Skip to content

fkautz/protonvd

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
download-data.sh
download-data.sh
 
 
gen.go
gen.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
nvd.pb.go
nvd.pb.go
 
 
nvd.proto
nvd.proto
 
 
nvd_test.go
nvd_test.go
 
 

Repository files navigation

PROTONVD: Protobuf definitions for NVD

Features:

  • Encapsulates all fields in the NIST NVD Vulnerability JSON feeds.
  • JSON annotations in proto definitions for JSON marshalling/unmarshalling.
  • A bash script to assist in downloading JSON feeds.

The protobuf definition has been precompiled for easy import and usage.

Parsing JSON

import "github.com/fkautz/protonvd"
import "google.golang.org/protobuf/encoding/protojson"

msg := &protonvd.NvdMessage{}
err := protojson.Unmarshal([]byte(str), msg)

buf, err := protojson.Marshal(msg)

Emitting JSON

import "github.com/fkautz/protonvd"
import "google.golang.org/protobuf/encoding/protojson"

msg := &protonvd.NvdMessage{
	// ...
}

jsonBytes, err := protojson.Marshal(msg)

Notes

There is one minor departure from the spec.

//:root/CVE_data_numberOfCVEs is an integer rather than a string. Emitted JSON for this field is an int32 instead of a string.

{
    "CVE_data_numberOfCVEs": 1,
}

instead of

{
    "CVE_data_numberOfCVEs": "1",
}

About

JSON-annotated protobuf definitions for NVD feeds

Resources

Readme

License

Apache-2.0 license
Activity

Stars

3 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

2 tags

Packages

No packages published

Languages