From fc7423fd70b548e7b498fa515300cca47e5a2f37 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Bonhomme?= Date: Tue, 14 Jan 2025 20:49:37 +0100 Subject: [PATCH] chg: [stream] Regular expressions are now defined in the configuration file. --- fedivuln/conf_sample.py | 15 +++++++++++++++ fedivuln/config.py | 2 ++ fedivuln/stream.py | 14 +------------- pyproject.toml | 2 +- 4 files changed, 19 insertions(+), 14 deletions(-) diff --git a/fedivuln/conf_sample.py b/fedivuln/conf_sample.py index a730f0c..e47f40a 100644 --- a/fedivuln/conf_sample.py +++ b/fedivuln/conf_sample.py @@ -1,3 +1,5 @@ +import re + # ### Mastodon # Connection to Mastodon @@ -21,6 +23,19 @@ "on Vulnerability-Lookup:\n\n\n#VulnerabilityLookup #Vulnerability #Cybersecurity #bot", } +# Regular expression to match CVE, GHSA, and PySec IDs +vulnerability_patterns = re.compile( + r"\b(CVE-\d{4}-\d{4,})\b" # CVE pattern + r"|\b(GHSA-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{4})\b" # GHSA pattern + r"|\b(PYSEC-\d{4}-\d{2,5})\b" # PYSEC pattern + r"|\b(GSD-\d{4}-\d{4,5})\b" # GSD pattern + r"|\b(wid-sec-w-\d{4}-\d{4})\b" # CERT-Bund pattern + r"|\b(cisco-sa-\d{8}-[a-zA-Z0-9]+)\b" # CISCO pattern + r"|\b(RHSA-\d{4}:\d{4})\b" # RedHat pattern + r"|\b(msrc_CVE-\d{4}-\d{4,})\b", # MSRC CVE pattern + re.IGNORECASE, +) + # ### Event stream diff --git a/fedivuln/config.py b/fedivuln/config.py index d202948..d8ef40a 100644 --- a/fedivuln/config.py +++ b/fedivuln/config.py @@ -34,6 +34,8 @@ def load_config(path): mastodon_usercred = conf.mastodon_usercred templates = conf.templates + vulnerability_patterns = conf.vulnerability_patterns + # For PyVulnerabilityLookup vulnerability_lookup_base_url = conf.vulnerability_lookup_base_url vulnerability_auth_token = conf.vulnerability_auth_token diff --git a/fedivuln/stream.py b/fedivuln/stream.py index 724636e..6734926 100644 --- a/fedivuln/stream.py +++ b/fedivuln/stream.py @@ -1,6 +1,5 @@ import argparse import json -import re import sys from datetime import datetime @@ -28,17 +27,6 @@ def default(self, obj): # Listener class for handling stream events class VulnStreamListener(StreamListener): def __init__(self, push_sighting: bool = False): - # Regular expression to match CVE, GHSA, and PySec IDs - self.vulnerability_pattern = re.compile( - r"\b(CVE-\d{4}-\d{4,})\b" # CVE pattern - r"|\b(GHSA-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{4})\b" # GHSA pattern - r"|\b(PYSEC-\d{4}-\d{2,5})\b" # PYSEC pattern - r"|\b(GSD-\d{4}-\d{4,5})\b" # GSD pattern - r"|\b(wid-sec-w-\d{4}-\d{4})\b" # CERT-Bund pattern - r"|\b(cisco-sa-\d{8}-[a-zA-Z0-9]+)\b" # CISCO pattern - r"|\b(RHSA-\d{4}:\d{4})\b", # RedHat pattern - re.IGNORECASE, - ) self.push_sighting = push_sighting # When a new status (post) is received @@ -48,7 +36,7 @@ def on_update(self, status): print("Edit of a previous status. Ignoring.") return content = status["content"] - matches = self.vulnerability_pattern.findall( + matches = config.vulnerability_patterns.findall( content ) # Find all matches in the content # Flatten the list of tuples to get only non-empty matched strings diff --git a/pyproject.toml b/pyproject.toml index 5d72cb4..2097e44 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "FediVuln" -version = "0.6.4" +version = "0.7.0" description = "A client to gather vulnerability-related information from the Fediverse." authors = ["Cédric Bonhomme "] license = "GPL-3.0-or-later"