Commit Graph

185 Commits

Author SHA1 Message Date
aprp
e75006e8cd
ubuntu: remove dir if clone/pull fails halfway (#79)
* ubuntu: remove dir if clone/pull fails halfway

* ubuntu: remove dir if clone/pull fails halfway (nit)

https://github.com/aquasecurity/vuln-list-update/pull/79#discussion_r592879762
2021-03-15 06:30:12 +02:00
aprp
dae5f0ef64
ubuntu: remove vuln-dir before update (#78)
* add ignored to ubuntu target

* add ubuntu repo url

* remove vuln-list dir before update

* scope error handling
2021-03-11 10:23:41 +02:00
aprp
1e28a8e150
fix(photon): skip empty CVE-IDs (#75)
* photon: display warning on invalid CVE-ID

* photon: CVE-ID: ignore on empty, error on invalid

* photon: update test cases

* photon: separate tests for empty and invalid CVE-ID
2021-03-10 12:40:38 +02:00
Teppei Fukuda
03e56c5a5d
chore(ci): update advisories every 6 hours (#74) 2021-03-10 08:55:31 +02:00
Teppei Fukuda
706ce31e67
chore(actions): add 2021 for Red Hat Security Data API (#72) 2021-01-20 09:08:54 +02:00
Teppei Fukuda
36b46f6775
feat(redhat): add all OVAL files (#71) 2021-01-17 17:06:09 +02:00
Carol Valencia
08bab60ece
chore: update Apache icon in Readme (#64)
Co-authored-by: Carol Valencia <krol3@users.noreply.github.com>
2021-01-17 10:19:57 +02:00
Teppei Fukuda
cfec30da40
chore(actions): run steps always (#70) 2021-01-17 06:32:27 +02:00
Teppei Fukuda
4d89e3c744
feat: clean repository at the end (#69)
* feat: add debug flag

* refactor(git): remove unnecessary methods

* feat: git reset and clean

* refactor: fix a lint issue
2021-01-17 06:31:52 +02:00
Teppei Fukuda
8f3abd6a6c
feat(alpine): migrate to a new secdb (#68)
* refactor: replace a method to a function

* feat(alpine): migrate to a new secdb

* lint fix

* feat(alpine): split files
2021-01-11 17:08:29 +02:00
Teppei Fukuda
5206d8df5c
refactor: replace a method to a function (#67) 2021-01-04 14:44:37 +02:00
Masahiro331
6637c53214
Update update.yml (#66)
add workflow_dispatch
2020-12-31 23:38:27 +09:00
Masahiro331
9cdf1c8d60
Support Red Hat OVAL v2 (#65)
* [WIP] ovalv2

* Add redhat ovalv2

* delete debug struct

* referctoring json file

* refactor error message

* refactor test comment

* change command target

* update workflows

* fix xml

* add omitempty

* update test data

* add remove dicectory option

* fix error message

* change redhat2 oval workflow

* delete  -remove-redhat-ovalv2 flag

* update test code

* feat(main): add VULN_LIST_ENV for debugging

* feat(oval/redhat2): add RHEL5 from OVALv1

* test(redhat2): add RHEL5

* update bagzilla

* update test

* Revert "test(redhat2): add RHEL5"

This reverts commit 226645438212fcaf0b5ed3428c40aa3b06e37e22.

* Revert "feat(oval/redhat2): add RHEL5 from OVALv1"

This reverts commit c8bad1c051020eb0fa67f6e355208f549a136106.

* fix(main): early return

* refactor(main): fix log messages

* refactor(redhat2)

* fix(redhat2): use ID

* refactor

* refactor(redhat): replace redhat with redhat2

Co-authored-by: knqyf263 <knqyf263@gmail.com>
2020-12-31 15:38:53 +02:00
Teppei Fukuda
38a3516f0a
fix: migrate from master to main (#63) 2020-12-17 17:05:35 +02:00
Teppei Fukuda
3747382c12
fix(photon): migrate the repository (#62)
* chore: skip Photon security advisories temporarily

* fix(photon): migrate the repository

* Revert "chore: skip Photon security advisories temporarily"

This reverts commit edcfbd5f9c783e7d2648b5cf3dcace8bc27e58d7.
2020-12-14 08:54:46 +02:00
Teppei Fukuda
b6ebf0551c
chore(actions): deprecate set-env (#60) 2020-11-19 13:09:28 +02:00
Teppei Fukuda
ade2d21f6e
fix(cvrf/suse): handle invalid UTF-8 characters (#58)
* fix(cvrf/suse): handle invalid UTF-8 characters

* refactor(cvrf/suse): inline

Co-authored-by: Simarpreet Singh <simar@linux.com>

Co-authored-by: Simarpreet Singh <simar@linux.com>
2020-11-04 15:51:14 +02:00
Neha Viswanathan
1fec39744a
remove travis info (#55) 2020-10-15 10:44:55 +03:00
Sudipto Ghosh
05b52e2e89
feat: utilise golangci-lint-action in workflow (#52) 2020-10-14 17:36:42 +03:00
Neha Viswanathan
17ee611c15
update CI with latest versions of go and golangci-lint (#50) 2020-10-14 11:10:10 +03:00
rahul2393
38108d7f2d
Updated logic to parse patches in ubuntu CVE file (#44)
* Updated logic to parse patches in ubuntu CVE file

* test(ubuntu): add the test case

* test(ubuntu): add a new case causing a problem

* test(ubuntu): pending case

* test(ubuntu): multiple upstreams

* fix(ubuntu): handle corner cases

Co-authored-by: knqyf263 <knqyf263@gmail.com>
2020-08-17 14:51:04 +03:00
Simarpreet Singh
0692711618
cwe: Add a commit message to updates (#43)
Signed-off-by: Simarpreet Singh <simar@linux.com>
2020-08-06 10:22:55 +03:00
Simarpreet Singh
319f079602
cwe: Add initial logic to download and save CWE files (#40)
* cwe: Add initial logic to download and save CWE files

Signed-off-by: Simarpreet Singh <simar@linux.com>

* cwe: Add logic to parse and save XML data as file

Signed-off-by: Simarpreet Singh <simar@linux.com>

* cwe: Dont save XML file as output

Signed-off-by: Simarpreet Singh <simar@linux.com>

* cwe: Save each CWE-ID as a JSON document

Signed-off-by: Simarpreet Singh <simar@linux.com>

* cwe: Address nits

Signed-off-by: Simarpreet Singh <simar@linux.com>
2020-08-04 14:01:18 -07:00
rahul2393
aea7ab0073
Update to use github cron workflow (#38) 2020-07-14 08:46:22 +03:00
rahul2393
6087c10f73
Removed travis file and added github workflow (#37)
* Removed travis file and added github workflow

* Updated action name
2020-07-13 20:20:47 +03:00
Teppei Fukuda
ed1ba45061
fix(alpine): replace go-version with go-apk-version (#34)
* test(alpine): add a failing test

* fix(alpine): replace go-version with go-apk-version
2020-06-29 20:55:16 +03:00
Teppei Fukuda
95bdc43aeb
fix(alpine): handle security fixes (#35)
* test(alpine): add a failing test

* fix(alpine): handle security fixes
2020-06-29 20:54:35 +03:00
Simarpreet Singh
478299d366 nvd: bump to use 1.1 schema for baseMetricsV3
Signed-off-by: Simarpreet Singh <simar@linux.com>
2020-05-06 09:45:29 -07:00
Teppei Fukuda
e308afb79a
fix(git): fetch all branches (#32) 2020-04-06 12:57:24 +03:00
Liz Rice
9ad10fa73b
Merge pull request #31 from aquasecurity/license
Change license to Apache 2.0
2020-03-13 09:50:12 +00:00
Liz Rice
af559da030 Change license to Apache 2.0 2020-03-13 09:29:26 +00:00
Masahiro Fujimura
11f2a4cbee
Add GitHub Security Advisory Database (#29)
* Add GitHub Security Advisory

* Update go.mod

* Fix main.go

* Exec go mod tidy

* Change travis ci

* Fix Bugs...

* Add remobe directory

* Update review

* ghsa: Remove package level state

Signed-off-by: Simarpreet Singh <simar@linux.com>

* Add retry test

* test(ghsa): remove unneeded testdata

* refactor(ghsa): rename VersionAdvisories to Versions

* refactor(ghsa): unexport members

* refactor(ghsa): fix warnings

* refactor(ghsa): replace githubql with githubv4

* refactor(ghsa): update log messages

* refactor(ghsa): update error messages

* refactor(ghsa): unexport a function

* refactor(ghsa): make it  possible to replace wait function

* Fix empty line

Co-authored-by: Simarpreet Singh <simar@linux.com>
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
2020-02-28 08:15:34 +02:00
Teppei Fukuda
0fcaa3e3d3
fix(amazon): handle removed ALAS (#28)
* test(amazon): add a file to be removed

* fix(amazon): remove the entire dir once before updating ALAS
2020-01-29 22:05:10 +02:00
Masahiro Fujimura
a128f2f876 Ignore dev version (#27)
* Ignore dev version

* Review commit
2020-01-25 09:10:37 +02:00
Vesnica
9b951419fb Use shallow clone (#26) 2020-01-24 21:29:24 +02:00
Masahiro Fujimura
2b121145c6 Change ci order (#25) 2019-12-25 16:13:05 +02:00
Masahiro Fujimura
69b1818a1c Add photon advisory (#24)
* Add photon advisory

* refactor(photon): rename

* refactor(photon): update errors

* test(photon): add require.NotNil

* fix(photon): use pkg name as dir name

* test(photon): add invalid photon_versions.json

* test(photon): add invalid CVE-ID

* test(photon): rename testdata file name

* fix(photon): rename function name

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
2019-12-25 15:36:25 +02:00
Masahiro Fujimura
280f2c7390 Add SUSE oses support (#23)
* Add suse

* Add SUSE CVRF, Delete SUSE OVAL

* chore(dependency): update

* fix(suse): change struct

* fix(suse): change Threats to array

* fix(suse): change ProductStatus to array

* fix(suse): add omitempty
2019-12-15 21:28:23 +02:00
Masahiro Fujimura
e0b00010f2 Add oracle job (#22) 2019-11-17 12:26:28 +02:00
Masahiro Fujimura
afc3143fc1 Support Oracle Linux Security Advisory (#18)
* Add oracle vulnsrc

* Refactoring

* Review fixed

* Fix tests
2019-11-13 16:38:30 +02:00
Teppei Fukuda
bd6da033c2
fix(redhat-oval): replace os.MkdirAll with AppFs.MkdirAll (#21) 2019-11-13 12:44:21 +02:00
knqyf263
99ce5d6c70 chore(ci): add Red Hat OVAL 2019-11-08 09:19:50 -08:00
Simarpreet Singh
5c569c3d79 redhat_test: Added ErrInvalidRHSAFormat for format failures
Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-11-07 08:38:27 -08:00
knqyf263
b01356e537 test(fs): use other fs 2019-11-07 08:38:27 -08:00
Simarpreet Singh
07e6cada1f fs_test: Add testing for WriteJSON
Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-11-07 08:38:27 -08:00
Simarpreet Singh
51dffd9ee8 redhat_test: Add a failing test for saveRHSAPerYear failure
Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-11-07 08:38:27 -08:00
knqyf263
1a6d9b7f1e test(redhat_oval): handle an error 2019-11-07 08:38:27 -08:00
knqyf263
a98f189278 feat(rhel_oval): support RHEL OVAL 2019-11-07 08:38:27 -08:00
Itay Shakury
01c3455fc8 add contribution guidelines (#16)
* add contribution guidelines

same as Trivy's

* Update CONTRIBUTING.md

Co-Authored-By: Teppei Fukuda <knqyf263@gmail.com>
2019-10-31 22:22:18 +02:00
Harshit Singh
1441d86894 Update .gitignore (#17) 2019-10-31 22:21:42 +02:00