Skip to content

Improve NVD handling and more #997

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pombredanne merged 27 commits into from
Nov 8, 2022
Merged

Improve NVD handling and more #997

pombredanne merged 27 commits into from
Nov 8, 2022

Conversation

@pombredanne
Copy link
Member

@pombredanne pombredanne commented Nov 8, 2022

This PR

  • improves how we handle NVD data
  • refactor the purl2cpe script
  • align some key internal names with UI and API (affected and fixed)
  • uses querysets as model managers and streamline views

Signed-off-by: Philippe Ombredanne pombredanne@nexb.com

pombredanne and others added 23 commits November 8, 2022 22:36
@pombredanne
Use environment variable to enable API auth
78906c1 
Setting VULNERABLECODEIO_REQUIRE_AUTHENTICATION will require auth
with an API key

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Improve docstring for user signal
c282203 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Enable the admin
78625e7 
This is handy for data browsing

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new command to create API-only users
5f72d37 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add minimal command to create API-only users
bc96503 
Also add minimal API auth and configuration documentation

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add simplified admin to create API users
3b5dd77 
* Create a new ApiUser proxy model to create a minimal admin.
* Streamline code and validate that a username is a valid email.
* Update the management command accordingly to share common code

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Towards API request self service
0d55cdf 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Move tos to the template dir for proper styling
7bc453f 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Transform tos in a template
dbaa8f2 
* Use shared footer
* Move navbar to base template to avoid duplication

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add back drf-spectacular as a dependency
121f1d0 
This will help generate an Open API documentation now that we do not
have CDN issues anymore with:
tfranzel/drf-spectacular#389

Referenced-by: #454
Thanks-you-to: T. Franzel @tfranzel
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Adopt drf_spectacular for live API doc
a82d34e 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add doc links to generate API docs
301b314 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Improve API doc and typing
fdf99c8 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Remove outdated schema_view from views
cfbd05f 
This is no longer needed as the OpenAPI schema is available directly
though drf-spectacular

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Generate API documentation
fc2858f 
And streamline urls

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Remove unused variables and imports
06aafa6 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Improve API documentation
b2dbdbd 
Override the swagger UI template
Format and improve settings and ruls.py

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Doe not extras in pip constraints
1af7625 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@TG1999 @pombredanne
Configire email settings
c6fe159 
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
@pombredanne
Use psycopg2-binary for consistency
b19bd16 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Streamline API key view documentation
6cd8538 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Rename command as create_api_user
caaf6c0 
Prefer underscore to dash

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Rename and improve cpe<->purl mapping
fc8362b 
* Use proper queryset instead of duplicated code.
* Update Package and Vulnerability querysets and use these
  This streamlines some of the core naming and duplication issues
* Refactor NVD importer core logic around a CveItem object
* Use new querysets rather than refetching from the NVD
* Add license and license notice
* Update documentation and tests accordingly

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne pombredanne requested a review from TG1999 November 8, 2022 22:45
@pombredanne
Format models
805c1fa 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Format settings
fe1e9bb 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Merge latest main branch
e4d508e 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Bump version
464adb3 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Copy link
Member Author

pombredanne commented Nov 8, 2022

All green. Merging!

@pombredanne pombredanne merged commit d4d2672 into main Nov 8, 2022
@pombredanne pombredanne deleted the nvd-improvements branch November 8, 2022 22:56
johnmhoran added a commit that referenced this pull request Nov 15, 2023
@johnmhoran
Widen the RTD page #997
c5135f4 
Reference: #977

Note: I just noticed that I named the branch with 997 but the issue is 977.

Signed-off-by: John M. Horan <johnmhoran@gmail.com>
TG1999 pushed a commit that referenced this pull request Nov 21, 2023
@johnmhoran
Widen the RTD page #977 (#1339)
f1fad9f 
* Widen the RTD page #997

Reference: #977

Note: I just noticed that I named the branch with 997 but the issue is 977.

Signed-off-by: John M. Horan <johnmhoran@gmail.com>

* Add width, margin and padding adjustments for mobile displays <= 768px #977

Reference: #977

Signed-off-by: John M. Horan <johnmhoran@gmail.com>

---------

Signed-off-by: John M. Horan <johnmhoran@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TG1999 TG1999 Awaiting requested review from TG1999

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pombredanne @TG1999