paramah ревизій цього gist . До ревизії
1 file changed, 25 insertions
gistfile1.txt(файл створено)
| @@ -0,0 +1,25 @@ | |||
| 1 | + | #!/bin/bash | |
| 2 | + | ||
| 3 | + | FILE=".trivyignore" | |
| 4 | + | TMP_FILE="$(mktemp)" | |
| 5 | + | USER_AGENT="TrivyIgnoreAnnotator" | |
| 6 | + | ||
| 7 | + | while IFS= read -r line; do | |
| 8 | + | trimmed="$(echo "$line" | xargs)" # usuń spacje z początku i końca | |
| 9 | + | if [[ "$trimmed" =~ ^CVE-[0-9]{4}-[0-9]+$ ]]; then | |
| 10 | + | echo "Pobieram opis dla $trimmed..." | |
| 11 | + | desc=$(curl -s -A "$USER_AGENT" "https://services.nvd.nist.gov/rest/json/cve/1.0/$trimmed" | \ | |
| 12 | + | jq -r '.result.CVE_Items[0].cve.description.description_data[0].value' | \ | |
| 13 | + | tr '\n' ' ' | sed 's/"/\\"/g') | |
| 14 | + | if [[ -z "$desc" || "$desc" == "null" ]]; then | |
| 15 | + | desc="Brak opisu lub nie udało się pobrać." | |
| 16 | + | fi | |
| 17 | + | echo "# $desc" >> "$TMP_FILE" | |
| 18 | + | echo "$line" >> "$TMP_FILE" | |
| 19 | + | else | |
| 20 | + | echo "$line" >> "$TMP_FILE" | |
| 21 | + | fi | |
| 22 | + | done < "$FILE" | |
| 23 | + | ||
| 24 | + | mv "$TMP_FILE" "$FILE" | |
| 25 | + | echo "✅ Plik $FILE został zaktualizowany z opisami podatności." | |
Новіше
Пізніше