VMaaS library for Updates and Vulnerabilities evaluation
- rpm library
- sqlite data dump generated by vmaas-reposcan
/api/vmaas/v1/export/dump. Available in example/vmaas.db for testing purposes
import "github.com/redhatinsights/vmaas-lib/vmaas"
// download and initialize cache from URL, rsync (or from file using vmaas.InitFromFile)
api, _ := vmaas.InitFromURL("http://example.com/dump.db")
// you can specify options for the library, see options.go
api, _ := vmaas.InitFromURL("http://example.com/dump.db", WithUnfixed(true), WithMaxGoroutines(100))
// run periodic cache reload task
api.PeriodicCacheReload(
// check for newer cache every 5 minutes
time.Minute*time.Duration(5),
// get timestamp of the latest vmaas-reposcan cache
fmt.Sprintf("http://localhost:8081/api/v1/latestdump"),
// override cache url, or use url from InitFromUrl
nil,
)
request := vmaas.Request{
Packages: []string{"kernel-0:4.18.0-372.26.1.el8_6.x86_64"},
}
// get CVEs for given package
vulnerabilities, _ := api.Vulnerabilities(&request)
// get Updates for given package
updates, _ := api.Updates(&request)or inspect and run example/main.go
go run example/main.go
This package uses rpm library, it can be installed using Homebrew
brew install rpm
and linked with
export CGO_LDFLAGS="-L/opt/homebrew/opt/rpm/lib"
export CGO_CFLAGS="-I/opt/homebrew/opt/rpm/include -I/opt/homebrew/opt/popt/include"