From f495f90f8463c550d4100bcfd1d9b2889afaa6c0 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Tue, 20 Jan 2026 03:06:42 +0000 Subject: [PATCH 1/8] Move alpine/debian converters into converters dir --- vulnfeeds/cmd/{ => converters}/alpine/Dockerfile | 0 vulnfeeds/cmd/{ => converters}/alpine/alpine_secdb.go | 0 .../cmd/{ => converters}/alpine/fixtures/invalid_versions.txt | 0 vulnfeeds/cmd/{ => converters}/alpine/fixtures/valid_versions.txt | 0 vulnfeeds/cmd/{ => converters}/alpine/main.go | 0 vulnfeeds/cmd/{ => converters}/alpine/run_alpine_convert.sh | 0 vulnfeeds/cmd/{ => converters}/alpine/verify.go | 0 vulnfeeds/cmd/{ => converters}/alpine/verify_test.go | 0 vulnfeeds/cmd/{ => converters}/debian/Dockerfile | 0 vulnfeeds/cmd/{ => converters}/debian/debian_security_tracker.go | 0 vulnfeeds/cmd/{ => converters}/debian/main.go | 0 vulnfeeds/cmd/{ => converters}/debian/main_test.go | 0 vulnfeeds/cmd/{ => converters}/debian/run_debian_convert.sh | 0 13 files changed, 0 insertions(+), 0 deletions(-) rename vulnfeeds/cmd/{ => converters}/alpine/Dockerfile (100%) rename vulnfeeds/cmd/{ => converters}/alpine/alpine_secdb.go (100%) rename vulnfeeds/cmd/{ => converters}/alpine/fixtures/invalid_versions.txt (100%) rename vulnfeeds/cmd/{ => converters}/alpine/fixtures/valid_versions.txt (100%) rename vulnfeeds/cmd/{ => converters}/alpine/main.go (100%) rename vulnfeeds/cmd/{ => converters}/alpine/run_alpine_convert.sh (100%) rename vulnfeeds/cmd/{ => converters}/alpine/verify.go (100%) rename vulnfeeds/cmd/{ => converters}/alpine/verify_test.go (100%) rename vulnfeeds/cmd/{ => converters}/debian/Dockerfile (100%) rename vulnfeeds/cmd/{ => converters}/debian/debian_security_tracker.go (100%) rename vulnfeeds/cmd/{ => converters}/debian/main.go (100%) rename vulnfeeds/cmd/{ => converters}/debian/main_test.go (100%) rename vulnfeeds/cmd/{ => converters}/debian/run_debian_convert.sh (100%) diff --git a/vulnfeeds/cmd/alpine/Dockerfile b/vulnfeeds/cmd/converters/alpine/Dockerfile similarity index 100% rename from vulnfeeds/cmd/alpine/Dockerfile rename to vulnfeeds/cmd/converters/alpine/Dockerfile diff --git a/vulnfeeds/cmd/alpine/alpine_secdb.go b/vulnfeeds/cmd/converters/alpine/alpine_secdb.go similarity index 100% rename from vulnfeeds/cmd/alpine/alpine_secdb.go rename to vulnfeeds/cmd/converters/alpine/alpine_secdb.go diff --git a/vulnfeeds/cmd/alpine/fixtures/invalid_versions.txt b/vulnfeeds/cmd/converters/alpine/fixtures/invalid_versions.txt similarity index 100% rename from vulnfeeds/cmd/alpine/fixtures/invalid_versions.txt rename to vulnfeeds/cmd/converters/alpine/fixtures/invalid_versions.txt diff --git a/vulnfeeds/cmd/alpine/fixtures/valid_versions.txt b/vulnfeeds/cmd/converters/alpine/fixtures/valid_versions.txt similarity index 100% rename from vulnfeeds/cmd/alpine/fixtures/valid_versions.txt rename to vulnfeeds/cmd/converters/alpine/fixtures/valid_versions.txt diff --git a/vulnfeeds/cmd/alpine/main.go b/vulnfeeds/cmd/converters/alpine/main.go similarity index 100% rename from vulnfeeds/cmd/alpine/main.go rename to vulnfeeds/cmd/converters/alpine/main.go diff --git a/vulnfeeds/cmd/alpine/run_alpine_convert.sh b/vulnfeeds/cmd/converters/alpine/run_alpine_convert.sh similarity index 100% rename from vulnfeeds/cmd/alpine/run_alpine_convert.sh rename to vulnfeeds/cmd/converters/alpine/run_alpine_convert.sh diff --git a/vulnfeeds/cmd/alpine/verify.go b/vulnfeeds/cmd/converters/alpine/verify.go similarity index 100% rename from vulnfeeds/cmd/alpine/verify.go rename to vulnfeeds/cmd/converters/alpine/verify.go diff --git a/vulnfeeds/cmd/alpine/verify_test.go b/vulnfeeds/cmd/converters/alpine/verify_test.go similarity index 100% rename from vulnfeeds/cmd/alpine/verify_test.go rename to vulnfeeds/cmd/converters/alpine/verify_test.go diff --git a/vulnfeeds/cmd/debian/Dockerfile b/vulnfeeds/cmd/converters/debian/Dockerfile similarity index 100% rename from vulnfeeds/cmd/debian/Dockerfile rename to vulnfeeds/cmd/converters/debian/Dockerfile diff --git a/vulnfeeds/cmd/debian/debian_security_tracker.go b/vulnfeeds/cmd/converters/debian/debian_security_tracker.go similarity index 100% rename from vulnfeeds/cmd/debian/debian_security_tracker.go rename to vulnfeeds/cmd/converters/debian/debian_security_tracker.go diff --git a/vulnfeeds/cmd/debian/main.go b/vulnfeeds/cmd/converters/debian/main.go similarity index 100% rename from vulnfeeds/cmd/debian/main.go rename to vulnfeeds/cmd/converters/debian/main.go diff --git a/vulnfeeds/cmd/debian/main_test.go b/vulnfeeds/cmd/converters/debian/main_test.go similarity index 100% rename from vulnfeeds/cmd/debian/main_test.go rename to vulnfeeds/cmd/converters/debian/main_test.go diff --git a/vulnfeeds/cmd/debian/run_debian_convert.sh b/vulnfeeds/cmd/converters/debian/run_debian_convert.sh similarity index 100% rename from vulnfeeds/cmd/debian/run_debian_convert.sh rename to vulnfeeds/cmd/converters/debian/run_debian_convert.sh From db52aad7cda22f949ae6fa9748547d4843a35888 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Tue, 20 Jan 2026 03:13:51 +0000 Subject: [PATCH 2/8] Make mirrors dir --- vulnfeeds/cmd/combine-to-osv/README.md | 4 ++-- vulnfeeds/cmd/{ => mirrors}/cpe-repo-gen/Dockerfile | 0 vulnfeeds/cmd/{ => mirrors}/cpe-repo-gen/README.md | 0 vulnfeeds/cmd/{ => mirrors}/cpe-repo-gen/build.sh | 0 vulnfeeds/cmd/{ => mirrors}/cpe-repo-gen/cpe-repo-gen_map.sh | 0 vulnfeeds/cmd/{ => mirrors}/cpe-repo-gen/main.go | 0 .../cmd/{ => mirrors}/debian-copyright-mirror/Dockerfile | 0 vulnfeeds/cmd/{ => mirrors}/debian-copyright-mirror/build.sh | 0 .../debian-copyright-mirror/debian-copyright-mirror.py | 0 .../debian-copyright-mirror/debian-copyright-mirror.sh | 0 vulnfeeds/cmd/{ => mirrors}/download-cves/Dockerfile | 0 vulnfeeds/cmd/{ => mirrors}/download-cves/main.go | 0 vulnfeeds/cmd/{ => mirrors}/download-cves/mirror_nvd.sh | 0 13 files changed, 2 insertions(+), 2 deletions(-) rename vulnfeeds/cmd/{ => mirrors}/cpe-repo-gen/Dockerfile (100%) rename vulnfeeds/cmd/{ => mirrors}/cpe-repo-gen/README.md (100%) rename vulnfeeds/cmd/{ => mirrors}/cpe-repo-gen/build.sh (100%) rename vulnfeeds/cmd/{ => mirrors}/cpe-repo-gen/cpe-repo-gen_map.sh (100%) rename vulnfeeds/cmd/{ => mirrors}/cpe-repo-gen/main.go (100%) rename vulnfeeds/cmd/{ => mirrors}/debian-copyright-mirror/Dockerfile (100%) rename vulnfeeds/cmd/{ => mirrors}/debian-copyright-mirror/build.sh (100%) rename vulnfeeds/cmd/{ => mirrors}/debian-copyright-mirror/debian-copyright-mirror.py (100%) rename vulnfeeds/cmd/{ => mirrors}/debian-copyright-mirror/debian-copyright-mirror.sh (100%) rename vulnfeeds/cmd/{ => mirrors}/download-cves/Dockerfile (100%) rename vulnfeeds/cmd/{ => mirrors}/download-cves/main.go (100%) rename vulnfeeds/cmd/{ => mirrors}/download-cves/mirror_nvd.sh (100%) diff --git a/vulnfeeds/cmd/combine-to-osv/README.md b/vulnfeeds/cmd/combine-to-osv/README.md index e9d1471ba0e..6d459f751c0 100644 --- a/vulnfeeds/cmd/combine-to-osv/README.md +++ b/vulnfeeds/cmd/combine-to-osv/README.md @@ -9,14 +9,14 @@ Combine [`PackageInfo`](https://github.com/google/osv.dev/blob/2c22e9534a521c6c6 To address the generation of CVE records from multiple disparate sources (all requiring a common record prefix): * Alpine, by [this code](../alpine) -* the NVD, by [this code](../nvd-cve-osv) +* the NVD, by [this code](../converters/cve/nvd-cve-osv) ## How See [`run_combine_to_osv_convert.sh`](run_combine_to_osv_convert.sh): * Reads from [`gs://cve-osv-conversion/parts`](https://storage.googleapis.com/cve-osv-conversion/index.html?prefix=parts/) -* Merges with CVE data from NVD (obtained from GCS mirror maintained by [`download-cves`](../download-cves/mirror_nvd.sh)) +* Merges with CVE data from NVD (obtained from GCS mirror maintained by [`download-cves`](../mirrors/download-cves/mirror_nvd.sh)) * Writes an OSV record to [`gs://cve-osv-conversion/osv-output`](https://storage.googleapis.com/cve-osv-conversion/index.html?prefix=osv-output/) * This is the import source for [`cve-osv`](https://github.com/google/osv.dev/blob/2c22e9534a521c6c6350275427f80e481065ca39/source.yaml#L96) * What gets written can be overridden by OSV records in [`gs://cve-osv-conversion/osv-output-overrides`](https://storage.googleapis.com/cve-osv-conversion/index.html?prefix=osv-output-overrides/) diff --git a/vulnfeeds/cmd/cpe-repo-gen/Dockerfile b/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile similarity index 100% rename from vulnfeeds/cmd/cpe-repo-gen/Dockerfile rename to vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile diff --git a/vulnfeeds/cmd/cpe-repo-gen/README.md b/vulnfeeds/cmd/mirrors/cpe-repo-gen/README.md similarity index 100% rename from vulnfeeds/cmd/cpe-repo-gen/README.md rename to vulnfeeds/cmd/mirrors/cpe-repo-gen/README.md diff --git a/vulnfeeds/cmd/cpe-repo-gen/build.sh b/vulnfeeds/cmd/mirrors/cpe-repo-gen/build.sh similarity index 100% rename from vulnfeeds/cmd/cpe-repo-gen/build.sh rename to vulnfeeds/cmd/mirrors/cpe-repo-gen/build.sh diff --git a/vulnfeeds/cmd/cpe-repo-gen/cpe-repo-gen_map.sh b/vulnfeeds/cmd/mirrors/cpe-repo-gen/cpe-repo-gen_map.sh similarity index 100% rename from vulnfeeds/cmd/cpe-repo-gen/cpe-repo-gen_map.sh rename to vulnfeeds/cmd/mirrors/cpe-repo-gen/cpe-repo-gen_map.sh diff --git a/vulnfeeds/cmd/cpe-repo-gen/main.go b/vulnfeeds/cmd/mirrors/cpe-repo-gen/main.go similarity index 100% rename from vulnfeeds/cmd/cpe-repo-gen/main.go rename to vulnfeeds/cmd/mirrors/cpe-repo-gen/main.go diff --git a/vulnfeeds/cmd/debian-copyright-mirror/Dockerfile b/vulnfeeds/cmd/mirrors/debian-copyright-mirror/Dockerfile similarity index 100% rename from vulnfeeds/cmd/debian-copyright-mirror/Dockerfile rename to vulnfeeds/cmd/mirrors/debian-copyright-mirror/Dockerfile diff --git a/vulnfeeds/cmd/debian-copyright-mirror/build.sh b/vulnfeeds/cmd/mirrors/debian-copyright-mirror/build.sh similarity index 100% rename from vulnfeeds/cmd/debian-copyright-mirror/build.sh rename to vulnfeeds/cmd/mirrors/debian-copyright-mirror/build.sh diff --git a/vulnfeeds/cmd/debian-copyright-mirror/debian-copyright-mirror.py b/vulnfeeds/cmd/mirrors/debian-copyright-mirror/debian-copyright-mirror.py similarity index 100% rename from vulnfeeds/cmd/debian-copyright-mirror/debian-copyright-mirror.py rename to vulnfeeds/cmd/mirrors/debian-copyright-mirror/debian-copyright-mirror.py diff --git a/vulnfeeds/cmd/debian-copyright-mirror/debian-copyright-mirror.sh b/vulnfeeds/cmd/mirrors/debian-copyright-mirror/debian-copyright-mirror.sh similarity index 100% rename from vulnfeeds/cmd/debian-copyright-mirror/debian-copyright-mirror.sh rename to vulnfeeds/cmd/mirrors/debian-copyright-mirror/debian-copyright-mirror.sh diff --git a/vulnfeeds/cmd/download-cves/Dockerfile b/vulnfeeds/cmd/mirrors/download-cves/Dockerfile similarity index 100% rename from vulnfeeds/cmd/download-cves/Dockerfile rename to vulnfeeds/cmd/mirrors/download-cves/Dockerfile diff --git a/vulnfeeds/cmd/download-cves/main.go b/vulnfeeds/cmd/mirrors/download-cves/main.go similarity index 100% rename from vulnfeeds/cmd/download-cves/main.go rename to vulnfeeds/cmd/mirrors/download-cves/main.go diff --git a/vulnfeeds/cmd/download-cves/mirror_nvd.sh b/vulnfeeds/cmd/mirrors/download-cves/mirror_nvd.sh similarity index 100% rename from vulnfeeds/cmd/download-cves/mirror_nvd.sh rename to vulnfeeds/cmd/mirrors/download-cves/mirror_nvd.sh From e200103eaf8f02c3faed41af278b03aa527683ed Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Tue, 20 Jan 2026 03:15:03 +0000 Subject: [PATCH 3/8] Move nvd conversion --- vulnfeeds/cmd/{ => converters/cve}/nvd-cve-osv/Dockerfile | 0 vulnfeeds/cmd/{ => converters/cve}/nvd-cve-osv/README.md | 0 vulnfeeds/cmd/{ => converters/cve}/nvd-cve-osv/build.sh | 0 vulnfeeds/cmd/{ => converters/cve}/nvd-cve-osv/main.go | 0 .../{ => converters/cve}/nvd-cve-osv/run_cve_to_osv_generation.sh | 0 5 files changed, 0 insertions(+), 0 deletions(-) rename vulnfeeds/cmd/{ => converters/cve}/nvd-cve-osv/Dockerfile (100%) rename vulnfeeds/cmd/{ => converters/cve}/nvd-cve-osv/README.md (100%) rename vulnfeeds/cmd/{ => converters/cve}/nvd-cve-osv/build.sh (100%) rename vulnfeeds/cmd/{ => converters/cve}/nvd-cve-osv/main.go (100%) rename vulnfeeds/cmd/{ => converters/cve}/nvd-cve-osv/run_cve_to_osv_generation.sh (100%) diff --git a/vulnfeeds/cmd/nvd-cve-osv/Dockerfile b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile similarity index 100% rename from vulnfeeds/cmd/nvd-cve-osv/Dockerfile rename to vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile diff --git a/vulnfeeds/cmd/nvd-cve-osv/README.md b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/README.md similarity index 100% rename from vulnfeeds/cmd/nvd-cve-osv/README.md rename to vulnfeeds/cmd/converters/cve/nvd-cve-osv/README.md diff --git a/vulnfeeds/cmd/nvd-cve-osv/build.sh b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/build.sh similarity index 100% rename from vulnfeeds/cmd/nvd-cve-osv/build.sh rename to vulnfeeds/cmd/converters/cve/nvd-cve-osv/build.sh diff --git a/vulnfeeds/cmd/nvd-cve-osv/main.go b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/main.go similarity index 100% rename from vulnfeeds/cmd/nvd-cve-osv/main.go rename to vulnfeeds/cmd/converters/cve/nvd-cve-osv/main.go diff --git a/vulnfeeds/cmd/nvd-cve-osv/run_cve_to_osv_generation.sh b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/run_cve_to_osv_generation.sh similarity index 100% rename from vulnfeeds/cmd/nvd-cve-osv/run_cve_to_osv_generation.sh rename to vulnfeeds/cmd/converters/cve/nvd-cve-osv/run_cve_to_osv_generation.sh From 2ddd9206dac618f633cb47a9a369a45086d94b82 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Tue, 20 Jan 2026 03:17:27 +0000 Subject: [PATCH 4/8] move and rename cve5 converters --- .../cve/cve5/bulk-converter}/Dockerfile | 0 .../cve/cve5/bulk-converter}/cna_allowlist.txt | 0 .../cve/cve5/bulk-converter}/main.go | 0 .../cve/cve5/bulk-converter}/run-cvelist-converter.sh | 0 .../cve/cve5/single-converter}/main.go | 0 5 files changed, 0 insertions(+), 0 deletions(-) rename vulnfeeds/cmd/{cve-bulk-converter => converters/cve/cve5/bulk-converter}/Dockerfile (100%) rename vulnfeeds/cmd/{cve-bulk-converter => converters/cve/cve5/bulk-converter}/cna_allowlist.txt (100%) rename vulnfeeds/cmd/{cve-bulk-converter => converters/cve/cve5/bulk-converter}/main.go (100%) rename vulnfeeds/cmd/{cve-bulk-converter => converters/cve/cve5/bulk-converter}/run-cvelist-converter.sh (100%) rename vulnfeeds/cmd/{cve-single-converter => converters/cve/cve5/single-converter}/main.go (100%) diff --git a/vulnfeeds/cmd/cve-bulk-converter/Dockerfile b/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile similarity index 100% rename from vulnfeeds/cmd/cve-bulk-converter/Dockerfile rename to vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile diff --git a/vulnfeeds/cmd/cve-bulk-converter/cna_allowlist.txt b/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/cna_allowlist.txt similarity index 100% rename from vulnfeeds/cmd/cve-bulk-converter/cna_allowlist.txt rename to vulnfeeds/cmd/converters/cve/cve5/bulk-converter/cna_allowlist.txt diff --git a/vulnfeeds/cmd/cve-bulk-converter/main.go b/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/main.go similarity index 100% rename from vulnfeeds/cmd/cve-bulk-converter/main.go rename to vulnfeeds/cmd/converters/cve/cve5/bulk-converter/main.go diff --git a/vulnfeeds/cmd/cve-bulk-converter/run-cvelist-converter.sh b/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/run-cvelist-converter.sh similarity index 100% rename from vulnfeeds/cmd/cve-bulk-converter/run-cvelist-converter.sh rename to vulnfeeds/cmd/converters/cve/cve5/bulk-converter/run-cvelist-converter.sh diff --git a/vulnfeeds/cmd/cve-single-converter/main.go b/vulnfeeds/cmd/converters/cve/cve5/single-converter/main.go similarity index 100% rename from vulnfeeds/cmd/cve-single-converter/main.go rename to vulnfeeds/cmd/converters/cve/cve5/single-converter/main.go From f71c2ed721d3a2a5818d73fef848b965538e6ba5 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Tue, 20 Jan 2026 03:21:44 +0000 Subject: [PATCH 5/8] Fix routing --- vulnfeeds/cmd/converters/cve/nvd-cve-osv/build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnfeeds/cmd/converters/cve/nvd-cve-osv/build.sh b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/build.sh index 9720c0dad53..5dc5ba89abb 100755 --- a/vulnfeeds/cmd/converters/cve/nvd-cve-osv/build.sh +++ b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/build.sh @@ -21,5 +21,5 @@ cd ../../ docker build \ -t gcr.io/oss-vdb/nvd-cve-osv:latest \ - -f cmd/nvd-cve-osv/Dockerfile --pull . && \ + -f cmd/cve/nvd-cve-osv/Dockerfile --pull . && \ gcloud docker -- push gcr.io/oss-vdb/nvd-cve-osv:latest From f7130cd8943a392c4581a34d98dea70593de2110 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Tue, 20 Jan 2026 05:27:27 +0000 Subject: [PATCH 6/8] fix test path --- vulnfeeds/cmd/converters/debian/main_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vulnfeeds/cmd/converters/debian/main_test.go b/vulnfeeds/cmd/converters/debian/main_test.go index 8706a1b75c1..7757c2efe93 100644 --- a/vulnfeeds/cmd/converters/debian/main_test.go +++ b/vulnfeeds/cmd/converters/debian/main_test.go @@ -40,7 +40,7 @@ func sortAffected(affected []*osvschema.Affected) { func loadTestData(t *testing.T, cveName string) cves.Vulnerability { t.Helper() - fileName := fmt.Sprintf("../../test_data/nvdcve-2.0/%s.json", cveName) + fileName := fmt.Sprintf("../../../test_data/nvdcve-2.0/%s.json", cveName) file, err := os.Open(fileName) if err != nil { t.Fatalf("Failed to load test data from %q: %#v", fileName, err) @@ -65,7 +65,7 @@ func TestGenerateOSVFromDebianTracker(t *testing.T) { now := time.Date(2024, 7, 1, 0, 0, 0, 0, time.UTC) var trackerData DebianSecurityTrackerData - if err := json.Unmarshal(mustRead(t, "../../test_data/debian/debian_security_tracker_mock.json"), &trackerData); err != nil { + if err := json.Unmarshal(mustRead(t, "../../../test_data/debian/debian_security_tracker_mock.json"), &trackerData); err != nil { t.Fatalf("Failed to unmarshal test data: %v", err) } From f99caece8fa3998721f287e1639ee67bed3c736c Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Tue, 20 Jan 2026 05:45:11 +0000 Subject: [PATCH 7/8] Refactor duplicate use of CPE --- vulnfeeds/cves/versions.go | 4 ++-- vulnfeeds/cves/versions_test.go | 10 +++++----- vulnfeeds/models/types.go | 2 +- vulnfeeds/vulns/vulns.go | 1 - 4 files changed, 8 insertions(+), 9 deletions(-) diff --git a/vulnfeeds/cves/versions.go b/vulnfeeds/cves/versions.go index 163c9a229a3..38e80babe55 100644 --- a/vulnfeeds/cves/versions.go +++ b/vulnfeeds/cves/versions.go @@ -836,7 +836,7 @@ func RemoveQuoting(s string) (result string) { } // Parse a well-formed CPE string into a struct. -func ParseCPE(formattedString string) (*models.CPE, error) { +func ParseCPE(formattedString string) (*models.CPEString, error) { if !strings.HasPrefix(formattedString, "cpe:") { return nil, fmt.Errorf("%q does not have expected 'cpe:' prefix", formattedString) } @@ -847,7 +847,7 @@ func ParseCPE(formattedString string) (*models.CPE, error) { return nil, err } - return &models.CPE{ + return &models.CPEString{ CPEVersion: strings.Split(formattedString, ":")[1], Part: wfn.GetString("part"), Vendor: RemoveQuoting(wfn.GetString("vendor")), diff --git a/vulnfeeds/cves/versions_test.go b/vulnfeeds/cves/versions_test.go index 69e9bd9411f..09852d7716d 100644 --- a/vulnfeeds/cves/versions_test.go +++ b/vulnfeeds/cves/versions_test.go @@ -43,7 +43,7 @@ func TestParseCPE(t *testing.T) { tests := []struct { description string inputCPEString string - expectedCPEStruct *models.CPE + expectedCPEStruct *models.CPEString expectedOk bool }{ { @@ -67,7 +67,7 @@ func TestParseCPE(t *testing.T) { }, { description: "valid input (hardware)", inputCPEString: "cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*", - expectedCPEStruct: &models.CPE{ + expectedCPEStruct: &models.CPEString{ CPEVersion: "2.3", Part: "h", Vendor: "intel", @@ -86,7 +86,7 @@ func TestParseCPE(t *testing.T) { { description: "valid input (software)", inputCPEString: "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", - expectedCPEStruct: &models.CPE{ + expectedCPEStruct: &models.CPEString{ CPEVersion: "2.3", Part: "a", Vendor: "gitlab", @@ -105,7 +105,7 @@ func TestParseCPE(t *testing.T) { { description: "valid input (software) with embedded colons", inputCPEString: "cpe:2.3:a:http\\:\\:daemon_project:http\\:\\:daemon:*:*:*:*:*:*:*:*", - expectedCPEStruct: &models.CPE{ + expectedCPEStruct: &models.CPEString{ CPEVersion: "2.3", Part: "a", Vendor: "http::daemon_project", @@ -124,7 +124,7 @@ func TestParseCPE(t *testing.T) { { description: "valid input (software) with escaped characters", inputCPEString: "cpe:2.3:a:bloodshed:dev-c\\+\\+:4.9.9.2:*:*:*:*:*:*:*", - expectedCPEStruct: &models.CPE{ + expectedCPEStruct: &models.CPEString{ CPEVersion: "2.3", Part: "a", Vendor: "bloodshed", diff --git a/vulnfeeds/models/types.go b/vulnfeeds/models/types.go index b48c3eefab8..54e5e27d166 100644 --- a/vulnfeeds/models/types.go +++ b/vulnfeeds/models/types.go @@ -219,7 +219,7 @@ func (vi *VersionInfo) Duplicated(candidate AffectedCommit) bool { return false } -type CPE struct { +type CPEString struct { CPEVersion string Part string Vendor string diff --git a/vulnfeeds/vulns/vulns.go b/vulnfeeds/vulns/vulns.go index 9cf1c6dd111..3f6eeb319b0 100644 --- a/vulnfeeds/vulns/vulns.go +++ b/vulnfeeds/vulns/vulns.go @@ -81,7 +81,6 @@ const ( Spaces // Contains space characters Empty // Contains no entry Filler // Has been determined to be a filler word - ) // AttachExtractedVersionInfo converts the models.VersionInfo struct to OSV GIT and ECOSYSTEM AffectedRanges and AffectedPackage. From 3d193d7877e90df0999787449e5021833e3420e3 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Wed, 21 Jan 2026 03:56:42 +0000 Subject: [PATCH 8/8] Fix dockerfile routing --- vulnfeeds/cmd/converters/alpine/Dockerfile | 4 ++-- vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile | 4 ++-- vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile | 4 ++-- vulnfeeds/cmd/converters/debian/Dockerfile | 4 ++-- vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile | 4 ++-- vulnfeeds/cmd/mirrors/download-cves/Dockerfile | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/vulnfeeds/cmd/converters/alpine/Dockerfile b/vulnfeeds/cmd/converters/alpine/Dockerfile index e760dbecc48..88202fd616c 100644 --- a/vulnfeeds/cmd/converters/alpine/Dockerfile +++ b/vulnfeeds/cmd/converters/alpine/Dockerfile @@ -22,13 +22,13 @@ COPY ./go.sum /src/go.sum RUN go mod download COPY ./ /src/ -RUN go build -o alpine-osv ./cmd/alpine/ +RUN go build -o alpine-osv ./cmd/converters/alpine/ FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:feca5d4cb9b422e124e6f28b8ed2e714160757eb383eaae712117c75f584aa2f WORKDIR /root/ COPY --from=GO_BUILD /src/alpine-osv ./ -COPY ./cmd/alpine/run_alpine_convert.sh ./ +COPY ./cmd/converters/alpine/run_alpine_convert.sh ./ ENTRYPOINT ["/root/run_alpine_convert.sh"] diff --git a/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile b/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile index 79b5dff1120..4efd790b895 100644 --- a/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile +++ b/vulnfeeds/cmd/converters/cve/cve5/bulk-converter/Dockerfile @@ -23,13 +23,13 @@ RUN go mod download && go mod verify COPY ./ /src/ -RUN go build -o cve-bulk-converter ./cmd/cve-bulk-converter/ +RUN go build -o cve-bulk-converter ./cmd/converters/cve/cve5/bulk-converter/ FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:feca5d4cb9b422e124e6f28b8ed2e714160757eb383eaae712117c75f584aa2f RUN apk --no-cache add jq WORKDIR /root/ COPY --from=go_build /src/cve-bulk-converter ./ -COPY ./cmd/cve-bulk-converter/run-cvelist-converter.sh ./ +COPY ./cmd/converters/cve/cve5/bulk-converter/run-cvelist-converter.sh ./ ENTRYPOINT ["/root/run-cvelist-converter.sh"] diff --git a/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile index 34a9e8e4ad7..ddd1fec8ee8 100644 --- a/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile +++ b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/Dockerfile @@ -20,12 +20,12 @@ COPY go.mod go.sum ./ RUN go mod download && go mod verify COPY . . -RUN CGO_ENABLED=0 go build -v -o /usr/local/bin ./cmd/nvd-cve-osv ./cmd/download-cves +RUN CGO_ENABLED=0 go build -v -o /usr/local/bin ./cmd/converters/cve/nvd-cve-osv ./cmd/mirrors/download-cves FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:feca5d4cb9b422e124e6f28b8ed2e714160757eb383eaae712117c75f584aa2f RUN apk --no-cache add jq COPY --from=GO_BUILD /usr/local/bin/ ./usr/local/bin/ -COPY --from=GO_BUILD /go/src/cmd/nvd-cve-osv/run_cve_to_osv_generation.sh ./usr/local/bin/ +COPY --from=GO_BUILD /go/src/cmd/converters/cve/nvd-cve-osv/run_cve_to_osv_generation.sh ./usr/local/bin/ CMD ["/usr/local/bin/run_cve_to_osv_generation.sh"] diff --git a/vulnfeeds/cmd/converters/debian/Dockerfile b/vulnfeeds/cmd/converters/debian/Dockerfile index 31d08c85454..09f9954a506 100644 --- a/vulnfeeds/cmd/converters/debian/Dockerfile +++ b/vulnfeeds/cmd/converters/debian/Dockerfile @@ -22,14 +22,14 @@ COPY ./go.sum /src/go.sum RUN go mod download COPY ./ /src/ -RUN go build -o debian ./cmd/debian/ +RUN go build -o debian ./cmd/converters/debian/ FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:feca5d4cb9b422e124e6f28b8ed2e714160757eb383eaae712117c75f584aa2f WORKDIR /root/ COPY --from=GO_BUILD /src/debian ./ -COPY ./cmd/debian/run_debian_convert.sh ./ +COPY ./cmd/converters/debian/run_debian_convert.sh ./ RUN chmod 755 ./run_debian_convert.sh diff --git a/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile b/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile index c913d687c34..71a4fbec30c 100644 --- a/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile +++ b/vulnfeeds/cmd/mirrors/cpe-repo-gen/Dockerfile @@ -22,13 +22,13 @@ COPY ./go.sum /src/go.sum RUN go mod download COPY ./ /src/ -RUN CGO_ENABLED=0 go build -o cpe-repo-gen ./cmd/cpe-repo-gen +RUN CGO_ENABLED=0 go build -o cpe-repo-gen ./cmd/mirrors/cpe-repo-gen FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:feca5d4cb9b422e124e6f28b8ed2e714160757eb383eaae712117c75f584aa2f RUN apk add --no-cache unzip COPY --from=GO_BUILD /src/cpe-repo-gen ./ -COPY ./cmd/cpe-repo-gen/cpe-repo-gen_map.sh ./ +COPY ./cmd/mirrors/cpe-repo-gen/cpe-repo-gen_map.sh ./ ENTRYPOINT ["/cpe-repo-gen_map.sh"] diff --git a/vulnfeeds/cmd/mirrors/download-cves/Dockerfile b/vulnfeeds/cmd/mirrors/download-cves/Dockerfile index 2476f82d04a..bcb2c6a2fbf 100644 --- a/vulnfeeds/cmd/mirrors/download-cves/Dockerfile +++ b/vulnfeeds/cmd/mirrors/download-cves/Dockerfile @@ -22,12 +22,12 @@ COPY ./go.sum /src/go.sum RUN go mod download COPY ./ /src/ -RUN go build -o download-cves ./cmd/download-cves/ +RUN go build -o download-cves ./cmd/mirrors/download-cves/ FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:feca5d4cb9b422e124e6f28b8ed2e714160757eb383eaae712117c75f584aa2f WORKDIR /usr/local/bin COPY --from=GO_BUILD /src/download-cves ./ -COPY ./cmd/download-cves/mirror_nvd.sh ./ +COPY ./cmd/mirrors/download-cves/mirror_nvd.sh ./ ENTRYPOINT ["/usr/local/bin/mirror_nvd.sh"]