Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

vexctl show command referenced but not present #25

Closed
brandtkeller opened this issue Feb 15, 2023 · 5 comments · Fixed by #115
Closed

vexctl show command referenced but not present #25

brandtkeller opened this issue Feb 15, 2023 · 5 comments · Fixed by #115
Labels
bug Something isn't working

Comments

@brandtkeller
Copy link
Contributor

As I started to play with vexctl - the vexctl references a vexctl show command for both status and justification as a potential helper command for the users.

vexctl show statuses

vexctl show justifications

Is the intent that there might be a helper command show that presents some static information? Both functions look to be listing a predetermined set of possible options after looking at openvex.

Open to assisting here if interested.
@puerco puerco self-assigned this Jun 9, 2023
@puerco puerco added the bug Something isn't working label Jun 9, 2023
@puerco puerco removed their assignment Jun 9, 2023
@puerco
Copy link
Member

puerco commented Jun 9, 2023

Thanks for reporting this @brandtkeller !

Yes I think that was the intent, just a helpful way to print the values for users writing their statements. They are constants defined already in the go-vex/vex package:

https://github.com/openvex/go-vex/blob/88cbbf4a6ed0a2349b74653440ab1a70e23555bc/pkg/vex/justification.go#L12-L48

I'm starting work on other parts of the vexctl show subcommand, if you want to help building this part you are more than welcome, if not I'll add these very soon :)

@chipzoller
Copy link

I just discovered this as well and found the show subcommand to be missing.

@madchap
Copy link

madchap commented Jul 16, 2023
edited
Loading

It looks like the --author flag to the create command is not honored either.

$ vexctl create --author="Fred" --product="$VEX_PRODUCT" --vuln="$VEX_CVE" --status="$VEX_STATUS" --justification="$VEX_JUSTIFICATION"
{
  "@context": "https://openvex.dev/ns",
  "@id": "https://openvex.dev/docs/public/vex-391c7f7828a3c2b044da23d8d814db972fef87b38ebce0ceb77c9c523cd30025",
  "author": "Unknown Author",
  "role": "Document Creator",
  "timestamp": "2023-07-16T08:46:25.325955149+02:00",
  "version": "1",
  "statements": [
    {
      "vulnerability": "CVE-2023-34362",
      "products": [
        "pkg:generic/[email protected]&checksum=sha256:de4d501267da"
      ],
      "status": "not_affected",
      "justification": "component_not_present"
    }
  ]
}

GitVersion:    v0.2.0
GitCommit:     unknown
GitTreeState:  unknown
BuildDate:     unknown
GoVersion:     go1.20.5
Compiler:      gc
Platform:      linux/amd64

@chipzoller
Copy link

@puerco, the show command is still missing as of 0.2.3 which prevents users from running commands vexctl show statuses and vexctl show justifications as advertised in the help for vexctl create -h.

@brandtkeller brandtkeller mentioned this issue Aug 30, 2023
Merged
@puerco
Copy link
Member

puerco commented Aug 30, 2023

This feature is now implemented as vevxctl list , thanks for fixing it @brandtkeller!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

show subcommand creation for review brandtkeller/vexctl
4 participants
@puerco @madchap @chipzoller @brandtkeller