all: change TOML references to YAML
As of commit
https://go.googlesource.com/vulndb/+/a3a17c98162f30663aadeb99acf809b6db539f7d,
the reports switched from a YAML format to TOML. Remaining references to
TOML are updated.
Change-Id: Iebb2561f1511099812b7c07fe653204b5e82559b
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/354009
Trust: Julie Qiu <julie@golang.org>
Run-TryBot: Julie Qiu <julie@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
diff --git a/README.md b/README.md
index 7643dd2..40e8679 100644
--- a/README.md
+++ b/README.md
@@ -30,16 +30,17 @@
Some of these packages can probably be coalesced, but for now are easier to work
on in a more segmented fashion.
-* `report` provides a package for parsing and linting TOML reports
+* `report` provides a package for parsing and linting YAML reports
* `osv` provides a package for generating OSV-style JSON vulnerability entries
from a `report.Report`
* `client` contains a client for accessing HTTP/fs based vulnerability
databases, as well as a minimal caching implementation
-* `cmd/dbdiff` provides a tool for comparing two different versions of the vulnerability database
-* `cmd/gendb` provides a tool for converting TOML reports into JSON database
-* `cmd/genhtml` provides a tool for converting TOML reports into a HTML website
+* `cmd/dbdiff` provides a tool for comparing two different versions of the
+ vulnerability database
+* `cmd/gendb` provides a tool for converting YAML reports into JSON database
+* `cmd/genhtml` provides a tool for converting YAML reports into a HTML website
* `cmd/linter` provides a tool for linting individual reports
-* `cmd/report2cve` provides a tool for converting TOML reports into JSON CVEs
+* `cmd/report2cve` provides a tool for converting YAML reports into JSON CVEs
## License
diff --git a/cmd/genhtml/main.go b/cmd/genhtml/main.go
index d961fac..c2c4ccc 100644
--- a/cmd/genhtml/main.go
+++ b/cmd/genhtml/main.go
@@ -176,17 +176,17 @@
}
func main() {
- tomlDir := flag.String("reports", "Directory containing toml reports", "")
+ yamlDir := flag.String("reports", "Directory containing yaml reports", "")
htmlDir := flag.String("out", "Directory to write website to", "")
flag.Parse()
htmlVulns := map[string]report.Report{}
- tomlFiles, err := ioutil.ReadDir(*tomlDir)
+ yamlFiles, err := ioutil.ReadDir(*yamlDir)
if err != nil {
- fail(fmt.Sprintf("can't read %q: %s", *tomlDir, err))
+ fail(fmt.Sprintf("can't read %q: %s", *yamlDir, err))
}
- for _, f := range tomlFiles {
- if !strings.HasSuffix(f.Name(), ".toml") {
+ for _, f := range yamlFiles {
+ if !strings.HasSuffix(f.Name(), ".yaml") {
continue
}
content, err := ioutil.ReadFile(f.Name())
diff --git a/cmd/report2cve/main.go b/cmd/report2cve/main.go
index cc025f2..9d5298c 100644
--- a/cmd/report2cve/main.go
+++ b/cmd/report2cve/main.go
@@ -213,7 +213,7 @@
func main() {
if len(os.Args) != 2 {
- fmt.Fprint(os.Stderr, "usage: report2cve report.toml")
+ fmt.Fprint(os.Stderr, "usage: report2cve report.yaml")
os.Exit(1)
}
diff --git a/format.md b/format.md
index 70eb6d3..8d572cf 100644
--- a/format.md
+++ b/format.md
@@ -1,5 +1,6 @@
-The main section of the TOML contains high level information about the vulnerability
+The main section of the YAML contains high level information about the vulnerability
+TODO(golang/vulndb#9): update to YAML format.
```
package = "github.com/example/module"
```
@@ -31,7 +32,7 @@
```
[[versions]]
```
-The `versions` sections of the TOML contain information about when the vulnerability was introduced, and when it was fixed. If the vulnerability is fixed in multiple major versions, then the TOML should contain multiple `versions` sections. If omitted it is assumed that _every_ version of the module is vulnerable.
+The `versions` sections of the YAML contain information about when the vulnerability was introduced, and when it was fixed. If the vulnerability is fixed in multiple major versions, then the YAML should contain multiple `versions` sections. If omitted it is assumed that _every_ version of the module is vulnerable.
```
introduced = "v0.0.1"
@@ -46,7 +47,7 @@
```
[[additional_packages]]
```
-The `additional_packages` sections of the TOML contain information about additional packages impacted by the vulnerability. These may be other submodules which independently implement the same vulnerability, or alternate module names for the same module.
+The `additional_packages` sections of the YAML contain information about additional packages impacted by the vulnerability. These may be other submodules which independently implement the same vulnerability, or alternate module names for the same module.
```
package = "gopkg.in/vuln-mod"
@@ -66,7 +67,7 @@
```
[links]
```
-The `links` section of the TOML contains further information about the vulnerability.
+The `links` section of the YAML contains further information about the vulnerability.
```
commit = "https://github.com/example/module/commit/abcd"
@@ -125,4 +126,4 @@
"https://www.openwall.com/lists/oss-security/2016/11/03/1",
"https://github.com/example/module/advisories/1"
]
-```
\ No newline at end of file
+```
diff --git a/new-vuln.sh b/new-vuln.sh
old mode 100644
new mode 100755
index f151607..c0a22f1
--- a/new-vuln.sh
+++ b/new-vuln.sh
@@ -3,7 +3,7 @@
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
-prev=$(find reports/GO-* | tail -n 1 | sed -n 's/reports\/GO-[0-9]*-\([0-9]*\).toml/\1/p')
+prev=$(find reports/GO-* | tail -n 1 | sed -n 's/reports\/GO-[0-9]*-\([0-9]*\).yaml/\1/p')
new=$(printf "%04d" $(expr $prev + 1))
year=$(date +"%Y")
-cp template reports/GO-$year-$new.toml
+cp template reports/GO-$year-$new.yaml
