Comments (5)
m0sth8
commented on July 22, 2024
Yes! It's nice and easy to edit markdown files in github
from data.
mdeous
commented on July 22, 2024
Has this issue progressed? I can help if you need.
from data.
andresriancho
commented on July 22, 2024
Sorry I was unable to do any work on this. PRs are welcome 👍
from data.
mdeous
commented on July 22, 2024
Ok, I started working on it, I have extracted all the descriptions and fixes to separate files using the script below (as some fixes are used in multiple vulns, the fix files can't be named after the vuln title, so for now I've decided to name them only after their id). I'll write the tests for this, and then I'll submit a PR.
All that will be left to do after that will be to find a meaningful title for every fix, but I believe this can be done later.
#!/usr/bin/env python
# coding: utf-8
import json
import os
from collections import OrderedDict
DB_DIR = os.path.join(os.path.abspath(os.path.dirname(__file__)), 'db')
DESC_DIR = os.path.join(DB_DIR, 'description')
FIX_DIR = os.path.join(DB_DIR, 'fix')
for p in (DESC_DIR, FIX_DIR):
if not os.path.exists(p):
os.mkdir(p)
fixes = []
for f in os.listdir(DB_DIR):
fpath = os.path.join(DB_DIR, f)
if not os.path.isfile(fpath):
continue
# read JSON file
with open(fpath) as ifile:
data = json.load(ifile, object_pairs_hook=OrderedDict)
title = f.replace('.json', '')
vuln_id = data['id']
# write description to markdown file
description = '\n'.join(data['description'])
descpath = os.path.join(DESC_DIR, title+'.md')
with open(descpath, 'w') as ofile:
print('writing description file: {}'.format(descpath))
ofile.write(description)
descref = '#/files/description/{}'.format(vuln_id)
# store fix for later processing
fix = '\n'.join(data['fix']['guidance'])
if fix not in fixes:
fixes.append(fix)
fix_id = fixes.index(fix)
fixref = '#/files/fix/{}'.format(fix_id)
# rewrite JSON file
print('rewriting JSON file: {}'.format(fpath))
data['description'] = {'$ref': descref}
data['fix']['guidance'] = {'$ref': fixref}
with open(fpath, 'w') as ofile:
json.dump(data, ofile, indent=2)
for fix_id, fix in enumerate(fixes):
fixpath = os.path.join(FIX_DIR, str(fix_id)+'.md')
with open(fixpath, 'w') as ofile:
print('writing fix file: {}'.format(fixpath))
ofile.write(fix)from data.
andresriancho
commented on July 22, 2024
Done! Thanks @mattoufoutu
from data.
Related Issues (20)
- Add new vulnerabilities to database HOT 1
- Add new vulnerabilities to database (must-have)
- Write unittest to verify all JSON files comply with schema.json
- Write unittests required by specification HOT 2
- Avoid duplicated fix guidance HOT 6
- nmap might be interested in using vulndb/data
- Broad/Descriptive Tags On Entries HOT 6
- Remove Arachni-specific tags
- Markdown: 1- vs 1. HOT 1
- Translate database in russian HOT 7
- Add WASC references to existing vulnerabilities in DB
- Add field to describe who is affected by vulnerability HOT 1
- Add CVSS HOT 5
- cwe IDs HOT 3
- Add reference to CWE/SANS Top 25 (2011) HOT 5
- php sdk HOT 10
- Move WASC TC v2 URLs to vulndb/data HOT 3
- Remove duplicated CWE data HOT 2
- Is this project still alive? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from data.