[Git][security-tracker-team/security-tracker][master] 2 commits: process-cve-records: add --work-dir argument
Emilio Pozuelo Monfort (@pochu)
pochu at debian.org
Fri Apr 28 12:00:36 BST 2023
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9d0f59bc by Emilio Pozuelo Monfort at 2023-04-28T12:59:49+02:00
process-cve-records: add --work-dir argument
And switch to argparse for argument processing.
- - - - -
51bf1a60 by Emilio Pozuelo Monfort at 2023-04-28T12:59:49+02:00
update-xrefs: add --work-dir argument
- - - - -
2 changed files:
- bin/process-cve-records
- bin/update-xrefs
Changes:
=====================================
bin/process-cve-records
=====================================
@@ -7,10 +7,10 @@
#
# Copyright © 2023 Emilio Pozuelo Monfort <pochu at debian.org>
+import argparse
import io
import json
import os
-import sys
import zipfile
import requests
@@ -20,10 +20,8 @@ from sectracker import parsers
CVE_ZIPFILE = 'https://github.com/CVEProject/cvelistV5/archive/refs/heads/main.zip'
-debug_enabled = False
-
def debug(m):
- if debug_enabled:
+ if args.verbose:
print(m)
@@ -126,8 +124,15 @@ def download_zip_file():
b = io.BytesIO(r.content)
process_zip_file(b)
+default_workdir = os.path.join(os.path.dirname(os.path.dirname(__file__)))
+
+parser = argparse.ArgumentParser(description='Update CVE list with MITRE CVE records')
+parser.add_argument('-v', '--verbose', action="store_true", help='enable verbose messages')
+parser.add_argument('--work-dir', help='path to security-tracker repo (default: relative to the script)', default=default_workdir)
+parser.add_argument('file', nargs='?', help='file to process, or download records from MITRE if not specified')
+args = parser.parse_args()
-main_list = os.path.dirname(__file__) + '/../data/CVE/list'
+main_list = args.work_dir + '/data/CVE/list'
debug("reading cve file")
cves = parsers.cvelist(main_list)
@@ -135,20 +140,17 @@ debug("finished reading cve file")
cve_dir = { cve.header.name: cve for cve in cves }
-if len(sys.argv) == 1:
+if not args.file:
# no argument, we download the CVE db
download_zip_file()
-elif sys.argv[1].endswith('.json'):
- record_file = sys.argv[1]
- debug("processing record " + record_file)
- process_record_filename(record_file)
+elif args.file.endswith('.json'):
+ debug("processing record " + args.file)
+ process_record_filename(args.file)
debug("record processed")
-elif sys.argv[1].endswith('.zip'):
- zip_file = sys.argv[1]
- process_zip_file(zip_file)
+elif args.file.endswith('.zip'):
+ process_zip_file(args.file)
else:
- record_dir = sys.argv[1]
- process_record_dir(record_dir)
+ process_record_dir(args.file)
# write CVE file back
with open(main_list, 'w') as f:
=====================================
bin/update-xrefs
=====================================
@@ -4,6 +4,7 @@
#
# Copyright © 2023 Emilio Pozuelo Monfort <pochu at debian.org>
+import argparse
import os
import setup_paths # noqa
@@ -73,10 +74,16 @@ def remove_xrefs(cves):
cve.annotations.remove(ann)
-dsa_list = os.path.dirname(__file__) + '/../data/DSA/list'
-dtsa_list = os.path.dirname(__file__) + '/../data/DTSA/list'
-dla_list = os.path.dirname(__file__) + '/../data/DLA/list'
-main_list = os.path.dirname(__file__) + '/../data/CVE/list'
+default_workdir = os.path.join(os.path.dirname(os.path.dirname(__file__)))
+
+parser = argparse.ArgumentParser(description='Update cross-references in CVE list')
+parser.add_argument('--work-dir', help='path to security-tracker repo (default: relative to the script)', default=default_workdir)
+args = parser.parse_args()
+
+dsa_list = args.work_dir + '/data/DSA/list'
+dtsa_list = args.work_dir + '/data/DTSA/list'
+dla_list = args.work_dir + '/data/DLA/list'
+main_list = args.work_dir + '/data/CVE/list'
cves = parsers.cvelist(main_list)
cve_map = {cve.header.name: cve for cve in cves}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b13ee03be59726a3c1639871f9bfe1b02b7acfc3...51bf1a60fb49f19b8c1e8f335ffafceecfa3c1ba
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b13ee03be59726a3c1639871f9bfe1b02b7acfc3...51bf1a60fb49f19b8c1e8f335ffafceecfa3c1ba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230428/5e753d9c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list