Stage/vuls - vuls - Gitea: Git with a cup of tea

Stage/vuls

Author	SHA1	Message	Date
Kota Kanbe	f047a6fe0c	breaking-change: Update vuls-dictionaries (#1307 ) * chore: udpate dictionaries * update gost * chore: update gost * chore(go-cve-dict): use v0.8.1 * chore: change linter from golint to revive * chore(linter): set revive config * chore: fix commands and update golangci-lint version * fix: lint errs * chore: update gost Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>	2021-09-21 05:10:29 +09:00
MaineK00n	7f15a86d6a	chore: change repository owner (#1306 )	2021-09-16 11:05:37 +09:00
MaineK00n	591786fde6	feat(oval): support new goval-dictionary model (#1280 ) * feat(oval): support new goval-dictionary model * chore: fix lint err * chore: set len of slice to 0 * fix(oval): avoid contamination of AffectedPackages by writing directly to defPacks * fix(oval): avoid contamination of AffectedPackages by writing directly to defPacks * feat(report): do not add duplicate CveContent * chore: goval-dictionary update * chore: go mod tidy * fix(oval): preload Advisory.Cves for Ubuntu https://github.com/kotakanbe/goval-dictionary/pull/152 Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>	2021-09-13 10:19:59 +09:00
Kota Kanbe	4a72295de7	feat(saas): support for library-only scanning (#1300 )	2021-09-10 15:38:35 +09:00
Kota Kanbe	3e67f04fe4	breaking-change(cpescan): Improve Cpe scan (#1290 ) * chore(cpescan): enable to pass useJvn to detector.DetectCpeURIsCves() * review comment * chore: go mod update go-cve * feat(cpescan): set JvnVendorProductMatch to confidence If detected by JVN * add NvdExactVersionMatch andd NvdRoughVersionMatch * add confidence-over option to report * sort CveContetens * fix integration-test	2021-09-07 16:18:59 +09:00
Kota Kanbe	1003f62212	chore: update go-cve-dictionary (#1292 )	2021-08-26 13:45:40 +09:00
Kota Kanbe	9b18e1f9f0	breaking-change(go-exploitdb): support new go-exploitdb (#1288 )	2021-08-20 08:00:57 +09:00
Kota Kanbe	24f790f474	feat(go-cve): update go-cve-dictionary (#1287 ) diff: `a31a3152c1...5043255`	2021-08-19 05:34:03 +09:00
MaineK00n	fb8749fc5e	fix(cpescan): fix confidence in cpe uri scan (#1286 ) * fix(cpescan): fix confidence in cpe uri scan * feat(cpe): add NA case * chore: use HasNvd, HasJvn instead of len * chore: go-cve-dictionary update	2021-08-19 04:59:09 +09:00
MaineK00n	96c3592db1	breaking-change(go-cve-dict): support new go-cve-dictionary (#1277 ) * feat(model): change CveContents(map[string]CveContent) to map[string][]CveContent * fix(cpescan): use CveIDSource * chore: check Nvd, Jvn data * chore: go-cve-dictionary update * chore: add to cveDetails as is, since CveID is embedded in the response	2021-08-13 18:00:55 +09:00
Kota Kanbe	5f4d68cde4	feat(go-msf): update deps (#1275 ) https://github.com/takuzoo3868/go-msfdb/pull/22	2021-07-21 09:13:34 +09:00
Kota Kanbe	543dc99ecd	fix(cpescan): CpeVendorProductMatch not set when Redis Backend (#1273 ) * fix(cpescan): CpeVendorProductMatch not set when Redis Backend * fix(integration): deprecated CPE URI * fix(integration-test): add a test case for CpeVendorProductMatch * fix review * update deps go-cve-dict v0.6.2	2021-07-19 08:43:58 +09:00
Kota Kanbe	f0b3a8b1db	feat(cpescan): Use JVN as a second DB for CPE scan (#1268 ) * feat(cpescan): Use JVN as a second DB for CPE scan * feat(tui): display score of detectionmethod * update go.mod	2021-07-08 12:39:46 +09:00
Norihiro NAKAOKA	b8db2e0b74	feat(report): Change the priority of CVE information in Debian (#1202 ) * fix (bug) : using ScanResults refs #1019 * feat(gost): WIP change priority of CVE Info in Debian * feat(report): change priority of CVE Info in Debian * refactor: move RemoveRaspbianPackFromResult * style: remove comment * fix: lint error * style: change coding style * feat(report): support reporting with gost alone * fix: merge error * refactor(debian): change code to be simple	2021-06-21 15:14:41 +09:00
Kota Kanbe	0095c40e69	fix(vet): go vet err of `make build-scanner` (#1248 )	2021-06-09 08:00:52 +09:00
Kota Kanbe	e115235299	fix(test): dev mode to false in package-lock.json (#1242 ) * fix(test): dev mode to false in package-lock.json * fix: vet warning	2021-05-17 08:04:16 +09:00
Kota Kanbe	e553f8b4c5	feat(trivy): go mod update trivy v0.17.2 (#1235 ) * feat(trivy): go mod update trivy v0.17.2 * wg.Wait * fix reporting * fix test case * add gemfile.lock of redmine to integration test * fix(test): add Pipfile.lock * add poetry.lock to integration test * add composer.lock to integration test * add integration test case	2021-05-12 18:27:55 +09:00
otuki	dc9c0edece	refactor(git-conf): Specifing ignoreGitHubDismissed per repository (#1224 ) * refactor(git-conf): Specifing ignoreGitHubDismissed per repository with config.toml * refactor(git-conf): change json tag into camelCase * refactor(git-conf): change first char of json tag into lowercase	2021-04-28 13:41:38 +09:00
Kota Kanbe	a692cec0ef	fix(gost): close gost DB connection in server mode #1217 (#1221 )	2021-04-21 11:59:11 +09:00
Kota Kanbe	27b3e17b79	feat(saas): delete json dir automatically after upload (#1212 ) * feat(saas): delete json dir automatically after upload * fix lint err	2021-04-15 05:58:41 +09:00
Kota Kanbe	740781af56	feat(logging): add -log-to-file and don't output to file by default (#1209 ) * feat(logging): add -log-to-file and don't output to file by default * update go-cve-dict * fix lint err	2021-04-05 17:41:07 +09:00
Kota Kanbe	36c9c229b8	fix(report): avoid nil pointer when report FreeBSD (#1208 )	2021-04-05 12:54:27 +09:00
Kota Kanbe	6fef4db8a0	fix .goreleaser.yml (#1204 ) * fix .goreleaser.yml * chore: fix lint warnings	2021-04-01 17:43:54 +09:00
Kota Kanbe	9bfe0627ae	refactor: don't use global Config in private func (#1197 ) * refactor: cve_client.go * refactor: don't use global Config in private func * remove import alias for config * refactor: dbclient * refactor: resultDir * refactor: resultsDir * refactor * refactor: gost * refactor: db client * refactor: cveDB * refactor: cvedb * refactor: exploitDB * refactor: remove detector/dbclient.go * refactor: writer * refactor: syslog writer * refactor: ips * refactor: ensureResultDir * refactor: proxy * fix(db): call CloseDB * add integration test * feat(report): sort array in json * sort func for json diff * add build-int to makefile * add int-rds-redis to makefile * fix: test case, makefile * fix makefile * show cve count after diff * make diff * diff -c * sort exploits in json for diff * sort metasploit, exploit	2021-04-01 13:36:24 +09:00
Kota Kanbe	cda91e0906	refactor: loading owasp dependency check xml (#1195 )	2021-03-11 08:51:44 +09:00
Kota Kanbe	54e73c2f54	fix(wordpress): enable to detect vulns of WordPress Core (#1193 )	2021-03-09 10:40:52 +09:00
Kota Kanbe	1c4a12c4b7	refactor(report): initialize DB connection (#1186 )	2021-03-02 06:34:46 +09:00
Kota Kanbe	3f2ac45d71	Refactor logger (#1185 ) * refactor: logger * refactor: logging * refactor: rename func * refactor: logging * refactor: logging format	2021-02-26 10:36:58 +09:00
Kota Kanbe	2cdeef4ffe	refactor(config): validateOnReport (#1182 )	2021-02-25 07:41:49 +09:00
Kota Kanbe	03579126fd	refactor(config): localize config used like a global variable (#1179 ) * refactor(report): LocalFileWriter * refactor -format-json * refacotr: -format-one-email * refactor: -format-csv * refactor: -gzip * refactor: -format-full-text * refactor: -format-one-line-text * refactor: -format-list * refacotr: remove -to-* from config * refactor: IgnoreGitHubDismissed * refactor: GitHub * refactor: IgnoreUnsocred * refactor: diff * refacotr: lang * refacotr: cacheDBPath * refactor: Remove config references * refactor: ScanResults * refacotr: constant pkg * chore: comment * refactor: scanner * refactor: scanner * refactor: serverapi.go * refactor: serverapi * refactor: change pkg structure * refactor: serverapi.go * chore: remove emtpy file * fix(scan): remove -ssh-native-insecure option * fix(scan): remove the deprecated option `keypassword`	2021-02-25 05:54:17 +09:00

30 Commits