-
CSAF Aggregators must at least do two mirrors, but can also have entries that are just listed, see
https://github.com/oasis-tcs/csaf/issues/470
### technical consideration
A config option per pro…
-
If finding data fails because of the TLS certificate of the HTTPS server cannot be validated, there is no hint in the output.
User will want to know what the reason for the failure ist.
Expectat…
-
Implement serving of
* [x] 7.1.16 Requirement 16: ROLIE service document
* [x] 7.1.17 Requirement 17: ROLIE category document
Both should have the options to either not write the document or co…
-
The file `changes.csv` is not correctly constructed: Current output is:
```
2022-07-14T08:20:40Z,YYYY/filename.json
```
However, the [spec](https://docs.oasis-open.org/csaf/csaf/v2.0/cs02/csaf-v2.…
-
A freshly run provider and aggregator write inconsistent datetime parameters (~v0.9.1), see examples
`https://localhost:9443/.well-known/csaf-aggregator/aggregator.json`
```json
"metadata…
-
Some functions implemented in the `csaf_aggregator` are useful when implementing a downloader.
The should be provided that they can be used easily.
-
Some CSAF providers may block an IP address if there are too many documents downloaded in a certain time frame.
To stay below this threshold, a config option in the checker and per provider in the …
-
The link to the ROLIE in the mirrored `provider-metadata.json` is incorrect. A current test revealed that the link in the `https://aggregator.example.com/.well-known/csaf-aggregator/Example_Company_01…
-
# Situation
Currently section [7.2.5](https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02.html#725-role-csaf-aggregator) reads:
> A distributing party satisfies the "CSAF aggregator" …
-
As protection against an overly long running process, another start of `csaf_aggregator` should be detected, prevented and warned about. This shall protect against two instances running and conflictin…