

* fix xml

* add omitempty

* update test data

* add remove dicectory option

* fix error message

* change redhat2 oval workflow

* delete  -remove-redhat-ovalv2 flag

* update test code

* feat(main): add VULN_LIST_ENV for debugging

* feat(oval/redhat2): add RHEL5 from OVALv1

* test(redhat2): add RHEL5

* update bagzilla

* update test

* Revert "test(redhat2): add RHEL5"

This reverts commit 226645438212fcaf0b5ed3428c40aa3b06e37e22.

* Revert "feat(oval/redhat2): add RHEL5 from OVALv1"

This reverts commit c8bad1c051020eb0fa67f6e355208f549a136106.

* fix(main): early return

* refactor(main): fix log messages

* refactor(redhat2)

* fix(redhat2): use ID

* refactor

* refactor(redhat): replace redhat with redhat2

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2020-12-31 15:38:53 +02:00
Teppei Fukuda
38a3516f0a
fix: migrate from master to main (#63) 2020-12-17 17:05:35 +02:00
Teppei Fukuda
3747382c12
fix(photon): migrate the repository (#62) 
* chore: skip Photon security advisories temporarily

* fix(photon): migrate the repository

* Revert "chore: skip Photon security advisories temporarily"

This reverts commit edcfbd5f9c783e7d2648b5cf3dcace8bc27e58d7.
 2020-12-14 08:54:46 +02:00
Teppei Fukuda
b6ebf0551c
chore(actions): deprecate set-env (#60) 2020-11-19 13:09:28 +02:00
Teppei Fukuda
ade2d21f6e
fix(cvrf/suse): handle invalid UTF-8 characters (#58) 
* fix(cvrf/suse): handle invalid UTF-8 characters

* refactor(cvrf/suse): inline

Co-authored-by: Simarpreet Singh <simar@linux.com>

Co-authored-by: Simarpreet Singh <simar@linux.com>
 2020-11-04 15:51:14 +02:00
Neha Viswanathan
1fec39744a
remove travis info (#55) 2020-10-15 10:44:55 +03:00
Sudipto Ghosh
05b52e2e89
feat: utilise golangci-lint-action in workflow (#52) 2020-10-14 17:36:42 +03:00
Neha Viswanathan
17ee611c15
update CI with latest versions of go and golangci-lint (#50) 2020-10-14 11:10:10 +03:00
rahul2393
38108d7f2d
Updated logic to parse patches in ubuntu CVE file (#44) 
* Updated logic to parse patches in ubuntu CVE file

* test(ubuntu): add the test case

* test(ubuntu): add a new case causing a problem

* test(ubuntu): pending case

* test(ubuntu): multiple upstreams

* fix(ubuntu): handle corner cases

Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2020-08-17 14:51:04 +03:00
Simarpreet Singh
0692711618
cwe: Add a commit message to updates (#43) 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-08-06 10:22:55 +03:00
Simarpreet Singh
319f079602
cwe: Add initial logic to download and save CWE files (#40) 
* cwe: Add initial logic to download and save CWE files

Signed-off-by: Simarpreet Singh <simar@linux.com>

* cwe: Add logic to parse and save XML data as file

Signed-off-by: Simarpreet Singh <simar@linux.com>

* cwe: Dont save XML file as output

Signed-off-by: Simarpreet Singh <simar@linux.com>

* cwe: Save each CWE-ID as a JSON document

Signed-off-by: Simarpreet Singh <simar@linux.com>

* cwe: Address nits

Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-08-04 14:01:18 -07:00
rahul2393
aea7ab0073
Update to use github cron workflow (#38) 2020-07-14 08:46:22 +03:00
rahul2393
6087c10f73
Removed travis file and added github workflow (#37) 
* Removed travis file and added github workflow

* Updated action name
 2020-07-13 20:20:47 +03:00
Teppei Fukuda
ed1ba45061
fix(alpine): replace go-version with go-apk-version (#34) 
* test(alpine): add a failing test

* fix(alpine): replace go-version with go-apk-version
 2020-06-29 20:55:16 +03:00
Teppei Fukuda
95bdc43aeb
fix(alpine): handle security fixes (#35) 
* test(alpine): add a failing test

* fix(alpine): handle security fixes
 2020-06-29 20:54:35 +03:00
Simarpreet Singh
478299d366 nvd: bump to use 1.1 schema for baseMetricsV3 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-05-06 09:45:29 -07:00
Teppei Fukuda
e308afb79a
fix(git): fetch all branches (#32) 2020-04-06 12:57:24 +03:00
Liz Rice
9ad10fa73b
Merge pull request #31 from aquasecurity/license 
Change license to Apache 2.0
 2020-03-13 09:50:12 +00:00
Liz Rice
af559da030 Change license to Apache 2.0 2020-03-13 09:29:26 +00:00
Masahiro Fujimura
11f2a4cbee
Add GitHub Security Advisory Database (#29) 
* Add GitHub Security Advisory

* Update go.mod

* Fix main.go

* Exec go mod tidy

* Change travis ci

* Fix Bugs...

* Add remobe directory

* Update review

* ghsa: Remove package level state

Signed-off-by: Simarpreet Singh <simar@linux.com>

* Add retry test

* test(ghsa): remove unneeded testdata

* refactor(ghsa): rename VersionAdvisories to Versions

* refactor(ghsa): unexport members

* refactor(ghsa): fix warnings

* refactor(ghsa): replace githubql with githubv4

* refactor(ghsa): update log messages

* refactor(ghsa): update error messages

* refactor(ghsa): unexport a function

* refactor(ghsa): make it  possible to replace wait function

* Fix empty line

Co-authored-by: Simarpreet Singh <simar@linux.com>
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2020-02-28 08:15:34 +02:00
Teppei Fukuda
0fcaa3e3d3
fix(amazon): handle removed ALAS (#28) 
* test(amazon): add a file to be removed

* fix(amazon): remove the entire dir once before updating ALAS
 2020-01-29 22:05:10 +02:00
Masahiro Fujimura
a128f2f876 Ignore dev version (#27) 
* Ignore dev version

* Review commit
 2020-01-25 09:10:37 +02:00
Vesnica
9b951419fb Use shallow clone (#26) 2020-01-24 21:29:24 +02:00
Masahiro Fujimura
2b121145c6 Change ci order (#25) 2019-12-25 16:13:05 +02:00
Masahiro Fujimura
69b1818a1c Add photon advisory (#24) 
* Add photon advisory

* refactor(photon): rename

* refactor(photon): update errors

* test(photon): add require.NotNil

* fix(photon): use pkg name as dir name

* test(photon): add invalid photon_versions.json

* test(photon): add invalid CVE-ID

* test(photon): rename testdata file name

* fix(photon): rename function name

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
 2019-12-25 15:36:25 +02:00
Masahiro Fujimura
280f2c7390 Add SUSE oses support (#23) 
* Add suse

* Add SUSE CVRF, Delete SUSE OVAL

* chore(dependency): update

* fix(suse): change struct

* fix(suse): change Threats to array

* fix(suse): change ProductStatus to array

* fix(suse): add omitempty
 2019-12-15 21:28:23 +02:00
Masahiro Fujimura
e0b00010f2 Add oracle job (#22) 2019-11-17 12:26:28 +02:00
Masahiro Fujimura
afc3143fc1 Support Oracle Linux Security Advisory (#18) 
* Add oracle vulnsrc

* Refactoring

* Review fixed

* Fix tests
 2019-11-13 16:38:30 +02:00
Teppei Fukuda
bd6da033c2
fix(redhat-oval): replace os.MkdirAll with AppFs.MkdirAll (#21) 2019-11-13 12:44:21 +02:00
knqyf263
99ce5d6c70 chore(ci): add Red Hat OVAL 2019-11-08 09:19:50 -08:00
Simarpreet Singh
5c569c3d79 redhat_test: Added ErrInvalidRHSAFormat for format failures 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2019-11-07 08:38:27 -08:00
knqyf263
b01356e537 test(fs): use other fs 2019-11-07 08:38:27 -08:00
Simarpreet Singh
07e6cada1f fs_test: Add testing for WriteJSON 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2019-11-07 08:38:27 -08:00
Simarpreet Singh
51dffd9ee8 redhat_test: Add a failing test for saveRHSAPerYear failure 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2019-11-07 08:38:27 -08:00
knqyf263
1a6d9b7f1e test(redhat_oval): handle an error 2019-11-07 08:38:27 -08:00
knqyf263
a98f189278 feat(rhel_oval): support RHEL OVAL 2019-11-07 08:38:27 -08:00
Itay Shakury
01c3455fc8 add contribution guidelines (#16) 
* add contribution guidelines

same as Trivy's

* Update CONTRIBUTING.md

Co-Authored-By: Teppei Fukuda <knqyf263@gmail.com>
 2019-10-31 22:22:18 +02:00
Harshit Singh
1441d86894 Update .gitignore (#17) 2019-10-31 22:21:42 +02:00
Teppei Fukuda
3d158c2bf9
fix(debian): remove rejected vulnerabilities (#15) 
* fix(debian): remove rejected vulnerabilities

* test(debian): remove a debug line

* debian_test: strengthen asserts with assert.NoError

Signed-off-by: Simarpreet Singh <simar@linux.com>

* debian_test: Remove un-needed subtest and add TODO

Signed-off-by: Simarpreet Singh <simar@linux.com>
 2019-10-16 10:53:47 +03:00
Itay Shakury
78d448d53f
remove contributing section 2019-10-15 09:05:34 +03:00
Teppei Fukuda
ab8b4fd568 chore(amazon): fetch ALAS by cron (#14) 2019-10-13 20:43:39 -07:00
Teppei Fukuda
99a80f64fb Support Amazon Linux AMI Security Advisory (#9) 
* Support Amazon Linux AMI Security Advisory

* Update gorequest

* amazon: Add some basic testcases for Update() method.

This commmit adds a seam for Update()
to dependency inject for testing purposes.

Signed-off-by: Simarpreet Singh <simar@linux.com>

* Add more tests

* amazon_test: Fix another lint issue

Signed-off-by: Simarpreet Singh <simar@linux.com>
 2019-10-12 20:02:24 -07:00
Simarpreet Singh
af3f78af2a
Merge pull request #12 from aquasecurity/github_actions-1 
Introduce GitHub Actions
 2019-10-12 17:44:29 -07:00
knqyf263
d39b988da1 fix some lint issues 2019-10-12 09:54:08 +03:00
knqyf263
fddfe4523e Add -v option 2019-10-11 22:11:45 +03:00
Teppei Fukuda
cba707947b Update go.yml 2019-10-11 22:11:45 +03:00
Simarpreet Singh
4db5096e1a
Merge pull request #13 from aquasecurity/remove_redmine 
refactor(alpine): remove unused functions and add tests
 2019-10-11 12:02:34 -07:00
knqyf263
3e42145b06 Fix alpine tests 2019-10-10 18:45:17 +03:00
Simarpreet Singh
573a7b3b5a
alpine_test: Fix an assertion in the case of invalid json 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2019-10-08 09:27:53 -07:00
Simarpreet Singh
cb9538b720
ubuntu: Fix git pkg call 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2019-10-07 17:43:09 -07:00