search

intel / cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
https://cve-bin-tool.readthedocs.io/en/latest/
GNU General Public License v3.0
1.23k stars 464 forks source link

feat: json2 schema & tests #4324

Open terriko opened 3 months ago

terriko commented 3 months ago

In #3980, @mastersans has added a new json export format for cve-bin-tool (named json2 if you want to try it). I'd like to have a schema for it and a test that runs jsonschema.validate or equivalent on a basic output and on our test data so that once we settle into a schema we don't accidentally break things.

I'd consider this schema to be in flux until the 3.4 release, but we're hoping to have a pre-release for 3.4 later this month so we'll likely be settling on the final form soon.

anthonyharrison commented 3 months ago

see also #4333

terriko commented 2 months ago

Okay, we've got the description in the docs. I'd still like a schema and tests, but I think I'm going to accept that this isn't happening in time for 3.4 and move it out to the "future" milestone.