зеркало из https://github.com/golang/vulndb.git
b75d871dca
The post-submit trigger that deploys vulndb now additionally publishes or updates any CVEs that have changed via the CVE Services API. This means we no longer need to manually publish CVEs in the normal course of business. This is safe because the CVE program no longer makes direct edits to CVE records, so the records in data/cve/v5 are canonical. This CL additionally removes the logic to handle the case in which a record was modified by the CVE program, and adds a convenience command "publish-all" which non-interactively publishes/updates all CVEs that need it. API user name and token for the service account are stored in GCP Secret Manager. Manual tests via "gcloud builds submit" worked. Change-Id: I68ce77001067c6e1eff9478234ec7fc76dac587d Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606779 Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> |
||
|---|---|---|
| .. | ||
| checkdb | ||
| checkdeploy | ||
| cve | ||
| forks | ||
| gendb | ||
| indexdb | ||
| inspect | ||
| issue | ||
| modinfo | ||
| priority | ||
| triage | ||
| vulnreport | ||
| worker | ||