summaryrefslogtreecommitdiff
path: root/guix/cve.scm
AgeCommit message (Collapse)Author
2016-05-28cve: Use a more compact format for the list of package/versions.Ludovic Courtès
On a warm cache, "guix lint -c cve vorbis-tools" goes down from 6.5s to 2.4s. * guix/cve.scm (cpe->package-name): Change to return two values instead of a pair. (cpe->product-alist): New procedure. (%parse-vulnerability-feed): Use it instead of 'filter-map'. (fetch-vulnerabilities): Bump sexp format version to 1. (vulnerabilities->lookup-proc): Adjust accordingly. When #:version is omitted, return a list of vulnerabilities instead of a list of version/vulnerability pairs. * tests/cve.scm (%expected-vulnerabilities) ("vulnerabilities->lookup-proc): Adjust accordingly.
2016-05-26cve: Include the 3 previous years of vulnerabilities.Ludovic Courtès
* guix/cve.scm (fetch-vulnerabilities): Add 'format' call. (current-vulnerabilities): Include the 3 previous years.
2016-05-23cve: Remove now unnecessary HTTP caching.Ludovic Courtès
* guix/cve.scm (call-with-cve-port): Use 'http-fetch' instead of 'http-fetch/cached'.
2016-05-23cve: Keep a summarized sexp in cache instead of the full XML.Ludovic Courtès
This avoids ~20s of XML parsing when running 'guix lint -c cve'. * guix/cve.scm (vulnerability->sexp, sexp->vulnerability) (fetch-vulnerabilities): New procedures. (current-vulnerabilities): Use 'fetch-vulnerabilities'.
2016-03-11cve: Read entire CVE databases for the current year and the past year.Ludovic Courtès
The "Modified" database that we were reading is much smaller, but it only shows CVEs modified over the past week. * guix/cve.scm (%now, %current-year, %past-year): New variables. (yearly-feed-uri): New procedure. (%cve-feed-uri, %ttl): Remove. (%current-year-ttl, %past-year-ttl): New variables. (call-with-cve-port): Add 'uri' and 'ttl' parameters and honor them. Add 'setvbuf' call. (current-vulnerabilities)[read-vulnerabilities]: New procedure. Read from both %LAST-YEAR and %CURRENT-YEAR.
2016-03-11cve: Make CPE patch level part of the version string.Ludovic Courtès
* guix/cve.scm (%cpe-package-rx): Adjust to account for :PATCH-LEVEL. (cpe->package-name): Likewise.
2015-11-26Add (guix cve).Ludovic Courtès
* guix/cve.scm, tests/cve-sample.xml, tests/cve.scm: New files. * Makefile.am (MODULES): Add guix/cve.scm. (SCM_TESTS): Add tests/cve.scm. (EXTRA_DIST): Add tests/cve-sample.scm.