Closed nottrobin closed 2 years ago
Hi, does landing this branch now mean that there is an API for deleting CVEs from the security website?
(for my reference, I need to delete CVE-2022-20003)
Thanks for any clarity you can give!
@stevebeattie yes there should always have been, I didn't create it in this PR I just tested it works. You simply need to send a DELETE request to a https://ubuntu.com/security/cves/CVE-xxx-xxx.json
URL, with a valid authentication token.
Or yes you can make use of the script in this PR, obviously changing the URL for the live one.
dotrun start-db
anddotrun delete-db
QA
Management scripts
Test the DB management scripts:
You can check the running database can be used by e.g. running the generation script (in another terminal):
Sample data
Check the sample data is automatically loaded when you run the site:
Now go to http://0.0.0.0:8030/security/cves.json and http://0.0.0.0:8030/security/notices.json, check you see some real-looking CVEs and Notices.
Create and delete notice and CVE data through the API
With the site still running, run the scripts (it'll probably ask you to authenticate through the browser):
Go to:
To check they were created properly.
Now try deleting them:
Now go back to:
And check they've been deleted (you might need to refresh because of the caching).