From 56c5094387246baa5970776cc4eb56defa7f3024 Mon Sep 17 00:00:00 2001 From: zjm <1076115376@qq.com> Date: Mon, 26 Dec 2022 08:36:02 +0800 Subject: [PATCH 1/2] fix sql --- cve-vulner-manager/common/common.go | 13 ++++--------- cve-vulner-manager/models/cve.go | 2 +- cve-vulner-manager/task/issuetask.go | 2 +- cve-vulner-manager/util/http.go | 8 +++++--- 4 files changed, 11 insertions(+), 14 deletions(-) diff --git a/cve-vulner-manager/common/common.go b/cve-vulner-manager/common/common.go index a6ea90f..2db1656 100644 --- a/cve-vulner-manager/common/common.go +++ b/cve-vulner-manager/common/common.go @@ -584,20 +584,15 @@ func GetCveSource(cve string) (source int) { return } -func ValidateMajunPack(cve, pack string) (source int) { - source = 0 - if len(cve) == 0 { - return - } +func ValidateMajunPack(cve, pack string) bool { o := orm.NewOrm() var res Source - err := o.Raw("select source from cve_origin_upstream_record where cve_num = ? and git_packname like ? ORDER BY cve_record_id DESC", cve, "%"+pack+"%").QueryRow(&res) + err := o.Raw("select source from cve_origin_upstream where cve_num = ? and git_packname like ?", cve, "%"+pack+"%").QueryRow(&res) if err != nil { logs.Error(err) - return + return false } - source = res.Source - return + return true } func GetCveSourceRecord(cve string) (source int) { diff --git a/cve-vulner-manager/models/cve.go b/cve-vulner-manager/models/cve.go index 7edfbca..f0f9b95 100644 --- a/cve-vulner-manager/models/cve.go +++ b/cve-vulner-manager/models/cve.go @@ -143,7 +143,7 @@ func QueryOriginCve(days string, prcnum, credibilityLevel int, list []string) ([ "order by cve_id asc limit ?", 0, 1, credibilityLevel, prcnum).QueryRows(&gs) } if err == nil && num > 0 { - logs.Info("QueryOriginCveIssue, cve_origin_upstream, search result: ", num) + //logs.Info("QueryOriginCveIssue, cve_origin_upstream, search result: ", num) } else { logs.Info("QueryOriginCveIssue, There are currently no new or updated automated submission cve, cur_time:", common.GetCurTime(), ", err: ", err) diff --git a/cve-vulner-manager/task/issuetask.go b/cve-vulner-manager/task/issuetask.go index cd42fc7..0f8c36b 100644 --- a/cve-vulner-manager/task/issuetask.go +++ b/cve-vulner-manager/task/issuetask.go @@ -782,7 +782,7 @@ func OpenLooKengIssue(issueValue models.VulnCenter, accessToken, owner, path, as //ProcIssue Deal with issue func ProcIssue(issueValue models.VulnCenter, accessToken, owner string) error { owner, accessToken = common.GetOwnerAndToken(issueValue.CveNum, issueValue.OrganizationID, 1) - if accessToken == beego.AppConfig.String("majun::token") && common.ValidateMajunPack(issueValue.CveNum, issueValue.RepoName) != 1 { + if accessToken == beego.AppConfig.String("majun::token") && !common.ValidateMajunPack(issueValue.CveNum, issueValue.RepoName) { return nil } assignee := "" diff --git a/cve-vulner-manager/util/http.go b/cve-vulner-manager/util/http.go index 8ba2c0e..197592e 100644 --- a/cve-vulner-manager/util/http.go +++ b/cve-vulner-manager/util/http.go @@ -2,15 +2,17 @@ package util import ( "bytes" - "cvevulner/common" "encoding/json" "fmt" - "github.com/astaxie/beego/logs" "io/ioutil" "net/http" "net/url" "strconv" "strings" + + "github.com/astaxie/beego/logs" + + "cvevulner/common" ) //RequestInfo http request information @@ -230,7 +232,7 @@ func HTTPGetCom(urls string) ([]byte, error) { logs.Error(err) return nil, err } - logs.Info("body: \n", string(body), "url: ", urls) + //logs.Info("body: \n", string(body), "url: ", urls) return body, nil } -- Gitee From e9c58fd87aef775ec8c2c2d38de6b1c00e0e36ae Mon Sep 17 00:00:00 2001 From: zjm <1076115376@qq.com> Date: Thu, 29 Dec 2022 14:05:43 +0800 Subject: [PATCH 2/2] add openEuler-22.03-LTS-SP1 branch --- cve-vulner-manager/conf/product_app.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cve-vulner-manager/conf/product_app.conf b/cve-vulner-manager/conf/product_app.conf index da4450b..dbfc8dc 100644 --- a/cve-vulner-manager/conf/product_app.conf +++ b/cve-vulner-manager/conf/product_app.conf @@ -173,7 +173,7 @@ cve_number_t = 2018 # Create an issue's repo whitelist;1: open; 2: close issue_whitelist = 2 # List of affected branches: openEuler-20.03-LTS,openEuler-20.03-LTS-SP1 -affected_branchs = "openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS" +affected_branchs = "openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1" abandoned_branchs = "openEuler-20.03-LTS,openEuler-21.03,openEuler-21.09,openEuler-20.09" # Close the highest privilege of issue:1:open;2:close close_issue_privilege = 2 @@ -190,7 +190,7 @@ credibility_level = 6 # Date before adding the security bulletin link task sec_link_date = -100 # Branch configuration of cve that needs to submit an issue -submit_issue_branch = "openEuler-22.03-LTS,openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2,openEuler-20.03-LTS-SP3,openEuler-20.03-LTS-Next,openEuler-21.03,master" +submit_issue_branch = "openEuler-22.03-LTS,openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2,openEuler-20.03-LTS-SP3,openEuler-20.03-LTS-Next,openEuler-21.03,master,openEuler-22.03-LTS-SP1" # De-duplication de_duplication_date = -100 # table num @@ -214,7 +214,7 @@ snsuffix = 1002 # example: openEuler-20.03-LTS@http://119.3.219.20:88/mkb/obs_update_info/openEuler-20.03-LTS.csv; # openEuler-20.03-LTS-SP1@http://119.3.219.20:88/mkb/obs_update_info/openEuler-20.03-LTS-SP1.csv # public sa format: openEuler-20.03-LTS@https;openEuler-20.03-LTS-SP1@https -v_pack_20_03_url = "openEuler-20.03-LTS-SP1@https;openEuler-20.03-LTS-SP3@https;openEuler-22.03-LTS@https" +v_pack_20_03_url = "openEuler-20.03-LTS-SP1@https;openEuler-20.03-LTS-SP3@https;openEuler-22.03-LTS@https;openEuler-22.03-LTS-SP1@https" # Time difference in different time zones sa_timestamp_zone = 28810 unaffect_year = 2018 -- Gitee