Hi, This week I:
- Implemented server-side search for the Github crawler[0]. - Documented and understood various vulnerability identifiers and security advisories, specific to vendors and organizations. Some of these include OVAL[1], CVRF[2], and advisories of Redhat[3], Gentoo[4], etc. - Searched for data sources available for some of the documented vulnerability identifiers to determine what format they are generally in. These sources are HTML pages, APIs transferring JSON or XML[5], plain text documents[6], Git repositories[7], RSS feeds, etc. - Started implementation of an abstraction to facilitate mapping of a vulnerability to one or more CVEs. - Refactored some older code I'd written for better readability and testability[8]. Wrote unit tests for the same using unittest and unittest.mock. - Migrated all my configs to a newer machine to work on. Cheers, Jaskaran [0] https://github.com/jajajasalu2/patch-finder/commit/21ac28115c8332ab5c20d3e78b7f44617d664a32 [1]http://oval.mitre.org/ [2]https://www.icasi.org/cvrf/ [3]https://access.redhat.com/security/security-updates/#/security-advisories [4]https://security.gentoo.org/glsa [5] https://access.redhat.com/documentation/en-us/red_hat_security_data_api/1.0/ [6] https://salsa.debian.org/security-tracker-team/security-tracker/blob/master/data/DSA/list [7]https://gitweb.gentoo.org/data/glsa.git [8] https://github.com/jajajasalu2/patch-finder/commit/857ef1a981d433a000b2519fc60c4930f08d43f9