TakeV/guix - Gitea: Git with a cup of tea

Commit Graph

Author	SHA1	Message	Date
Ludovic Courtès	9608f4003d	tests: Fix malformed JSON. Guile-JSON 4.3.2 would parse in spite of these typos, but 4.4.1 is stricter. * tests/swh.scm (%directory-entries): Add missing comma. * tests/cve-sample.json: Likewise.	2020-12-21 17:47:35 +01:00
Ludovic Courtès	74afaa37d5	cve: Rewrite to read the JSON feed instead of the XML feed. The XML feed was discontinued on Oct. 16th, 2019: <https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3> * guix/cve.scm (string->date): New procedure. (<cve-item>, <cve>, <cve-reference>): New record types. (cpe-match->cve-configuration, configuration-data->cve-configurations) (json->cve-items, version-matches?): New procedures. (yearly-feed-uri): Change URL to refer to JSON feed. (cpe->product-alist, %parse-vulnerability-feed) (xml->vulnerabilities): Remove. (cve-configuration->package-list, merge-package-lists) (cve-item->vulnerability, json->vulnerabilities): New procedures. (write-cache): Use 'json->vulnerabilities' instead of 'xml->vulnerabilities', and remove 'parameterize'. (vulnerabilities->lookup-proc): Use 'version-matches?' when VERSION is true. tests/cve.scm (%sample): Use 'tests/cve-sample.json'. (%expected-vulnerabilities): Rewrite accordingly. ("json->cve-items", "cve-item-published-date") ("json->vulnerabilities"): New tests. ("xml->vulnerabilities"): Remove. ("vulnerabilities->lookup-proc"): Adjust to new vulnerabilities. * tests/cve-sample.json: New file. * tests/cve-sample.xml: Remove. * Makefile.am (EXTRA_DIST): Adjust accordingly. * doc/guix.texi (Invoking guix lint): Update nist.gov URLs.	2019-10-23 16:40:17 +02:00

Author

SHA1

Message

Date

Ludovic Courtès

9608f4003d

tests: Fix malformed JSON.

Guile-JSON 4.3.2 would parse in spite of these typos, but 4.4.1 is
stricter.

* tests/swh.scm (%directory-entries): Add missing comma.
* tests/cve-sample.json: Likewise.

2020-12-21 17:47:35 +01:00

Ludovic Courtès

74afaa37d5

cve: Rewrite to read the JSON feed instead of the XML feed.

The XML feed was discontinued on Oct. 16th, 2019:

  <https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3>

* guix/cve.scm (string->date*): New procedure.
(<cve-item>, <cve>, <cve-reference>): New record types.
(cpe-match->cve-configuration, configuration-data->cve-configurations)
(json->cve-items, version-matches?): New procedures.
(yearly-feed-uri): Change URL to refer to JSON feed.
(cpe->product-alist, %parse-vulnerability-feed)
(xml->vulnerabilities): Remove.
(cve-configuration->package-list, merge-package-lists)
(cve-item->vulnerability, json->vulnerabilities): New procedures.
(write-cache): Use 'json->vulnerabilities' instead of
'xml->vulnerabilities', and remove 'parameterize'.
(vulnerabilities->lookup-proc): Use 'version-matches?' when VERSION is
true.
* tests/cve.scm (%sample): Use 'tests/cve-sample.json'.
(%expected-vulnerabilities): Rewrite accordingly.
("json->cve-items", "cve-item-published-date")
("json->vulnerabilities"): New tests.
("xml->vulnerabilities"): Remove.
("vulnerabilities->lookup-proc"): Adjust to new vulnerabilities.
* tests/cve-sample.json: New file.
* tests/cve-sample.xml: Remove.
* Makefile.am (EXTRA_DIST): Adjust accordingly.
* doc/guix.texi (Invoking guix lint): Update nist.gov URLs.

2019-10-23 16:40:17 +02:00

2 Commits