summaryrefslogtreecommitdiff
path: root/tests/cve-sample.json
AgeCommit message (Collapse)Author
2025-08-31cve: Upgrade to JSON 2.0 feeds.Nicolas Graves
Fixes guix/guix#2213. The 1.1-formatted-data is no longer available from NIST. * guix/cve.scm (string->date*, <cve-item>, reference-data->cve-configuration, cpe-match->cve-configuration, configuration-data->cve-configurations, json->cve-items, yearly-feed-uri, cve-item->vulnerability): Upgrade to JSON 2.0 feeds schema. (<cve>): Remove uneeded record. * tests/cve-sample.json: Update them. Remove CVE-2019-0005 (no value added, lots of lines). * tests/cve.scm (%expected-vulnerabilities): Upgrade accordingly. (json->cve-items, vulnerabilities->lookup-proc tests): Update accordingly. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2020-12-21tests: Fix malformed JSON.Ludovic Courtès
Guile-JSON 4.3.2 would parse in spite of these typos, but 4.4.1 is stricter. * tests/swh.scm (%directory-entries): Add missing comma. * tests/cve-sample.json: Likewise.
2019-10-23cve: Rewrite to read the JSON feed instead of the XML feed.Ludovic Courtès
The XML feed was discontinued on Oct. 16th, 2019: <https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3> * guix/cve.scm (string->date*): New procedure. (<cve-item>, <cve>, <cve-reference>): New record types. (cpe-match->cve-configuration, configuration-data->cve-configurations) (json->cve-items, version-matches?): New procedures. (yearly-feed-uri): Change URL to refer to JSON feed. (cpe->product-alist, %parse-vulnerability-feed) (xml->vulnerabilities): Remove. (cve-configuration->package-list, merge-package-lists) (cve-item->vulnerability, json->vulnerabilities): New procedures. (write-cache): Use 'json->vulnerabilities' instead of 'xml->vulnerabilities', and remove 'parameterize'. (vulnerabilities->lookup-proc): Use 'version-matches?' when VERSION is true. * tests/cve.scm (%sample): Use 'tests/cve-sample.json'. (%expected-vulnerabilities): Rewrite accordingly. ("json->cve-items", "cve-item-published-date") ("json->vulnerabilities"): New tests. ("xml->vulnerabilities"): Remove. ("vulnerabilities->lookup-proc"): Adjust to new vulnerabilities. * tests/cve-sample.json: New file. * tests/cve-sample.xml: Remove. * Makefile.am (EXTRA_DIST): Adjust accordingly. * doc/guix.texi (Invoking guix lint): Update nist.gov URLs.
generated by cgit v1.3 (git 2.53.0) at 2026-05-27 15:54:12 +0000