Skip to content

Commit

Permalink
Merge pull request #97 from RedHatProductSecurity/release-1.7.0
Browse files Browse the repository at this point in the history
Update for 1.7.0 release
  • Loading branch information
mprpic authored Dec 5, 2024
2 parents 01ea8c2 + 3d6f7e8 commit 3a6642c
Show file tree
Hide file tree
Showing 21 changed files with 117 additions and 90 deletions.
7 changes: 7 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,12 @@
# Changelog

## [1.7.0](https://github.com/RedHatProductSecurity/cvelib/compare/1.6.0...1.7.0) (Dec 5, 2024)

* Updated CVE record schemas to version 5.1.1 (#96).
* Added a new subcommand, `validate`, to verify that a CVE record (or a specific container of a record) is valid
against a specific CVE v5 schema (#95).
* Switched to a stricter version of the CVE ID matching regex (6f18918).

## [1.6.0](https://github.com/RedHatProductSecurity/cvelib/compare/1.5.0...1.6.0) (Oct 11, 2024)

* Subcommands that not require authentication credentials no longer require `-u/-o/-a` options to be set (#93).
Expand Down
12 changes: 6 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

A library and a command line interface for the CVE Services API.

**Note**: version 1.4.0 of cvelib is compatible with CVE Services 2.3.1 and CVE JSON schema 5.1.0.
**Note**: version 1.7.0 of cvelib is compatible with CVE Services 2.5.0 and CVE JSON schema 5.1.1.

## Requirements

Expand Down Expand Up @@ -239,7 +239,7 @@ For more information, see the individual methods defined in the
```bash
git clone https://github.com/RedHatProductSecurity/cvelib.git
cd cvelib
python3 -m venv venv # Must be Python 3.6 or later
python3 -m venv venv
source venv/bin/activate
pip install --upgrade pip
pip install -e .
Expand Down Expand Up @@ -275,10 +275,10 @@ Running tests and linters:
tox
# Run format check only
tox -e black
# Run tests against Python 3.6 only
tox -e py36
# Run a single test against Python 3.6 only
tox -e py36 -- tests/test_cli.py::test_cve_show
# Run tests using a specific version of Python
tox -e py313
# Run a single test using a specific version of Python
tox -e py313 -- tests/test_cli.py::test_cve_show
```

Any changes in the commands, their options, or help texts must be reflected in the generated man pages. To refresh
Expand Down
2 changes: 1 addition & 1 deletion cvelib/__init__.py
Original file line number Diff line number Diff line change
@@ -1 +1 @@
__version__ = "1.6.0"
__version__ = "1.7.0"
2 changes: 1 addition & 1 deletion man/cve-list.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE LIST" "1" "2024-10-11" "1.6.0" "cve list Manual"
.TH "CVE LIST" "1" "2024-12-05" "1.6.0" "cve list Manual"
.SH NAME
cve\-list \- Filter and list reserved CVE IDs owned by...
.SH SYNOPSIS
Expand Down
2 changes: 1 addition & 1 deletion man/cve-org-users.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE ORG USERS" "1" "2024-10-11" "1.6.0" "cve org users Manual"
.TH "CVE ORG USERS" "1" "2024-12-05" "1.6.0" "cve org users Manual"
.SH NAME
cve\-org\-users \- List all users in your organization.
.SH SYNOPSIS
Expand Down
2 changes: 1 addition & 1 deletion man/cve-org.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE ORG" "1" "2024-10-11" "1.6.0" "cve org Manual"
.TH "CVE ORG" "1" "2024-12-05" "1.6.0" "cve org Manual"
.SH NAME
cve\-org \- Show information about your organization.
.SH SYNOPSIS
Expand Down
2 changes: 1 addition & 1 deletion man/cve-ping.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE PING" "1" "2024-10-11" "1.6.0" "cve ping Manual"
.TH "CVE PING" "1" "2024-12-05" "1.6.0" "cve ping Manual"
.SH NAME
cve\-ping \- Ping the CVE Services API to see if it is up.
.SH SYNOPSIS
Expand Down
27 changes: 13 additions & 14 deletions man/cve-publish-adp.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE PUBLISH-ADP" "1" "2024-10-11" "1.6.0" "cve publish-adp Manual"
.TH "CVE PUBLISH-ADP" "1" "2024-12-05" "1.6.0" "cve publish-adp Manual"
.SH NAME
cve\-publish-adp \- Add or update an ADP container in a CVE...
.SH SYNOPSIS
Expand All @@ -7,26 +7,25 @@ cve\-publish-adp \- Add or update an ADP container in a CVE...
.SH DESCRIPTION
Add or update an ADP container in a CVE record for a published CVE ID.
.PP
NOTE: a published ADP container cannot be removed, only updated with new data.
NOTE: a published ADP container cannot be removed, only updated with new data.
.PP
The ADP container can be specified as a string:
The ADP container can be specified as a string:
.PP
cve publish-adp CVE-2022-1234 -j '{"affected": [], "descriptions": [], "references": {}, ...}'
cve publish-adp CVE-2022-1234 -j '{"affected": [], "descriptions": [], "references": {}, ...}'
.PP
Or passed in a file:
Or passed in a file:
.PP
cve publish-adp CVE-2022-1234 -f adp.json
cve publish-adp CVE-2022-1234 -f adp.json
.PP
For information on the required properties in a given ADP container of a CVE record,
see the schema in:
For information on the required properties in a given ADP container of a CVE record,
see the schema in:
.PP
https://github.com/CVEProject/cve-schema/blob/master/schema/v5.0/CVE_JSON_5.0_schema.json
https://cveproject.github.io/cve-schema/schema/v5.0/docs/#oneOf_i0_containers_adp
https://cveproject.github.io/cve-schema/schema/docs/
.PP
Because the CVE Services API only expects the ADP container contents of the full CVE v5 record,
the data you pass to this command can specify just the attributes defined by the adpContainer
subschema.
.PP
Because the CVE Services API only expects the ADP container contents of the full CVE v5 record,
the data you pass to this command can specify just the attributes defined by the adpContainer
subschema.

.SH OPTIONS
.TP
\fB\-j,\fP \-\-adp\-json TEXT
Expand Down
31 changes: 15 additions & 16 deletions man/cve-publish.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE PUBLISH" "1" "2024-10-11" "1.6.0" "cve publish Manual"
.TH "CVE PUBLISH" "1" "2024-12-05" "1.6.0" "cve publish Manual"
.SH NAME
cve\-publish \- Publish a CNA container of a CVE record...
.SH SYNOPSIS
Expand All @@ -7,28 +7,27 @@ cve\-publish \- Publish a CNA container of a CVE record...
.SH DESCRIPTION
Publish a CNA container of a CVE record for a reserved (or rejected) CVE ID.
.PP
If the CVE is already published, this action will update the CNA container in its record. A
published CVE can only be moved to the rejected state with an appropriate reject record (see
`cve reject`). A published CVE cannot be moved back to the reserved state.
If the CVE is already published, this action will update the CNA container in its record. A
published CVE can only be moved to the rejected state with an appropriate reject record (see
`cve reject`). A published CVE cannot be moved back to the reserved state.
.PP
The CNA container can be specified as a string:
The CNA container can be specified as a string:
.PP
cve publish CVE-2022-1234 -j '{"affected": [], "descriptions": [], "references": {}, ...}'
cve publish CVE-2022-1234 -j '{"affected": [], "descriptions": [], "references": {}, ...}'
.PP
Or passed in a file:
Or passed in a file:
.PP
cve publish CVE-2022-1234 -f cve.json
cve publish CVE-2022-1234 -f cve.json
.PP
For information on the required properties in a given CNA container of a CVE record,
see the schema in:
For information on the required properties in a given CNA container of a CVE record,
see the schema in:
.PP
https://github.com/CVEProject/cve-schema/blob/master/schema/v5.0/CVE_JSON_5.0_schema.json
https://cveproject.github.io/cve-schema/schema/v5.0/docs/#oneOf_i0_containers_cna
https://cveproject.github.io/cve-schema/schema/docs/
.PP
Because the CVE Services API only expects the CNA container contents of the full CVE v5 record,
the data you pass to this command can specify just the attributes defined by the
cnaPublishedContainer or cnaRejectedContainer subschemas, and not the full schema record.
.PP
Because the CVE Services API only expects the CNA container contents of the full CVE v5 record,
the data you pass to this command can specify just the attributes defined by the
cnaPublishedContainer or cnaRejectedContainer subschemas, and not the full schema record.

.SH OPTIONS
.TP
\fB\-j,\fP \-\-cve\-json TEXT
Expand Down
12 changes: 6 additions & 6 deletions man/cve-quota.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE QUOTA" "1" "2024-10-11" "1.6.0" "cve quota Manual"
.TH "CVE QUOTA" "1" "2024-12-05" "1.6.0" "cve quota Manual"
.SH NAME
cve\-quota \- Display the available CVE ID quota for...
.SH SYNOPSIS
Expand All @@ -7,11 +7,11 @@ cve\-quota \- Display the available CVE ID quota for...
.SH DESCRIPTION
Display the available CVE ID quota for your CNA.
.PP
- "Limit": how many CVE IDs your organization can have in the RESERVED state at once.
- "Reserved": the number of CVE IDs that are in the RESERVED state across all years.
- "Available": the number of CVE IDs that can be reserved (that is, "Limit" - "Reserved")

- "Limit": how many CVE IDs your organization can have in the RESERVED state at once.
- "Reserved": the number of CVE IDs that are in the RESERVED state across all years.
- "Available": the number of CVE IDs that can be reserved (that is, "Limit" - "Reserved")
.PP
.SH OPTIONS
.TP
\fB\-\-raw\fP
Expand Down
30 changes: 15 additions & 15 deletions man/cve-reject.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE REJECT" "1" "2024-10-11" "1.6.0" "cve reject Manual"
.TH "CVE REJECT" "1" "2024-12-05" "1.6.0" "cve reject Manual"
.SH NAME
cve\-reject \- Reject a CVE record for a reserved or...
.SH SYNOPSIS
Expand All @@ -7,28 +7,28 @@ cve\-reject \- Reject a CVE record for a reserved or...
.SH DESCRIPTION
Reject a CVE record for a reserved or published CVE ID.
.PP
If the CVE is already rejected, this action will update its record if one is supplied.
A rejected CVE with a record can only be moved to the published state (see `cve publish`).
A rejected CVE without a record can be moved to the reserved state. A published CVE can only
be rejected with an accompanying record. Reserved CVEs can be rejected with or without a record.
If the CVE is already rejected, this action will update its record if one is supplied.
A rejected CVE with a record can only be moved to the published state (see `cve publish`).
A rejected CVE without a record can be moved to the reserved state. A published CVE can only
be rejected with an accompanying record. Reserved CVEs can be rejected with or without a record.
.PP
Note: Rejecting a published CVE removes both the CNA and ADP data of that record.
Note: Rejecting a published CVE removes both the CNA and ADP data of that record.
.PP
The CVE reject record can be specified as a string:
The CVE reject record can be specified as a string:
.PP
cve reject CVE-2022-1234 -j '{"rejectedReasons": [{"lang": "en", "value": "A reason."}]}'
cve reject CVE-2022-1234 -j '{"rejectedReasons": [{"lang": "en", "value": "A reason."}]}'
.PP
Or passed in a file:
Or passed in a file:
.PP
cve reject CVE-2022-1234 -f v5_reject_record.json
cve reject CVE-2022-1234 -f v5_reject_record.json
.PP
For information on the required properties in a given CVE JSON record, see the schema in:
For information on the required properties in a given CVE JSON record, see the schema in:
.PP
https://github.com/CVEProject/cve-schema/blob/master/schema/v5.0/CVE_JSON_5.0_schema.json
https://cveproject.github.io/cve-schema/schema/docs/
.PP
Because the CVE Services API only expects the cnaRejectedContainer contents of the full record,
the record you pass to this command can specify just that data, and not the full record.
.PP
Because the CVE Services API only expects the cnaRejectedContainer contents of the full record,
the record you pass to this command can specify just that data, and not the full record.

.SH OPTIONS
.TP
\fB\-j,\fP \-\-cve\-json TEXT
Expand Down
18 changes: 9 additions & 9 deletions man/cve-reserve.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE RESERVE" "1" "2024-10-11" "1.6.0" "cve reserve Manual"
.TH "CVE RESERVE" "1" "2024-12-05" "1.6.0" "cve reserve Manual"
.SH NAME
cve\-reserve \- Reserve one or more CVE IDs.
.SH SYNOPSIS
Expand All @@ -7,15 +7,15 @@ cve\-reserve \- Reserve one or more CVE IDs.
.SH DESCRIPTION
Reserve one or more CVE IDs. COUNT is the number of CVEs to reserve; defaults to 1.
.PP
CVE IDs can be reserved one by one (the lowest IDs are reserved first) or in batches of
multiple IDs per single request. When reserving multiple IDs, you can request those IDs to be
generated sequentially (default) or non-sequentially (random IDs are selected from your CVE ID
range).
CVE IDs can be reserved one by one (the lowest IDs are reserved first) or in batches of
multiple IDs per single request. When reserving multiple IDs, you can request those IDs to be
generated sequentially (default) or non-sequentially (random IDs are selected from your CVE ID
range).
.PP

For more information, see the "Developer Guide to CVE Services API":
https://github.com/CVEProject/cve-services/wiki/Developer-Guide-to-CVE-Services-API#different-reservation-types
.PP

For more information, see the "Developer Guide to CVE Services API":
https://github.com/CVEProject/cve-services/wiki/Developer-Guide-to-CVE-Services-API#different-reservation-types

.SH OPTIONS
.TP
\fB\-r,\fP \-\-random
Expand Down
4 changes: 2 additions & 2 deletions man/cve-show.1
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
.TH "CVE SHOW" "1" "2024-10-11" "1.6.0" "cve show Manual"
.TH "CVE SHOW" "1" "2024-12-05" "1.6.0" "cve show Manual"
.SH NAME
cve\-show \- Display a specific CVE ID (and optionally...
.SH SYNOPSIS
.B cve show
[OPTIONS] CVE_ID
.SH DESCRIPTION
Display a specific CVE ID (and optionally its record) owned by your CNA.
Display a specific CVE ID (and optionally its record).
.SH OPTIONS
.TP
\fB\-r,\fP \-\-show\-record
Expand Down
2 changes: 1 addition & 1 deletion man/cve-undo-reject.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE UNDO-REJECT" "1" "2024-10-11" "1.6.0" "cve undo-reject Manual"
.TH "CVE UNDO-REJECT" "1" "2024-12-05" "1.6.0" "cve undo-reject Manual"
.SH NAME
cve\-undo-reject \- Move a rejected CVE ID without a record...
.SH SYNOPSIS
Expand Down
10 changes: 5 additions & 5 deletions man/cve-user-create.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE USER CREATE" "1" "2024-10-11" "1.6.0" "cve user create Manual"
.TH "CVE USER CREATE" "1" "2024-12-05" "1.6.0" "cve user create Manual"
.SH NAME
cve\-user\-create \- Create a user in your organization.
.SH SYNOPSIS
Expand All @@ -7,11 +7,11 @@ cve\-user\-create \- Create a user in your organization.
.SH DESCRIPTION
Create a user in your organization.
.PP
This action is restricted to users with the ADMIN role.
This action is restricted to users with the ADMIN role.
.PP
Note: Once a user is created, they cannot be removed, only marked as inactive. Only create
users when you really need them.
.PP
Note: Once a user is created, they cannot be removed, only marked as inactive. Only create
users when you really need them.

.SH OPTIONS
.TP
\fB\-u,\fP \-\-username TEXT
Expand Down
8 changes: 4 additions & 4 deletions man/cve-user-reset-key.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE USER RESET-KEY" "1" "2024-10-11" "1.6.0" "cve user reset-key Manual"
.TH "CVE USER RESET-KEY" "1" "2024-12-05" "1.6.0" "cve user reset-key Manual"
.SH NAME
cve\-user\-reset-key \- Reset a user's personal access token (API...
.SH SYNOPSIS
Expand All @@ -7,10 +7,10 @@ cve\-user\-reset-key \- Reset a user's personal access token (API...
.SH DESCRIPTION
Reset a user's personal access token (API key).
.PP
You must explicitly specify the user being updated using the `-u` option.
You must explicitly specify the user being updated using the `-u` option.
.PP
This API key is used to authenticate each request to the CVE API.
.PP
This API key is used to authenticate each request to the CVE API.

.SH OPTIONS
.TP
\fB\-u,\fP \-\-username TEXT
Expand Down
8 changes: 4 additions & 4 deletions man/cve-user-update.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE USER UPDATE" "1" "2024-10-11" "1.6.0" "cve user update Manual"
.TH "CVE USER UPDATE" "1" "2024-12-05" "1.6.0" "cve user update Manual"
.SH NAME
cve\-user\-update \- Update a user.
.SH SYNOPSIS
Expand All @@ -7,10 +7,10 @@ cve\-user\-update \- Update a user.
.SH DESCRIPTION
Update a user.
.PP
You must explicitly specify the user being updated using the `-u` option.
You must explicitly specify the user being updated using the `-u` option.
.PP
To reset a user's API key, use `cve user reset-key`.
.PP
To reset a user's API key, use `cve user reset-key`.

.SH OPTIONS
.TP
\fB\-u,\fP \-\-username TEXT
Expand Down
2 changes: 1 addition & 1 deletion man/cve-user.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE USER" "1" "2024-10-11" "1.6.0" "cve user Manual"
.TH "CVE USER" "1" "2024-12-05" "1.6.0" "cve user Manual"
.SH NAME
cve\-user \- Show information about a user.
.SH SYNOPSIS
Expand Down
18 changes: 18 additions & 0 deletions man/cve-validate.1
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
.TH "CVE VALIDATE" "1" "2024-12-05" "1.6.0" "cve validate Manual"
.SH NAME
cve\-validate \- Validate a CVE record against the 5.1.1...
.SH SYNOPSIS
.B cve validate
[OPTIONS]
.SH DESCRIPTION
Validate a CVE record against the 5.1.1 CVE JSON (sub)schema.
.SH OPTIONS
.TP
\fB\-j,\fP \-\-cve\-json TEXT
JSON body of CVE record.
.TP
\fB\-f,\fP \-\-cve\-json\-file FILENAME
File containing JSON body of a CVE record.
.TP
\fB\-s,\fP \-\-schema\-type [full|cna\-published|cna\-rejected|adp]
Specific type of schema to validate against [default: cna-published]
6 changes: 5 additions & 1 deletion man/cve.1
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH "CVE" "1" "2024-10-11" "1.6.0" "cve Manual"
.TH "CVE" "1" "2024-12-05" "1.6.0" "cve Manual"
.SH NAME
cve \- A CLI interface for the CVE Services API.
.SH SYNOPSIS
Expand Down Expand Up @@ -70,6 +70,10 @@ Show the version and exit.
Show information about your organization.
See \fBcve-org(1)\fP for full documentation on the \fBorg\fP command.
.PP
\fBvalidate\fP
Validate a CVE record against the 5.1.1...
See \fBcve-validate(1)\fP for full documentation on the \fBvalidate\fP command.
.PP
\fBping\fP
Ping the CVE Services API to see if it is up.
See \fBcve-ping(1)\fP for full documentation on the \fBping\fP command.
Loading

0 comments on commit 3a6642c

Please sign in to comment.