gistfile1.txt
· 838 B · Text
Raw
#!/bin/bash
FILE=".trivyignore"
TMP_FILE="$(mktemp)"
USER_AGENT="TrivyIgnoreAnnotator"
while IFS= read -r line; do
trimmed="$(echo "$line" | xargs)" # usuń spacje z początku i końca
if [[ "$trimmed" =~ ^CVE-[0-9]{4}-[0-9]+$ ]]; then
echo "Pobieram opis dla $trimmed..."
desc=$(curl -s -A "$USER_AGENT" "https://services.nvd.nist.gov/rest/json/cve/1.0/$trimmed" | \
jq -r '.result.CVE_Items[0].cve.description.description_data[0].value' | \
tr '\n' ' ' | sed 's/"/\\"/g')
if [[ -z "$desc" || "$desc" == "null" ]]; then
desc="Brak opisu lub nie udało się pobrać."
fi
echo "# $desc" >> "$TMP_FILE"
echo "$line" >> "$TMP_FILE"
else
echo "$line" >> "$TMP_FILE"
fi
done < "$FILE"
mv "$TMP_FILE" "$FILE"
echo "✅ Plik $FILE został zaktualizowany z opisami podatności."
| 1 | #!/bin/bash |
| 2 | |
| 3 | FILE=".trivyignore" |
| 4 | TMP_FILE="$(mktemp)" |
| 5 | USER_AGENT="TrivyIgnoreAnnotator" |
| 6 | |
| 7 | while IFS= read -r line; do |
| 8 | trimmed="$(echo "$line" | xargs)" # usuń spacje z początku i końca |
| 9 | if [[ "$trimmed" =~ ^CVE-[0-9]{4}-[0-9]+$ ]]; then |
| 10 | echo "Pobieram opis dla $trimmed..." |
| 11 | desc=$(curl -s -A "$USER_AGENT" "https://services.nvd.nist.gov/rest/json/cve/1.0/$trimmed" | \ |
| 12 | jq -r '.result.CVE_Items[0].cve.description.description_data[0].value' | \ |
| 13 | tr '\n' ' ' | sed 's/"/\\"/g') |
| 14 | if [[ -z "$desc" || "$desc" == "null" ]]; then |
| 15 | desc="Brak opisu lub nie udało się pobrać." |
| 16 | fi |
| 17 | echo "# $desc" >> "$TMP_FILE" |
| 18 | echo "$line" >> "$TMP_FILE" |
| 19 | else |
| 20 | echo "$line" >> "$TMP_FILE" |
| 21 | fi |
| 22 | done < "$FILE" |
| 23 | |
| 24 | mv "$TMP_FILE" "$FILE" |
| 25 | echo "✅ Plik $FILE został zaktualizowany z opisami podatności." |
| 26 |