[Git][security-tracker-team/security-tracker][master] 2 commits: process-cve-records: add --work-dir argument

Emilio Pozuelo Monfort (@pochu) pochu at debian.org
Fri Apr 28 12:00:36 BST 2023



Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9d0f59bc by Emilio Pozuelo Monfort at 2023-04-28T12:59:49+02:00
process-cve-records: add --work-dir argument

And switch to argparse for argument processing.

- - - - -
51bf1a60 by Emilio Pozuelo Monfort at 2023-04-28T12:59:49+02:00
update-xrefs: add --work-dir argument

- - - - -


2 changed files:

- bin/process-cve-records
- bin/update-xrefs


Changes:

=====================================
bin/process-cve-records
=====================================
@@ -7,10 +7,10 @@
 #
 # Copyright © 2023 Emilio Pozuelo Monfort <pochu at debian.org>
 
+import argparse
 import io
 import json
 import os
-import sys
 import zipfile
 
 import requests
@@ -20,10 +20,8 @@ from sectracker import parsers
 
 CVE_ZIPFILE = 'https://github.com/CVEProject/cvelistV5/archive/refs/heads/main.zip'
 
-debug_enabled = False
-
 def debug(m):
-    if debug_enabled:
+    if args.verbose:
         print(m)
 
 
@@ -126,8 +124,15 @@ def download_zip_file():
     b = io.BytesIO(r.content)
     process_zip_file(b)
 
+default_workdir = os.path.join(os.path.dirname(os.path.dirname(__file__)))
+
+parser = argparse.ArgumentParser(description='Update CVE list with MITRE CVE records')
+parser.add_argument('-v', '--verbose', action="store_true", help='enable verbose messages')
+parser.add_argument('--work-dir', help='path to security-tracker repo (default: relative to the script)', default=default_workdir)
+parser.add_argument('file', nargs='?', help='file to process, or download records from MITRE if not specified')
+args = parser.parse_args()
 
-main_list = os.path.dirname(__file__) + '/../data/CVE/list'
+main_list = args.work_dir + '/data/CVE/list'
 
 debug("reading cve file")
 cves = parsers.cvelist(main_list)
@@ -135,20 +140,17 @@ debug("finished reading cve file")
 
 cve_dir = { cve.header.name: cve for cve in cves }
 
-if len(sys.argv) == 1:
+if not args.file:
     # no argument, we download the CVE db
     download_zip_file()
-elif sys.argv[1].endswith('.json'):
-    record_file = sys.argv[1]
-    debug("processing record " + record_file)
-    process_record_filename(record_file)
+elif args.file.endswith('.json'):
+    debug("processing record " + args.file)
+    process_record_filename(args.file)
     debug("record processed")
-elif sys.argv[1].endswith('.zip'):
-    zip_file = sys.argv[1]
-    process_zip_file(zip_file)
+elif args.file.endswith('.zip'):
+    process_zip_file(args.file)
 else:
-    record_dir = sys.argv[1]
-    process_record_dir(record_dir)
+    process_record_dir(args.file)
 
 # write CVE file back
 with open(main_list, 'w') as f:


=====================================
bin/update-xrefs
=====================================
@@ -4,6 +4,7 @@
 #
 # Copyright © 2023 Emilio Pozuelo Monfort <pochu at debian.org>
 
+import argparse
 import os
 
 import setup_paths  # noqa
@@ -73,10 +74,16 @@ def remove_xrefs(cves):
                 cve.annotations.remove(ann)
 
 
-dsa_list = os.path.dirname(__file__) + '/../data/DSA/list'
-dtsa_list = os.path.dirname(__file__) + '/../data/DTSA/list'
-dla_list = os.path.dirname(__file__) + '/../data/DLA/list'
-main_list = os.path.dirname(__file__) + '/../data/CVE/list'
+default_workdir = os.path.join(os.path.dirname(os.path.dirname(__file__)))
+
+parser = argparse.ArgumentParser(description='Update cross-references in CVE list')
+parser.add_argument('--work-dir', help='path to security-tracker repo (default: relative to the script)', default=default_workdir)
+args = parser.parse_args()
+
+dsa_list = args.work_dir + '/data/DSA/list'
+dtsa_list = args.work_dir + '/data/DTSA/list'
+dla_list = args.work_dir + '/data/DLA/list'
+main_list = args.work_dir + '/data/CVE/list'
 
 cves = parsers.cvelist(main_list)
 cve_map = {cve.header.name: cve for cve in cves}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b13ee03be59726a3c1639871f9bfe1b02b7acfc3...51bf1a60fb49f19b8c1e8f335ffafceecfa3c1ba

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b13ee03be59726a3c1639871f9bfe1b02b7acfc3...51bf1a60fb49f19b8c1e8f335ffafceecfa3c1ba
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230428/5e753d9c/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list