Comments (10)
Ruby and Go implementations
We have a Ruby lib? Where? Maybe you're confused with the python one?
I didn't embed the vulndb/data as it seems to couple the sdk to the database (i.e., release an updated sdk each time the vulndb changes). But if embedding is the preference, let me know, so I can rectify.
It all depends on how developers on different languages are used to install/get/use their libs. I wrote the python implementation and included the DB just because it was easier for the end user (developer)
from data.
Give me 10min to review the PHP code
from data.
Review
git clone this repository.
Usually you put the name of the repo, so the users can copy+paste from the README.md file into a shell
https://github.com/vipsoft/vulndb-php/blob/master/composer.lock
Is this file really needed? If so, why do we have things like symphony
in there? Is that a real requirement for the php-vulndb?
"name": "vipsoft/vulndb-php",
When migrating to the vulndb
organization please change these
https://github.com/vipsoft/vulndb-php/blob/master/src/Service/ReferenceService.php#L55-L105
Seems that all the libs that consume the vulndb will have to implement something like that; maybe it's a good idea to have that data inside the vulndb
repository to avoid duplication? @robocoder If you agree please create an issue so we can work on this later
Excellent
Your code looks amazing, very ordered, with tests, easy to read (even for a non-php dev like me). I would love to have this code as part of vulndb
in github so people are able to easily find it.
TODO
- @m0sth8 to review this code and confirm he also wants to have it as part of
vulndb
- @robocoder to add CircleCI (or any other CI system of his choice) to the build process of the php SDK. I want the test suite to be run each time a push is made to the repo. Also, in the README.md of the php library add a "build badge" that shows the result of that build and link to the build details.
(once the above is done)
- @andresriancho to create a new repository in vulndb organization in github and give @robocoder push permissions
- @robocoder to migrate repo
- @robocoder to make sure the CI system builds work for the new repo
- @robocoder to search and replace code to point to the new repo location
- @robocoder to send pull request to update the list of SDKs at https://github.com/vulndb/data , include links for the php and go sdks
from data.
Sorry, I meant python lib. Too much ruby sass on the brain lately.
Thanks for the quick feedback. I've made the requested changes. The badges will fix themselves after the move.
from data.
Ping @m0sth8
from data.
👍 The code seems cool for me =) Thank you @robocoder
from data.
@robocoder feel free to migrate your repository to https://github.com/vulndb/php-sdk and complete the steps I've outlined in my previous comment.
Once again, thanks for the contributions!
from data.
Pushed.
Please register your username on packagist.org and travis-ci.org to get respective tokens. Then under "Settings" | "Webhooks and Services", add "Packagist" and "Travis CI" services. Thanks.
from data.
@robocoder yesterday I received an email from github about permissions for travis CI, I've approved it.
Not sure how to make the same process for packagist, it's the first time I'm using github for an organization instead of personal use, some things change.
If I receive a message from packagist.org (like I did for travis), I'll gladly accept/authorize access.
from data.
Also noted that there are No builds for this repository
at travis?
from data.
Related Issues (20)
- Add new vulnerabilities to database HOT 1
- Add new vulnerabilities to database (must-have)
- Write unittest to verify all JSON files comply with schema.json
- Write unittests required by specification HOT 2
- Avoid duplicated fix guidance HOT 6
- nmap might be interested in using vulndb/data
- Broad/Descriptive Tags On Entries HOT 6
- Remove Arachni-specific tags
- Markdown: 1- vs 1. HOT 1
- Translate database in russian HOT 7
- Add WASC references to existing vulnerabilities in DB
- Add field to describe who is affected by vulnerability HOT 1
- Add CVSS HOT 5
- Move markdown out of JSON files HOT 5
- cwe IDs HOT 3
- Add reference to CWE/SANS Top 25 (2011) HOT 5
- Move WASC TC v2 URLs to vulndb/data HOT 3
- Remove duplicated CWE data HOT 2
- Is this project still alive? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from data.