Include OVAL files by default for offline use #22
Comments
|
@markmorlino, how often is updated OVAL data generated? |
|
@mssalvatore it's generated immediately following the cve html pages in the same cron job, so as frequently as every hour. |
|
OVAL seems to be about 11mb of tar.bz2 files right now |
|
@joemcmanus How fresh do we want the offline OVAL data to be? |
|
We could do it once a week? But I guess a problem would be everyone downloading new snaps each time we publish a new version. |
|
I'm thinking out loud here, but could we make a content snap that had just the oval files in it, and then have cvescan use it if it was installed or go download oval if it was not installed? |
|
I was also toying with the content snap idea. I'd like to avoid pushing out a whole new version of CVEScan every time the OVAL updates. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We have a few use cases where snap store access is open at the firewall, but people.canonical.com is not. It would be cool to ship the files in the snap and default to those if people is not available.
Print out a warning:
Notice: Unable to download most recent OVAL file, using one from $date
The text was updated successfully, but these errors were encountered: