Skip to content
Snippets Groups Projects
Select Git revision
  • petsc-uname
  • hdf5-uname
  • snakemake-7.21
  • unmerged-fixes
  • petsc-repro
  • master default
  • base-for-issue-62196
  • v1.4.0
  • v1.4.0rc2
  • v1.4.0rc1
  • v1.3.0
  • v1.3.0rc2
  • v1.3.0rc1
  • v1.2.0
  • v1.2.0rc2
  • v1.2.0rc1
  • v1.1.0
  • v1.1.0rc2
  • v1.1.0rc1
  • bootstrap-20190815
  • v1.0.1
  • v1.0.0
  • v0.16.0
  • v0.15.0
  • v0.14.0
  • v0.13.0
26 results
Blame Permalink
  • Ludovic Courtès's avatar
    74afaa37
    cve: Rewrite to read the JSON feed instead of the XML feed. · 74afaa37
    Ludovic Courtès authored 
    The XML feed was discontinued on Oct. 16th, 2019:

  <https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3>

* guix/cve.scm (string->date*): New procedure.
(<cve-item>, <cve>, <cve-reference>): New record types.
(cpe-match->cve-configuration, configuration-data->cve-configurations)
(json->cve-items, version-matches?): New procedures.
(yearly-feed-uri): Change URL to refer to JSON feed.
(cpe->product-alist, %parse-vulnerability-feed)
(xml->vulnerabilities): Remove.
(cve-configuration->package-list, merge-package-lists)
(cve-item->vulnerability, json->vulnerabilities): New procedures.
(write-cache): Use 'json->vulnerabilities' instead of
'xml->vulnerabilities', and remove 'parameterize'.
(vulnerabilities->lookup-proc): Use 'version-matches?' when VERSION is
true.
* tests/cve.scm (%sample): Use 'tests/cve-sample.json'.
(%expected-vulnerabilities): Rewrite accordingly.
("json->cve-items", "cve-item-published-date")
("json->vulnerabilities"): New tests.
("xml->vulnerabilities"): Remove.
("vulnerabilities->lookup-proc"): Adjust to new vulnerabilities.
* tests/cve-sample.json: New file.
* tests/cve-sample.xml: Remove.
* Makefile.am (EXTRA_DIST): Adjust accordingly.
* doc/guix.texi (Invoking guix lint): Update nist.gov URLs.
    74afaa37
    History
    cve: Rewrite to read the JSON feed instead of the XML feed.
    Ludovic Courtès authored 
    The XML feed was discontinued on Oct. 16th, 2019:

  <https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3>

* guix/cve.scm (string->date*): New procedure.
(<cve-item>, <cve>, <cve-reference>): New record types.
(cpe-match->cve-configuration, configuration-data->cve-configurations)
(json->cve-items, version-matches?): New procedures.
(yearly-feed-uri): Change URL to refer to JSON feed.
(cpe->product-alist, %parse-vulnerability-feed)
(xml->vulnerabilities): Remove.
(cve-configuration->package-list, merge-package-lists)
(cve-item->vulnerability, json->vulnerabilities): New procedures.
(write-cache): Use 'json->vulnerabilities' instead of
'xml->vulnerabilities', and remove 'parameterize'.
(vulnerabilities->lookup-proc): Use 'version-matches?' when VERSION is
true.
* tests/cve.scm (%sample): Use 'tests/cve-sample.json'.
(%expected-vulnerabilities): Rewrite accordingly.
("json->cve-items", "cve-item-published-date")
("json->vulnerabilities"): New tests.
("xml->vulnerabilities"): Remove.
("vulnerabilities->lookup-proc"): Adjust to new vulnerabilities.
* tests/cve-sample.json: New file.
* tests/cve-sample.xml: Remove.
* Makefile.am (EXTRA_DIST): Adjust accordingly.
* doc/guix.texi (Invoking guix lint): Update nist.gov URLs.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.