Skip to content

New plugin for CVE Services API #427

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ppaeps wants to merge 1 commit into
base: main
Choose a base branch
from
Open

New plugin for CVE Services API #427

ppaeps wants to merge 1 commit into from

Conversation

@ppaeps
Copy link

@ppaeps ppaeps commented Feb 13, 2024

Overview

The CVE Services API allows CVE Numbering Authorities (CNAs) to reserve, publish, and manage CVE IDs. This plugin sets the environment variables required to use the reference cvelib implementation of the API.

See also:
https://www.cve.org/AllResources/CveServices
https://github.com/RedHatProductSecurity/cvelib
https://vulnogram.github.io/cve5/#cvePortal

Type of change

  • Created a new plugin
  • Improved an existing plugin
  • Fixed a bug in an existing plugin
  • Improved contributor utilities or experience

How To Test

The CVE Services API can only be used by CNAs. Assuming you are a CNA (or a CNA can provide you with a test user), you can test authentication with cve ping.

Changelog

New CLI plugin for the CVE Services API.

@ppaeps ppaeps force-pushed the pp-add-cvelib branch 2 times, most recently from 09d673b to 40147f9 Compare April 9, 2024 04:18
@github-actions
Copy link
Contributor

github-actions bot commented Jun 18, 2024

⚠️ This PR contains unsigned commits. To get your PR merged, please sign those commits (git rebase --exec 'git commit -S --amend --no-edit -n' @{upstream}) and force push them to this branch (git push --force-with-lease).

If you're new to commit signing, there are different ways to set it up:

Sign commits with gpg

Follow the steps below to set up commit signing with gpg:

  1. Generate a GPG key
  2. Add the GPG key to your GitHub account
  3. Configure git to use your GPG key for commit signing
Sign commits with ssh-agent

Follow the steps below to set up commit signing with ssh-agent:

  1. Generate an SSH key and add it to ssh-agent
  2. Add the SSH key to your GitHub account
  3. Configure git to use your SSH key for commit signing
Sign commits with 1Password

You can also sign commits using 1Password, which lets you sign commits with biometrics without the signing key leaving the local 1Password process.

Learn how to use 1Password to sign your commits.

Watch the demo

@ppaeps
plugins/cvelib: new plugin for CVE Services API
837d421 
The CVE Services API allows CVE Numbering Authorities (CNAs) to reserve,
publish, and manage CVE IDs.  This plugin sets the environment variables
required to use the reference cvelib implementation of the API.

See also: https://www.cve.org/AllResources/CveServices
          https://github.com/RedHatProductSecurity/cvelib
          https://vulnogram.github.io/cve5/#cvePortal
@ppaeps
Copy link
Author

ppaeps commented Oct 8, 2025

I have been using this plugin for over a year. What is blocking this PR from being reviewed/merged? I've just force-pushed a very uneventful rebase on main.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ppaeps