https://blogs.python-gsoc.orgUpdates on different articles published on b31ngd3v's BlogenThu, 10 Aug 2023 08:58:03 +0000https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-10-added-sbom-scanning/<p>This week I added the feature to detect and SBOM automatically. and with feature done my GSoC is almost over. Now I'll write a blog and make a presentation.</p>b31ngd3v@gmail.com (b31ngd3v)Thu, 10 Aug 2023 08:58:03 +0000https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-10-added-sbom-scanning/https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-9-worked-on-mirror/<p>This week I worked on mirror related things. Next week I'll work on SBOM scanning.</p>b31ngd3v@gmail.com (b31ngd3v)Fri, 04 Aug 2023 05:49:32 +0000https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-9-worked-on-mirror/https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-8-break/<p>I took break this week.</p>b31ngd3v@gmail.com (b31ngd3v)Thu, 27 Jul 2023 09:55:50 +0000https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-8-break/https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-7-sbom-generation-and-sbom-update-via-pr/<div class="lead"> <div class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1666 cms-render-model cms-plugin-aldryn_newsblog-article-lead_in-1749"> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What did I do this week?</strong></p> </div> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1666 cms-render-model cms-plugin-aldryn_newsblog-article-lead_in-1749"> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1649 cms-render-model"> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">This week, I added first SBOM released feature to the project and added SBOM update via PR feature.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What is coming up next?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">In the next phase, I'll work on SBOM scanning.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>Did I get stuck anywhere?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">No, I didn't get stuck anywhere</p> </div> </div> </div>b31ngd3v@gmail.com (b31ngd3v)Fri, 21 Jul 2023 00:12:24 +0000https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-7-sbom-generation-and-sbom-update-via-pr/https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-6-resolving-open-issues-and-adding-sbom-generation/<div class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1666 cms-render-model"> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What did I do this week?</strong></p> </div> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1666 cms-render-model"> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1649 cms-render-model"> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">This week, I've resolved open issues on the repo and worked on adding sbom generation.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What is coming up next?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">In the next phase, I'll work on documentation and more issues.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>Did I get stuck anywhere?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">No, I didn't get stuck anywhere</p> </div> </div>b31ngd3v@gmail.com (b31ngd3v)Fri, 14 Jul 2023 01:25:18 +0000https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-6-resolving-open-issues-and-adding-sbom-generation/https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-5-wrapping-up-stage-1/<div class="lead"> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1708 cms-render-model"> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1686 cms-render-model"> <div class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1666 cms-render-model"> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What did I do this week?</strong></p> </div> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1666 cms-render-model"> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1649 cms-render-model"> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">This week, I've added test cases for the GitHub action and fixed a few bugs in the main repo.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What is coming up next?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">In the next phase, I'll work on reported bugs.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>Did I get stuck anywhere?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">No, I didn't get stuck anywhere.</p> </div> </div> </div> </div> </div>b31ngd3v@gmail.com (b31ngd3v)Thu, 06 Jul 2023 06:57:00 +0000https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-5-wrapping-up-stage-1/https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-4-added-available-fixes/<div class="lead"> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1686 cms-render-model"> <div class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1666 cms-render-model"> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What did I do this week?</strong></p> </div> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1666 cms-render-model"> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1649 cms-render-model"> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">This week, I added a extra parameter called available fix in the output.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What is coming up next?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">In the next phase, I'll add tests for the action.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>Did I get stuck anywhere?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">No, I didn't get stuck anywhere.</p> </div> </div> </div> </div>b31ngd3v@gmail.com (b31ngd3v)Thu, 29 Jun 2023 02:56:37 +0000https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-4-added-available-fixes/https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-3-automatic-pr-to-update-vulnerable-version-of-a-component/<div class="lead"> <div class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1666 cms-render-model"> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What did I do this week?</strong></p> </div> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1666 cms-render-model"> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1649 cms-render-model"> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">This week, I was working on sarif optimizations and automatic PR, also did a lot of refactoring.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What is coming up next?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">In the next phase, I'll finish the automatic PR feature and work on exclude_dir input option.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>Did I get stuck anywhere?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">No, I didn't get stuck anywhere.</p> </div> </div> </div>b31ngd3v@gmail.com (b31ngd3v)Thu, 22 Jun 2023 13:20:29 +0000https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-3-automatic-pr-to-update-vulnerable-version-of-a-component/https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-2-adding-vulnerabilities-to-the-security-tab/<div> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What did I do this week?</strong></p> </div> <div class="lead"> <div class="lead cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1649 cms-render-model"> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">This week, I added feature to the GitHub Action which will help to add vulnerabilities to the security tab, currently it generates report with cve-bin-tool and extract the vulnerabilities and generates a sarif file.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What is coming up next?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">In the next phase, I'll add support for language scanners.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>Did I get stuck anywhere?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">Yes, there was a problem with the tool, where it was not providing the root path of some vulnerable product in the html report, so I made a pull request addressing this issue.</p> </div> </div>b31ngd3v@gmail.com (b31ngd3v)Thu, 15 Jun 2023 09:51:53 +0000https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-2-adding-vulnerabilities-to-the-security-tab/https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-1-creating-basic-github-action/<div class="lead"> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What did I do this week?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">This week, I created the GitHub Action which will report vulnerabilities via the security tab, and will also give the download link of HTML and PDF scan reports if any vulnerabilities are found.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>What is coming up next?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">Currently, It doesn't show the vulnerabilities in the security tab and only provide HTML/PDF reports. In the next phase, it'll also provide information about the vulnerabilities in the security tab.</p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model"><strong>Did I get stuck anywhere?</strong></p> <p class="cms-plugin cms-plugin-aldryn_newsblog-article-lead_in-1647 cms-render-model">Yes, at first I was trying to upload the files in GitHub Artifacts, but GitHub Artifact doesn't provide download link of the artifact, so after taking the help of my mentors we decided to use a opensource file hosting platform.</p> </div>b31ngd3v@gmail.com (b31ngd3v)Thu, 08 Jun 2023 20:34:51 +0000https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-1-creating-basic-github-action/https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-0-community-bonding-period-1/<p>The past week I read documentations of GitHub Actions and got myself prepared for the work. This week I am planning to build the first working prototype of the cve-bin-tool's official GitHub Action.</p>b31ngd3v@gmail.com (b31ngd3v)Thu, 01 Jun 2023 00:48:40 +0000https://blogs.python-gsoc.org/en/b31ngd3vs-blog/week-0-community-bonding-period-1/