Skip to content
Snippets Groups Projects
Commit a141c54a authored by Peter Moser's avatar Peter Moser :bee:
Browse files

WIP

parent af03122b
No related branches found
No related tags found
1 merge request!48Draft: Documentation updates
Pipeline #8860 waiting for manual action with stages
in 2 minutes and 28 seconds
......@@ -60,6 +60,7 @@ it is a presumed friend, and we can safely invite it to our party.
- [Step 11: Generate final SPDX file, after human review](#step-11-generate-final-spdx-file-after-human-review)
- [Step 12: Harvest all results and create a final report](#step-12-harvest-all-results-and-create-a-final-report)
- [Special commands](#special-commands)
- [CVEcheck](#cvecheck)
- [Session](#session)
- [Filter](#filter)
- [Manual installation and execution on your host machine](#manual-installation-and-execution-on-your-host-machine)
......@@ -1190,7 +1191,7 @@ optional arguments:
- INPUT: `.deltacode.json`, `.scancode.json`, `.fossy.json`, `.snapmatch.json`
and `.alienmatcher.json` files
- OUTPUT: `POOL/stats/<some-dated-name>.json` as report for the graphical Dashboard
- OUTPUT: `POOL/stats/<some-dated-name>.harvest.json` as report for the graphical Dashboard
Execute:
......@@ -1230,6 +1231,29 @@ optional arguments:
## Special commands
### CVEcheck
- INPUT: `POOL/stats/<some-dated-name>.harvest.json`
- OUTPUT: `POOL/stats/<some-dated-name>.harvest.cve.json` as report for the graphical Dashboard
Check potential security vulnerabilities for debian-like software packages. The
command searches the current national vulnerability database
([NIST](https://nvd.nist.gov/vuln/data-feeds)) and try to find potential
security vulnerabilities for the searched software product. Local copies of NIST
database feeds will be updated once every 24h.
The retrieved CVE's can be searched by `vendor`, `product` and `version`.
Alternatively, an existing `harvest.json` can be parsed and automatically
supplemented with appropriate results.
Execute:
```sh
aliens4friends cvecheck -s MYSESSION
```
### Session
#### Filter
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment