Skip to content

Don't ban me #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
sbs2001 wants to merge 133 commits into
base: gh_action_tests
Choose a base branch
from
Open

Don't ban me #8

sbs2001 wants to merge 133 commits into from

Conversation

@sbs2001
Copy link
Owner

@sbs2001 sbs2001 commented Jan 29, 2021

No description provided.

rolfschr and others added 30 commits November 4, 2020 12:30
@rolfschr
Initial flake.nix
3560eb0 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Further improvements
1963218 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Rename package.
0d88ae6 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Move requirements.txt check from test to package.
2a92a37 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Add test-import-using-nix.sh
67ec2fc 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Update readme
1318855 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Use nix-shell in make-poetry-conversion-patch.sh
e14c7aa 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Make make-poetry-conversion-patch.sh fast.
908f6e3 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@tushar912
add info in readme
0107ce2 
Signed-off-by: Tushar912 <tushar.912u@gmail.com>
@tushar912
rephrase text
ccda6eb 
Signed-off-by: Tushar912 <tushar.912u@gmail.com>
@sbs2001
Merge pull request aboutcode-org#283 from tushar912/faq
7f8ae63 
Added faq section
@rolfschr
Merge branch 'main' into add-nix-support
e540bac
@tushar912
add elixir security importer and test
38ec05f 
Signed-off-by: Tushar912 <tushar.912u@gmail.com>

add elixir security to init.py

Signed-off-by: Tushar912 <tushar.912u@gmail.com>

add test for elixir security

Signed-off-by: Tushar912 <tushar.912u@gmail.com>

fixed code style

Signed-off-by: Tushar912 <tushar.912u@gmail.com>
@tushar912
use dephell_specifier for version ranges and sort imports
70ac4cd 
Signed-off-by: Tushar912 <tushar.912u@gmail.com>
@tushar912
added HexVersionAPI and mock test it
f809a89 
Signed-off-by: Tushar912 <tushar.912u@gmail.com>
@tushar912
fixed code style
922e34f 
Signed-off-by: Tushar912 <tushar.912u@gmail.com>
@rolfschr
Move nix-related files to /etc/nix
f5e429b 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Adapt code to actually work when flake.nix is in etc/nix.
1160988 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Do not create patch anymore but rather keep generated poetry files.
c0e5513 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
s/autogenerated/generated/g
beecbf4 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Add .github/workflows/test-import-using-nix.yml
a3d833e 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Fix workflow.
39430e7 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Update docs
1ff3dfd 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Do not import --all but only alpine for github workflow
a584ac4 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Use mach-nix instead of poetry2nix.
ae96dcc 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@rolfschr
Improve docs.
7dfdc99 
Signed-off-by: Rolf Schröder <rolf.schr@gmail.com>
@sbs2001
Add instructions to set up GitHub token
ed57c8f 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Update how to guides to reflect new data structures
7208830 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Merge pull request aboutcode-org#271 from sbs2001/update_docs
e9d9f8a 
Update docs
@sbs2001
Adapt rust importer to import data from new data format.
ab6e28a 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
sbs2001 and others added 30 commits January 21, 2021 22:11
@sbs2001
Merge pull request aboutcode-org#313 from sbs2001/fix_null_qualifier
9cac5f8 
Don't allow null values for qualifiers
@sbs2001
Fix formatting in README.rst
3b903ae
@sbs2001
Add db models to store severity scores of vulnerabilities
b0651b9 
 A VulnerabilitySeverity models is added in models.py to
 store severity of vulnerability.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Add dataclasses and enable to import severity scores
57d824e 
 A dataclass `VulnerabilitySeverity` is added to enable to
 transport of severity scores.

 The logic in importer_runner.py is modified to store, update
 severity scores and link it to reference and vulnerability

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Store severity scores given by NVD.
370c2df 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Store severity scores given by RedHat
00d9ecd 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Remove VulnerabilityReferenceInserter class
7ee657b 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Make code review changes
f57c42c 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Avoid unnnecessary init of default args in test_nvd.py
d244cf2 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Delete vscode config and add it to gitignore
df5cf2e 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Rename scores to severities in the advisory dataclass
ed917a2 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Improve order of fields in Reference dataclass
6d405a8 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Store severity scores given by NVD.
5c84afb 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Store severity scores given by RedHat
d2e2615 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Misc Data Structure changes
4af0fcd 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Refactor tests and importers to use new data structure field names
dab33bb 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Rebase and resolve conflicts
eae0fd2 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Create and use ScoringSystem objects for handling severity
9c05886 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Cast score value to string while inserting it into db
404445b 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@sbs2001
Change field naming in VulnerabilitySeverity model
9a72e52 
scoring_system_identifier is changed to scoring_system

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
@pombredanne
Merge remote add-nix-support branch aboutcode-org#275
cc26ed4 
From https://github.com/ngi-nix/vulnerablecode/

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add changelog entry for aboutcode-org#275
707ce40 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Format license text and use latest version.
8350f6c 
Correct ABOUT file

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add FIXME comment to Etag function
38d4d1a 
We are not using etag correctly. Also the function name is misleading
as we are checking the Etag in this create_etag function

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Harden Ubuntu OVAL importer
36f43d1 
This importer no longer worked with failures to process some version
ranges as RangeSpecifier(). These change imprivae error handling and
crude logging using print statements for now.
Also apply minor code formatting.

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Revert "Harden Ubuntu OVAL importer"
dc21a60 
This reverts commit 36f43d1.
@pombredanne
Revert "Add FIXME comment to Etag function"
0c9bf6f 
This reverts commit 38d4d1a.
@pombredanne
Revert "Format license text and use latest version."
d35abb4 
This reverts commit 8350f6c.
@sbs2001
Merge branch 'main' of https://github.com/nexB/vulnerablecode into main
a203a62
@sbs2001
Run ubuntu importer
a944dfb 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@sbs2001 @rolfschr @tushar912 @pombredanne