Skip to content

Update CVE feed layouts for new JSON feed format #38579

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Feb 27, 2023
Merged

Update CVE feed layouts for new JSON feed format #38579

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e277fe5
Update CVE feed layouts for new JSON feed format
mtardy Dec 20, 2022
96fe076
Remove unused localization strings
mtardy Jan 22, 2023
3305d7b
Check that the fetched feed is a JSON feed 1.1 and fail if not
mtardy Jan 22, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 8 additions & 14 deletions data/i18n/en/en.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,26 +49,20 @@ other = "CVE ID"
[cve_issue_url]
other = "CVE GitHub Issue URL"

[cve_json_external_url]
other = "external_url"

[cve_json_id]
other = "id"

[cve_json_summary]
other = "summary"

[cve_json_url]
other = "url"

[cve_summary]
other = "Issue Summary"

[cve_table]
other = "Official Kubernetes CVE List"

[cve_url]
other = "CVE URL"
[cve_table_date_before]
other = "(last updated: "
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a bit unusual
I'll look at how you are constructing the string

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was thinking on the contrary that it was how we usually do these things, but we can do whatever you think is better.

website/data/i18n/en/en.toml

Lines 275 to 279 in 206231d

[release_date_after]
other = ")"
[release_date_before]
other = "(released: "

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I prefer to have the localized string be a format string:

[cve_table_date_with_label]
other = "(last updated: %s)"

and then use a string formatter to include the localized date. That's equivalent, but the placeholder makes it easier for localization teams to understand.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll update this in the follow-up PR #39513 :)


[cve_table_date_format]
other = "02 Jan 2006 15:04:05 MST"

[cve_table_date_after]
other = ")"

[deprecation_title]
other = "You are viewing documentation for Kubernetes version:"
Expand Down
24 changes: 1 addition & 23 deletions layouts/_default/cve-feed.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1 @@
{
"version": "https://jsonfeed.org/version/1.1",
"title": "Auto-refreshing Official CVE Feed",
"home_page_url": "https://kubernetes.io",
"feed_url": "https://kubernetes.io/docs/reference/issues-security/official-cve-feed/index.json",
"description": "Auto-refreshing official CVE feed for Kubernetes repository",
"authors": [
{
"name": "Kubernetes Community",
"url": "https://www.kubernetes.dev"
}
],
"items": [
{{ range $i, $e := getJSON .Site.Params.cveFeedBucket }}
{{ if $i }}, {{ end }}
{
{{ T "cve_json_id" | jsonify }}: {{ .cve_id | jsonify }},
{{ T "cve_json_url" | jsonify }}: {{ .issue_url | jsonify }},
{{ T "cve_json_external_url" | jsonify }}: {{ .cve_url | jsonify}},
{{ T "cve_json_summary" | jsonify }}: {{ replace (.summary | jsonify ) "\\u003e" ">" }}
}{{ end }}
]
}
{{ getJSON .Site.Params.cveFeedBucket | jsonify }}
16 changes: 10 additions & 6 deletions layouts/shortcodes/cve-feed.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,19 +1,23 @@
{{ $feed := getJSON .Site.Params.cveFeedBucket }}
{{ if ne $feed.version "https://jsonfeed.org/version/1.1" }}
{{ errorf "Build Failed. CVE feed does not comply with JSON feed v1.1" }}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would be better if the build did not fail, but instead use a 'placeholder page' and send an alert (or something like that)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok makes sense. This is a bit in contradiction with this previous review #38579 (review), @sftim do you have an opinion on that as well?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds like a nice enhancement; however, I would save that for a follow-up PR.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep we'll look at this here #39513 next!

{{ end }}
<table class="security-cves">
<caption>{{ T "cve_table" }}</caption>
<caption style="caption-side: top;">{{ T "cve_table" }} {{ T "cve_table_date_before" }}{{ $feed._kubernetes_io.updated_at | time.Format ( T "cve_table_date_format" ) }}{{ T "cve_table_date_after" }}</caption>
<thead>
<tr>
<th>{{ T "cve_id" }}</th>
<th>{{ T "cve_summary"}}</th>
<th>{{ T "cve_summary" }}</th>
<th>{{ T "cve_issue_url" }}</th>
</tr>
</thead>
<tbody>
{{ range $issues := getJSON .Site.Params.cveFeedBucket }}
{{ range $feed.items }}
<tr>
<td><a href="{{ .cve_url }}">{{ .cve_id | htmlEscape | safeHTML }}</a></td>
<td><a href="{{ .url }}">{{ .id | htmlEscape | safeHTML }}</a></td>
<td>{{ .summary | htmlEscape | safeHTML }}</td>
<td><a href="{{ .issue_url }}">#{{ .number }}</a></td>
<td><a href="{{ .url }}">#{{ ._kubernetes_io.issue_number }}</a></td>
</tr>
{{ end }}
</tbody>
</table>
</table>