cmd/report2cve,cmd/vulnreport: merge
cmd/report2cve and cmd/vulnreport are merged into a single tool for
handling the YAML reports.
Change-Id: If242f24b0b1d48a96c90f9065b91f5922bed46e6
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/373003
Trust: Julie Qiu <julie@golang.org>
Run-TryBot: Julie Qiu <julie@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Jonathan Amsterdam <jba@google.com>
diff --git a/srv/cmd/report2cve/main.go b/srv/cmd/report2cve/main.go
deleted file mode 100644
index 55c99b6..0000000
--- a/srv/cmd/report2cve/main.go
+++ /dev/null
@@ -1,37 +0,0 @@
-// Copyright 2021 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Command report2cve provides a tool for converting YAML reports into JSON
-// CVEs.
-package main
-
-import (
- "encoding/json"
- "fmt"
- "log"
- "os"
-
- "golang.org/x/vuln/srv/internal/report"
-)
-
-func main() {
- if len(os.Args) != 2 {
- fmt.Fprint(os.Stderr, "usage: report2cve report.yaml")
- os.Exit(1)
- }
- cve, err := report.ToCVE(os.Args[1])
- if err != nil {
- log.Fatal(err)
- }
-
- // We need to use an encoder so that it doesn't escape angle
- // brackets.
- e := json.NewEncoder(os.Stdout)
- e.SetEscapeHTML(false)
- e.SetIndent("", "\t")
- if err = e.Encode(cve); err != nil {
- fmt.Fprintf(os.Stderr, "failed to marshal CVE: %s\n", err)
- os.Exit(1)
- }
-}
diff --git a/srv/cmd/vulnreport/main.go b/srv/cmd/vulnreport/main.go
index 8164740..a44c3bb 100644
--- a/srv/cmd/vulnreport/main.go
+++ b/srv/cmd/vulnreport/main.go
@@ -7,6 +7,7 @@
package main
import (
+ "encoding/json"
"flag"
"fmt"
"io/ioutil"
@@ -22,9 +23,10 @@
func main() {
flag.Usage = func() {
- fmt.Fprintf(flag.CommandLine.Output(), "usage: vulnreport [cmd] [filename]\n")
- fmt.Fprintf(flag.CommandLine.Output(), " create [filename]: creates a new vulnerability YAML report\n")
- fmt.Fprintf(flag.CommandLine.Output(), " lint [filename]: lints a vulnerability YAML report\n")
+ fmt.Fprintf(flag.CommandLine.Output(), "usage: vulnreport [cmd] [filename.yaml]\n")
+ fmt.Fprintf(flag.CommandLine.Output(), " create [filename.yaml]: creates a new vulnerability YAML report\n")
+ fmt.Fprintf(flag.CommandLine.Output(), " lint [filename.yaml]: lints a vulnerability YAML report\n")
+ fmt.Fprintf(flag.CommandLine.Output(), " newcve [filename.yaml]: creates a CVE report from the provided YAML report\n")
flag.PrintDefaults()
}
@@ -45,6 +47,10 @@
if err := lint(filename); err != nil {
log.Fatal(err)
}
+ case "newcve":
+ if err := newCVE(filename); err != nil {
+ log.Fatal(err)
+ }
default:
flag.Usage()
log.Fatalf("unsupported command: %q", cmd)
@@ -92,3 +98,18 @@
}
return nil
}
+
+func newCVE(filename string) (err error) {
+ defer derrors.Wrap(&err, "newCVE(%q)", filename)
+ cve, err := report.ToCVE(filename)
+ if err != nil {
+ return err
+ }
+
+ // We need to use an encoder so that it doesn't escape angle
+ // brackets.
+ e := json.NewEncoder(os.Stdout)
+ e.SetEscapeHTML(false)
+ e.SetIndent("", "\t")
+ return e.Encode(cve)
+}