search

csaf-tools / CVRF-CSAF-Converter

A CVRF CSAF Converter, taking care about OASIS specification.
https://www.telekom.com/security
MIT License
10 stars 4 forks source link

Integrate turvallisuusneuvonta #55

Closed sustefil closed 2 years ago

sustefil commented 2 years ago

As discussed here:

https://github.com/csaf-tools/CVRF-CSAF-Converter/issues/14#issuecomment-1039012590

Integrate the mandatory tests into cvrf2csaf.py:

https://github.com/sthagen/turvallisuusneuvonta

sustefil commented 2 years ago

Hi @sthagen ,

Could you pretty please push a new turvallisuusneuvonta version to PyPi? The current one (2022.2.13) doesn't include the mandatory package, so I cannot:

import turvallisuusneuvonta.csaf.core.rules.mandatory.mandatory

Thanks!

sthagen commented 2 years ago

https://github.com/sthagen/turvallisuusneuvonta/issues/11v2022.2.14 on PyPI:

The Programming API gives some hints on how to not have to type import monsters ๐Ÿ‘น like import turvallisuusneuvonta.csaf.core.rules.mandatory.mandatory.

PS: When all rules are implemented and kind of tested:

  1. the now established public API will remain
  2. the private (spike) implementations will have been replaced
  3. the functionality will enter the target PyPI package csaf

@sustefil, @cgi1, @tschmidtb51: When (3.) is accomplished, the python internal use will be as simple as:

import csaf

csaf_doc_as_dict = ...  # essentially a json.load(...)

if csaf.is_valid(csaf_doc_as_dict):
    print('CSAF document is valid')
tschmidtb51 commented 2 years ago

@sthagen Thanks for the great work!