Age | Commit message (Collapse) | Author |
|
On a warm cache, "guix lint -c cve vorbis-tools" goes down
from 6.5s to 2.4s.
* guix/cve.scm (cpe->package-name): Change to return two values instead
of a pair.
(cpe->product-alist): New procedure.
(%parse-vulnerability-feed): Use it instead of 'filter-map'.
(fetch-vulnerabilities): Bump sexp format version to 1.
(vulnerabilities->lookup-proc): Adjust accordingly. When #:version is
omitted, return a list of vulnerabilities instead of a list of
version/vulnerability pairs.
* tests/cve.scm (%expected-vulnerabilities)
("vulnerabilities->lookup-proc): Adjust accordingly.
|
|
* guix/cve.scm (fetch-vulnerabilities): Add 'format' call.
(current-vulnerabilities): Include the 3 previous years.
|
|
* guix/cve.scm (call-with-cve-port): Use 'http-fetch' instead of
'http-fetch/cached'.
|
|
This avoids ~20s of XML parsing when running 'guix lint -c cve'.
* guix/cve.scm (vulnerability->sexp, sexp->vulnerability)
(fetch-vulnerabilities): New procedures.
(current-vulnerabilities): Use 'fetch-vulnerabilities'.
|
|
The "Modified" database that we were reading is much smaller, but it
only shows CVEs modified over the past week.
* guix/cve.scm (%now, %current-year, %past-year): New variables.
(yearly-feed-uri): New procedure.
(%cve-feed-uri, %ttl): Remove.
(%current-year-ttl, %past-year-ttl): New variables.
(call-with-cve-port): Add 'uri' and 'ttl' parameters and honor them.
Add 'setvbuf' call.
(current-vulnerabilities)[read-vulnerabilities]: New procedure.
Read from both %LAST-YEAR and %CURRENT-YEAR.
|
|
* guix/cve.scm (%cpe-package-rx): Adjust to account for :PATCH-LEVEL.
(cpe->package-name): Likewise.
|
|
* guix/cve.scm, tests/cve-sample.xml, tests/cve.scm: New files.
* Makefile.am (MODULES): Add guix/cve.scm.
(SCM_TESTS): Add tests/cve.scm.
(EXTRA_DIST): Add tests/cve-sample.scm.
|