🏡 index : github.com/captn3m0/photon-os-advisories.git

author Nemo <commits@captnemo.in> 2025-02-03 14:45:26.0 +05:30:00
committer Nemo <commits@captnemo.in> 2025-02-03 14:45:26.0 +05:30:00
commit 
b8f6d73ff4e4588e328788410bc43c346adb9bff [patch]
tree 
ce7731bab088319ce2a143352f5307a755cee09b
parent 
3875de6a86ed72d0d6e424cc8ac8d009f4f1c6be
download 
b8f6d73ff4e4588e328788410bc43c346adb9bff.tar.gz

upgrade deps, fix schema




Diff


 generate.py | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------
 uv.lock     | 18 ++++++++++++++++--
 2 files changed, 62 insertions(+), 32 deletions(-)

diff --git a/generate.py b/generate.py
index 45d2fa0..457cb61 100644
--- a/generate.py
+++ a/generate.py
@@ -18,10 +18,13 @@
ADVISORY_URL = "https://github.com/vmware/photon/wiki/Security-Update-{slug}"
PHOTON_VERSIONS = range(1, 6)
ADVISORIES_DIR = "photon-wiki"
HEADERS = {
    "User-Agent": "Mozilla/5.0 Gecko/20100101 Firefox/126.0"
}
HEADERS = {"User-Agent": "Mozilla/5.0 Gecko/20100101 Firefox/126.0"}


def format_as_rfc3339(timestamp):
    return timestamp.strftime("%Y-%m-%dT%H:%M:%SZ")


def last_modified_date(file):
    p = int(
        subprocess.check_output(
@@ -98,19 +101,21 @@
                    }
                    fixed_version = cve_fixed_version(pkg, cves, os_version, advisory)
                    if fixed_version:
                        r["ranges"] = {
                            "events": [
                                {"introduced": "0"},
                                {"fixed": fixed_version},
                            ],
                            "type": "ECOSYSTEM",
                        }
                        r["ranges"] = [
                            {
                                "events": [
                                    {"introduced": "0"},
                                    {"fixed": fixed_version},
                                ],
                                "type": "ECOSYSTEM",
                            }
                        ]
                    return r

                yield {
                    "id": advisory,
                    "modified": modified.isoformat("T", timespec='seconds') + "Z",
                    "published": published.isoformat("T", timespec='seconds') + "Z",
                    "modified": format_as_rfc3339(modified),
                    "published": format_as_rfc3339(published),
                    "related": cves,
                    "affected": [affected(pkg, cves, os_version) for pkg in packages],
                    "references": [
@@ -122,8 +127,12 @@
def merge_advisories(advisory_file, data):

    def dedup_dicts(items):
        dedupped = [ json.loads(i) for i in set(canonicaljson.encode_canonical_json(item) for item in items)]
        dedupped = [
            json.loads(i)
            for i in set(canonicaljson.encode_canonical_json(item) for item in items)
        ]
        return dedupped

    # read the current advisory data as json
    with open(advisory_file, "r") as f:
        original = json.load(f)
@@ -133,7 +142,7 @@

    # Add any new data, but use a set, to avoid
    # duplicate entries
    for key in ['affected', 'related', 'references']:
    for key in ["affected", "related", "references"]:
        if current[key]:
            current[key].extend(data[key])
            current[key] = dedup_dicts(current[key])
@@ -144,17 +153,25 @@
    # and the later modified date
    current["published"] = (
        min(
            datetime.strptime(current["published"].replace('+00:00', ''), "%Y-%m-%dT%H:%M:%SZ"),
            datetime.strptime(data["published"].replace('+00:00', ''),    "%Y-%m-%dT%H:%M:%SZ"),
        ).isoformat("T", timespec='seconds')
            datetime.strptime(
                current["published"].replace("+00:00", ""), "%Y-%m-%dT%H:%M:%SZ"
            ),
            datetime.strptime(
                data["published"].replace("+00:00", ""), "%Y-%m-%dT%H:%M:%SZ"
            ),
        ).isoformat("T", timespec="seconds")
        + "Z"
    )

    current["modified"] = (
        max(
            datetime.strptime(current["modified"].replace('+00:00', ''), "%Y-%m-%dT%H:%M:%SZ"),
            datetime.strptime(data["modified"].replace('+00:00', ''),    "%Y-%m-%dT%H:%M:%SZ"),
        ).isoformat("T", timespec='seconds')
            datetime.strptime(
                current["modified"].replace("+00:00", ""), "%Y-%m-%dT%H:%M:%SZ"
            ),
            datetime.strptime(
                data["modified"].replace("+00:00", ""), "%Y-%m-%dT%H:%M:%SZ"
            ),
        ).isoformat("T", timespec="seconds")
        + "Z"
    )

@@ -172,10 +189,11 @@

    # If there were important changes, but modified hasn't changed
    # bump the timestamp so downstream can pick up changes
    if original['modified'] == current['modified']:
        current['modified'] = datetime.now().isoformat("T", timespec='seconds') + "Z"
    if original["modified"] == current["modified"]:
        current["modified"] = datetime.now().isoformat("T", timespec="seconds") + "Z"

    return current


def fetch_cve_metadata(PHOTON_VERSIONS):
    cve_metadata = {}
@@ -209,20 +227,22 @@
                    cve_metadata[cve].append(row)
                else:
                    cve_metadata[cve] = [row]
            print(f"[+] CVE metadata for Photon OS {branch}.0: Added {len(cve_list)} CVEs")
        
            print(
                f"[+] CVE metadata for Photon OS {branch}.0: Added {len(cve_list)} CVEs"
            )

    return cve_metadata


def __main__(advisory_id = None):
def __main__(advisory_id=None):
    cve_metadata = fetch_cve_metadata(PHOTON_VERSIONS)
    advisories = set()

    for d in get_osv(cve_metadata):
        advisories.add(d['id'])
        advisories.add(d["id"])
        # If we are only running for a single advisory
        # Check and continue if it doesn't match
        if advisory_id and d['id'] != advisory_id:
        if advisory_id and d["id"] != advisory_id:
            continue
        fn = f"advisories/{d['id']}.json"
        if os.path.exists(fn):
@@ -240,7 +260,7 @@


if __name__ == "__main__":
    if len(sys.argv) >=2:
    if len(sys.argv) >= 2:
        __main__(sys.argv[1])
    else:
        __main__()
diff --git a/uv.lock b/uv.lock
index badb87b..c96c037 100644
--- a/uv.lock
+++ a/uv.lock
@@ -1,16 +1,17 @@
version = 1
requires-python = ">=3.13"
requires-python = ">=3.10"

[[package]]
name = "beautifulsoup4"
version = "4.12.3"
version = "4.13.0"
source = { registry = "https://pypi.org/simple" }
dependencies = [
    { name = "soupsieve" },
    { name = "typing-extensions" },
]
sdist = { url = "https://files.pythonhosted.org/packages/b3/ca/824b1195773ce6166d388573fc106ce56d4a805bd7427b624e063596ec58/beautifulsoup4-4.12.3.tar.gz", hash = "sha256:74e3d1928edc070d21748185c46e3fb33490f22f52a3addee9aee0f4f7781051", size = 581181 }
sdist = { url = "https://files.pythonhosted.org/packages/4b/d3/6f4047d1de55b7a290ef8d4b4ebf59dcc24742920ebbed0909f823424205/beautifulsoup4-4.13.0.tar.gz", hash = "sha256:b6e5afb3a2b1472c8db751a92eabf7834e5c7099f990c5e4b35f1f16b60bae64", size = 558514 }
wheels = [
    { url = "https://files.pythonhosted.org/packages/b1/fe/e8c672695b37eecc5cbf43e1d0638d88d66ba3a44c4d321c796f4e59167f/beautifulsoup4-4.12.3-py3-none-any.whl", hash = "sha256:b80878c9f40111313e55da8ba20bdba06d8fa3969fc68304167741bbf9e082ed", size = 147925 },
    { url = "https://files.pythonhosted.org/packages/6e/74/d53cf0c527b20fc87351e6fd9d51aac9b5d1e32ec5a3a32b84671806ab40/beautifulsoup4-4.13.0-py3-none-any.whl", hash = "sha256:9c4c3dfa67aba55f6cd03769c441b21e6a369797fd6766e4b4c6b3399aae2735", size = 184993 },
]

[[package]]
@@ -82,4 +83,13 @@
sdist = { url = "https://files.pythonhosted.org/packages/d7/ce/fbaeed4f9fb8b2daa961f90591662df6a86c1abf25c548329a86920aedfb/soupsieve-2.6.tar.gz", hash = "sha256:e2e68417777af359ec65daac1057404a3c8a5455bb8abc36f1a9866ab1a51abb", size = 101569 }
wheels = [
    { url = "https://files.pythonhosted.org/packages/d1/c2/fe97d779f3ef3b15f05c94a2f1e3d21732574ed441687474db9d342a7315/soupsieve-2.6-py3-none-any.whl", hash = "sha256:e72c4ff06e4fb6e4b5a9f0f55fe6e81514581fca1515028625d0f299c602ccc9", size = 36186 },
]

[[package]]
name = "typing-extensions"
version = "4.12.2"
source = { registry = "https://pypi.org/simple" }
sdist = { url = "https://files.pythonhosted.org/packages/df/db/f35a00659bc03fec321ba8bce9420de607a1d37f8342eee1863174c69557/typing_extensions-4.12.2.tar.gz", hash = "sha256:1a7ead55c7e559dd4dee8856e3a88b41225abfe1ce8df57b7c13915fe121ffb8", size = 85321 }
wheels = [
    { url = "https://files.pythonhosted.org/packages/26/9f/ad63fc0248c5379346306f8668cda6e2e2e9c95e01216d2b8ffd9ff037d0/typing_extensions-4.12.2-py3-none-any.whl", hash = "sha256:04e5ca0351e0f3f85c6853954072df659d0d13fac324d0072316b67d7794700d", size = 37438 },
]