guix.git - Mirror of the official guix repository

Age	Commit message (Collapse)	Author
2016-05-26	cve: Include the 3 previous years of vulnerabilities.	Ludovic Courtès
	* guix/cve.scm (fetch-vulnerabilities): Add 'format' call. (current-vulnerabilities): Include the 3 previous years.
2016-05-23	cve: Remove now unnecessary HTTP caching.	Ludovic Courtès
	* guix/cve.scm (call-with-cve-port): Use 'http-fetch' instead of 'http-fetch/cached'.
2016-05-23	cve: Keep a summarized sexp in cache instead of the full XML.	Ludovic Courtès
	This avoids ~20s of XML parsing when running 'guix lint -c cve'. * guix/cve.scm (vulnerability->sexp, sexp->vulnerability) (fetch-vulnerabilities): New procedures. (current-vulnerabilities): Use 'fetch-vulnerabilities'.
2016-03-11	cve: Read entire CVE databases for the current year and the past year.	Ludovic Courtès
	The "Modified" database that we were reading is much smaller, but it only shows CVEs modified over the past week. * guix/cve.scm (%now, %current-year, %past-year): New variables. (yearly-feed-uri): New procedure. (%cve-feed-uri, %ttl): Remove. (%current-year-ttl, %past-year-ttl): New variables. (call-with-cve-port): Add 'uri' and 'ttl' parameters and honor them. Add 'setvbuf' call. (current-vulnerabilities)[read-vulnerabilities]: New procedure. Read from both %LAST-YEAR and %CURRENT-YEAR.
2016-03-11	cve: Make CPE patch level part of the version string.	Ludovic Courtès
	* guix/cve.scm (%cpe-package-rx): Adjust to account for :PATCH-LEVEL. (cpe->package-name): Likewise.
2015-11-26	Add (guix cve).	Ludovic Courtès
	* guix/cve.scm, tests/cve-sample.xml, tests/cve.scm: New files. * Makefile.am (MODULES): Add guix/cve.scm. (SCM_TESTS): Add tests/cve.scm. (EXTRA_DIST): Add tests/cve-sample.scm.