| Age | Commit message (Expand) | Author |
|---|
| 2016-05-23 | cve: Keep a summarized sexp in cache instead of the full XML....This avoids ~20s of XML parsing when running 'guix lint -c cve'.
* guix/cve.scm (vulnerability->sexp, sexp->vulnerability)
(fetch-vulnerabilities): New procedures.
(current-vulnerabilities): Use 'fetch-vulnerabilities'.
| Ludovic Courtès |
| 2016-03-11 | cve: Read entire CVE databases for the current year and the past year....The "Modified" database that we were reading is much smaller, but it
only shows CVEs modified over the past week.
* guix/cve.scm (%now, %current-year, %past-year): New variables.
(yearly-feed-uri): New procedure.
(%cve-feed-uri, %ttl): Remove.
(%current-year-ttl, %past-year-ttl): New variables.
(call-with-cve-port): Add 'uri' and 'ttl' parameters and honor them.
Add 'setvbuf' call.
(current-vulnerabilities)[read-vulnerabilities]: New procedure.
Read from both %LAST-YEAR and %CURRENT-YEAR.
| Ludovic Courtès |
| 2016-03-11 | cve: Make CPE patch level part of the version string....* guix/cve.scm (%cpe-package-rx): Adjust to account for :PATCH-LEVEL.
(cpe->package-name): Likewise.
| Ludovic Courtès |
| 2015-11-26 | Add (guix cve)....* guix/cve.scm, tests/cve-sample.xml, tests/cve.scm: New files.
* Makefile.am (MODULES): Add guix/cve.scm.
(SCM_TESTS): Add tests/cve.scm.
(EXTRA_DIST): Add tests/cve-sample.scm.
| Ludovic Courtès |
