Improve message on empty ROLIE feeds

gocsaf / csaf

Tools to download or provide CSAF (Common Security Advisory Framework) documents.

https://csaf.io

42 stars 25 forks source link

Improve message on empty ROLIE feeds #437

Open tschmidtb51 opened 1 year ago

tschmidtb51 commented 1 year ago

Currently (v2.2.1-95-ga65fead) the following output is produced when requesting a CSAF provider with only one empty feed:

Requirement 15: ROLIE feed (failed)
    - WARN: No entries in https://example.test/.well-known/csaf/white/csaf-feed-tlp-white.json
    - ERROR: One ROLIE feed with a TLP:WHITE, TLP:GREEN or unlabeled tlp must exist, but none were found.

It is correctly evaluated as valid, but the ERROR seems to be misleading...

tschmidtb51 commented 1 year ago

The code is in https://github.com/csaf-poc/csaf_distribution/blob/824079899e1b99695b2620c5b65f724862309697/cmd/csaf_checker/roliecheck.go#L359-L363 and above