search

eclipse / steady

Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Apache License 2.0
517 stars 123 forks source link

A question about the usage of kaybee. #499

Closed chenkehao1998 closed 3 years ago

chenkehao1998 commented 3 years ago

i refer to the document https://github.com/eclipse/steady/blob/master/docs/public/content/vuln_db/manuals/kb_importer.md I generated steady.sh by command kaybee export -t steady and modified it by replace the kb-importer jar file which i package it by the source. Then I run ./steady.sh and then a error occured.

2021-09-08 16:01:50,860 [main] [ERROR] se.steady.patcha.PatchAnalyzer - Unrecognized option: -o

So I remove the -o in steady.sh Another error occured .

2021-09-08 15:46:06,054 [main] [ERROR] se.steady.patcha.PatchAnalyzer - The following options are mandatory: (r)epo and (b)ug

I cannot import the data of vul because of the error. I hope I can get your help.Thank you very much!

chenkehao1998 commented 3 years ago

The document of https://eclipse.github.io/steady/vuln_db/ is outdate which made me meet a lot of difficulties.I found that I set wrong jar file.

copernico commented 3 years ago

Hi @chenkehao1998 , thanks for reporting this; you are right, the docs need to be updated, which is what we plan to do starting from next week. Sorry for the inconvenience :-(