aboutsummaryrefslogtreecommitdiff
path: root/nvdmirror
diff options
context:
space:
mode:
Diffstat (limited to 'nvdmirror')
-rw-r--r--nvdmirror/sync.go1
-rw-r--r--nvdmirror/syncconfig.go13
-rw-r--r--nvdmirror/syncconfig_test.go22
3 files changed, 36 insertions, 0 deletions
diff --git a/nvdmirror/sync.go b/nvdmirror/sync.go
index 430842f..afdc260 100644
--- a/nvdmirror/sync.go
+++ b/nvdmirror/sync.go
@@ -40,5 +40,6 @@ func Sync(config SyncConfig, cache Cache, dstDir string) []string {
ctx.checkMetas(ctx.fetchMetas()),
config.GetCpeDictUrl(),
config.GetCisaKevcUrl(),
+ config.GetCweListUrl(),
))
}
diff --git a/nvdmirror/syncconfig.go b/nvdmirror/syncconfig.go
index 9cb5397..e80e12e 100644
--- a/nvdmirror/syncconfig.go
+++ b/nvdmirror/syncconfig.go
@@ -21,6 +21,9 @@ type SyncConfig struct {
// CISA known exploited vulnerabilities catalog (KEVC) URL.
CisaKevcUrl string
+ // Common Weakness Enumeration list URL.
+ CweListUrl string
+
// User agent string. Set to "" for default user agent string.
UserAgent string
@@ -37,6 +40,7 @@ var DefaultConfig = SyncConfig {
CpeMatch10BaseUrl: "https://nvd.nist.gov/feeds/json/cpematch/1.0",
Cpe23DictUrl: "https://nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz",
CisaKevcUrl: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json",
+ CweListUrl: "https://cwe.mitre.org/data/xml/cwec_latest.xml.zip",
UserAgent: "cvez/0.1.0",
}
@@ -91,6 +95,15 @@ func (me SyncConfig) GetCisaKevcUrl() string {
}
}
+// Get CWE list URL.
+func (me SyncConfig) GetCweListUrl() string {
+ if len(me.CweListUrl) > 0 {
+ return me.CweListUrl
+ } else {
+ return DefaultConfig.CweListUrl
+ }
+}
+
// get meta URL map.
func (me SyncConfig) getMetaUrls() map[string]string {
// calculate total number of years
diff --git a/nvdmirror/syncconfig_test.go b/nvdmirror/syncconfig_test.go
index 5f57b2d..91c900d 100644
--- a/nvdmirror/syncconfig_test.go
+++ b/nvdmirror/syncconfig_test.go
@@ -141,6 +141,28 @@ func TestSyncConfigGetCisaKevcUrl(t *testing.T) {
}
}
+func TestSyncConfigGetCweListUrl(t *testing.T) {
+ tests := []struct {
+ name string
+ val string
+ exp string
+ } {
+ { "custom", "https://example.com/", "https://example.com/" },
+ { "default", "", DefaultConfig.CweListUrl },
+ }
+
+ for _, test := range(tests) {
+ t.Run(test.name, func(t *testing.T) {
+ config := SyncConfig { CweListUrl: test.val }
+
+ got := config.GetCweListUrl()
+ if got != test.exp {
+ t.Errorf("got \"%s\", exp \"%s\"", got, test.exp)
+ }
+ })
+ }
+}
+
func TestSyncConfigGetMetaUrls(t *testing.T) {
// declare expected result
exp := make(map[string]string)