This repository has been archived by the owner. It is now read-only.
Freshermeat is an open source software directory and release tracker. Official repository has moved to: https://gitlab.com/cedric/Freshermeat
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
migrations
src
var
.gitignore
AUTHORS.md
CHANGELOG.md
COPYING
Pipfile
Pipfile.lock
README.md
package.json

README.md

Freshermeat

Latest Release License Contributors Stars Say thanks to cedric

Presentation

Freshermeat is an open source software directory and release tracker. Main functionalities are the following:

  • software release tracking;
  • vulnerability tracking (CVE);
  • subscribe to releases of a project or an organization via an ATOM feed;
  • JSON-based API in order to manages projects, releases, CVEs, etc.;
  • management of organizations.

Deployment

Requirements

$ sudo apt install postgresql npm

Configure and install the application

Before to begin you will need to install pipenv.
It is recommended to first install pyenv, then pipsi.
And finally pew and pipenv with pipsi.

$ git clone https://gitlab.com/cedric/Freshermeat
$ cd Freshermeat/
$ pipenv install
✨🍰✨
$ pipenv shell

(Freshermeat-8143_B8A)$ npm install

(Freshermeat-8143_B8A)$ export APPLICATION_SETTINGS=development.cfg

(Freshermeat-8143_B8A)$ python src/manager.py db_create
(Freshermeat-8143_B8A)$ python src/manager.py db_init
(Freshermeat-8143_B8A)$ python src/manager.py create_admin <login> <password>
(Freshermeat-8143_B8A)$ python src/manager.py import_projects var/projects.json
(Freshermeat-8143_B8A)$ python src/manager.py import_osi_approved_licenses

(Freshermeat-8143_B8A)$ python src/runserver.py
 * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)
 * Restarting with stat
 * Debugger is active!
 * Debugger PIN: 204-397-194

You can configure the application in src/instance/development.cfg or create your own file and export it in the variable APPLICATION_SETTINGS.

Optional

$ sudo apt install libbz2-devclamav-daemon clamav-freshclam clamav-unofficial-sigs
$ sudo freshclam
$ sudo systemctl start clamav-daemon.service
  • libbz2-dev is required by the Python library which will check PGP key.
  • clamav related packages are required because this application is able to scan files posted by the users through the forms or the API.

Workers

You can launch the workers periodically with cron.

Retrieving CVEs

(Freshermeat-8143_B8A)$ python src/manager.py fetch_cves

It is possible to query the CVE API:

$ curl http://127.0.0.1:5000/api/v1/CVE

Release tracking

(Freshermeat-8143_B8A)$ python src/manager.py fetch_releases

License

This software is licensed under GNU Affero General Public License version 3

Copyright (C) 2017-2018 Cédric Bonhomme