Commit Graph

37 Commits

Author SHA1 Message Date
Teppei Fukuda
f54b1d9b90
BREAKING CHANGE: extract Debian security advisories to separate repo (#219)
* use vuln-list-debian

* test: fix

* rename dir

* refactor: split dirs per year
2023-06-26 16:52:22 +03:00
Teppei Fukuda
ecaf1143a9
BREAKING CHANGE: extract Red Hat security advisories to separate repository (#217)
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
2023-06-22 10:20:19 +03:00
Dan Luhring
77ea72500e
Add support for Chainguard distro (#190)
Signed-off-by: Dan Luhring <dluhring@chainguard.dev>
2023-03-30 11:30:22 +03:00
knqyf263
733c29e819
chore: trigger wolfi updater 2022-12-08 16:55:53 +02:00
Dan Luhring
bc20caf598
feat(wolfi): add support for Wolfi Linux (#183)
Signed-off-by: Dan Luhring <dluhring@chainguard.dev>
Co-authored-by: AMF <work@afdesk.com>
2022-12-04 11:07:37 +02:00
DmitriyLewen
93a59be88c
feat(amazon): add amazon linux 2022 (#166)
Co-authored-by: knqyf263 <knqyf263@gmail.com>
2022-07-04 10:35:10 +03:00
Masahiro331
0875550b05
feat(kevc): add known exploited vulnerability catalog (#152) 2022-05-26 07:08:21 +03:00
Alan (Maciej) Paruszewski
de6aced299
feat(glad): add ability to set custom repository uri (#136) 2022-04-21 12:39:18 +03:00
Masahiro331
23a9b285d9
feat(cbl-mariner) support CBL Mariner Vulnerability Data (#133) 2022-01-29 15:33:40 +02:00
MaineK00n
4d919c3b2a
feat(rocky): support Rocky Linux (#107) 2022-01-18 15:45:06 +02:00
Teppei Fukuda
87765ef560
feat(go): add Go Vulnerability Database (#120)
* feat(go): add Go Vulnerability Database

* refactor: use retry
2021-12-20 17:25:43 +02:00
DmitriyLewen
93a39619f8
feat(osv) : add osv support (#113)
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
2021-12-19 14:02:42 +02:00
rahul2393
809b210fda
feat(debian-oval): removing debian oval from vuln-list-update (#112) 2021-11-14 18:48:51 +02:00
Naimuddin Shaik
3104324321
feat(alpine): add support of unfixed vulnerabilities (#93)
Co-authored-by: knqyf263 <knqyf263@gmail.com>
2021-09-12 20:30:20 +03:00
MaineK00n
e081c6e763
feat(alma): support AlmaLinux (#98)
* feat(alma): support AlmaLinux Errata

* style(alma): change var name

* fix(alma): fix test case

* chore: fix typo

* chore: use pb/v3

* chore: change by review

* style: rename var

* fix(alma): change location of the module field

* feat(alma): more detailed by year

* refactor(alma): do not loop twice

* refactor(alma): use IssuedDate

* refactor(alma): remove magic number

* refactor(alma): use time.UnixMilli
2021-09-03 01:02:09 +03:00
santhosh1729
96e4364d1b
Arch linux folder name change (#90) 2021-06-15 15:43:31 +03:00
santhosh1729
71d82581c9
feat: add Arch Linux Tracker (#88)
* Arch Linux Tracker to collect vulnerabilities

* refactor(arch)

* chore: go mod tidy

Co-authored-by: knqyf263 <knqyf263@gmail.com>
2021-06-06 19:14:28 +03:00
Teppei Fukuda
357afc54d8
feat: support GitLab Advisory Database (#73)
* initial commit

* chore(mod): update

* test(gemnasium): add tests

* feat(main): add target

* change(GitLab Advisories Database) gemnasium to advisories community

* fix(GitLab Advisory Database) Identifer to upper case

* test(GitLab Advisory Database) add lower case identifer test

* fix(GitLab Advisory Database) no newline at end of file

* fix(GitLab Advisory Database) fix test use JSONEq

* fix(GitLab Advisory Database) fix clone community advisory branch name

* change(git) CloneOrPull use default branch

* refactor(glad)

Co-authored-by: masahiro331 <mur4m4s4.331@gmail.com>
2021-04-27 13:59:59 +03:00
rahul2393
a62fe1fcc1
Refactored based on operating system (#81) 2021-04-23 11:21:27 +03:00
Teppei Fukuda
4d89e3c744
feat: clean repository at the end (#69)
* feat: add debug flag

* refactor(git): remove unnecessary methods

* feat: git reset and clean

* refactor: fix a lint issue
2021-01-17 06:31:52 +02:00
Teppei Fukuda
8f3abd6a6c
feat(alpine): migrate to a new secdb (#68)
* refactor: replace a method to a function

* feat(alpine): migrate to a new secdb

* lint fix

* feat(alpine): split files
2021-01-11 17:08:29 +02:00
Masahiro331
9cdf1c8d60
Support Red Hat OVAL v2 (#65)
* [WIP] ovalv2

* Add redhat ovalv2

* delete debug struct

* referctoring json file

* refactor error message

* refactor test comment

* change command target

* update workflows

* fix xml

* add omitempty

* update test data

* add remove dicectory option

* fix error message

* change redhat2 oval workflow

* delete  -remove-redhat-ovalv2 flag

* update test code

* feat(main): add VULN_LIST_ENV for debugging

* feat(oval/redhat2): add RHEL5 from OVALv1

* test(redhat2): add RHEL5

* update bagzilla

* update test

* Revert "test(redhat2): add RHEL5"

This reverts commit 226645438212fcaf0b5ed3428c40aa3b06e37e22.

* Revert "feat(oval/redhat2): add RHEL5 from OVALv1"

This reverts commit c8bad1c051020eb0fa67f6e355208f549a136106.

* fix(main): early return

* refactor(main): fix log messages

* refactor(redhat2)

* fix(redhat2): use ID

* refactor

* refactor(redhat): replace redhat with redhat2

Co-authored-by: knqyf263 <knqyf263@gmail.com>
2020-12-31 15:38:53 +02:00
Teppei Fukuda
38a3516f0a
fix: migrate from master to main (#63) 2020-12-17 17:05:35 +02:00
Simarpreet Singh
0692711618
cwe: Add a commit message to updates (#43)
Signed-off-by: Simarpreet Singh <simar@linux.com>
2020-08-06 10:22:55 +03:00
Simarpreet Singh
319f079602
cwe: Add initial logic to download and save CWE files (#40)
* cwe: Add initial logic to download and save CWE files

Signed-off-by: Simarpreet Singh <simar@linux.com>

* cwe: Add logic to parse and save XML data as file

Signed-off-by: Simarpreet Singh <simar@linux.com>

* cwe: Dont save XML file as output

Signed-off-by: Simarpreet Singh <simar@linux.com>

* cwe: Save each CWE-ID as a JSON document

Signed-off-by: Simarpreet Singh <simar@linux.com>

* cwe: Address nits

Signed-off-by: Simarpreet Singh <simar@linux.com>
2020-08-04 14:01:18 -07:00
Masahiro Fujimura
11f2a4cbee
Add GitHub Security Advisory Database (#29)
* Add GitHub Security Advisory

* Update go.mod

* Fix main.go

* Exec go mod tidy

* Change travis ci

* Fix Bugs...

* Add remobe directory

* Update review

* ghsa: Remove package level state

Signed-off-by: Simarpreet Singh <simar@linux.com>

* Add retry test

* test(ghsa): remove unneeded testdata

* refactor(ghsa): rename VersionAdvisories to Versions

* refactor(ghsa): unexport members

* refactor(ghsa): fix warnings

* refactor(ghsa): replace githubql with githubv4

* refactor(ghsa): update log messages

* refactor(ghsa): update error messages

* refactor(ghsa): unexport a function

* refactor(ghsa): make it  possible to replace wait function

* Fix empty line

Co-authored-by: Simarpreet Singh <simar@linux.com>
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
2020-02-28 08:15:34 +02:00
Masahiro Fujimura
69b1818a1c Add photon advisory (#24)
* Add photon advisory

* refactor(photon): rename

* refactor(photon): update errors

* test(photon): add require.NotNil

* fix(photon): use pkg name as dir name

* test(photon): add invalid photon_versions.json

* test(photon): add invalid CVE-ID

* test(photon): rename testdata file name

* fix(photon): rename function name

Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
2019-12-25 15:36:25 +02:00
Masahiro Fujimura
280f2c7390 Add SUSE oses support (#23)
* Add suse

* Add SUSE CVRF, Delete SUSE OVAL

* chore(dependency): update

* fix(suse): change struct

* fix(suse): change Threats to array

* fix(suse): change ProductStatus to array

* fix(suse): add omitempty
2019-12-15 21:28:23 +02:00
Masahiro Fujimura
afc3143fc1 Support Oracle Linux Security Advisory (#18)
* Add oracle vulnsrc

* Refactoring

* Review fixed

* Fix tests
2019-11-13 16:38:30 +02:00
knqyf263
a98f189278 feat(rhel_oval): support RHEL OVAL 2019-11-07 08:38:27 -08:00
Teppei Fukuda
3d158c2bf9
fix(debian): remove rejected vulnerabilities (#15)
* fix(debian): remove rejected vulnerabilities

* test(debian): remove a debug line

* debian_test: strengthen asserts with assert.NoError

Signed-off-by: Simarpreet Singh <simar@linux.com>

* debian_test: Remove un-needed subtest and add TODO

Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-10-16 10:53:47 +03:00
Teppei Fukuda
99a80f64fb Support Amazon Linux AMI Security Advisory (#9)
* Support Amazon Linux AMI Security Advisory

* Update gorequest

* amazon: Add some basic testcases for Update() method.

This commmit adds a seam for Update()
to dependency inject for testing purposes.

Signed-off-by: Simarpreet Singh <simar@linux.com>

* Add more tests

* amazon_test: Fix another lint issue

Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-10-12 20:02:24 -07:00
knqyf263
3e42145b06 Fix alpine tests 2019-10-10 18:45:17 +03:00
Simarpreet Singh
3905e5a59d
alpine: Add dependency injection seams for testing Update()
This also introduces a new interface for the git package for consumers to use.

Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-10-07 17:28:23 -07:00
sadayuki-matsuno
cde9253fe9 available in other repositories (#5)
* use other repo

* use LookupEnv and check remote url

* fix check remote url

* fix after review
2019-10-02 11:05:57 +03:00
knqyf263
63a0ca9107 Transfer repositoriy 2019-08-18 22:47:18 -10:00
knqyf263
c05aeaf538 initial 2019-05-07 12:50:32 +09:00