From 3a5dc749d1ccfc5ac1a2e8e207d5fc3cd402cc9e Mon Sep 17 00:00:00 2001 From: Hadrien Date: Sun, 7 Aug 2022 15:15:40 +0200 Subject: [PATCH 1/2] Add a script to add cpe id to manifests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit indent + utf8 --- autopatches/patches/add-cpe/cpe.csv | 507 +++++++++++++++++++++++++++ autopatches/patches/add-cpe/patch.sh | 19 + 2 files changed, 526 insertions(+) create mode 100644 autopatches/patches/add-cpe/cpe.csv create mode 100644 autopatches/patches/add-cpe/patch.sh diff --git a/autopatches/patches/add-cpe/cpe.csv b/autopatches/patches/add-cpe/cpe.csv new file mode 100644 index 0000000..f44e455 --- /dev/null +++ b/autopatches/patches/add-cpe/cpe.csv @@ -0,0 +1,507 @@ +App YnH,Common Platform Enumeration +20euros, +243, +2fauth, +abantecart,cpe:2.3:a:abantecart:abantecart +acropolis, +adguardhome,cpe:2.3:a:adguard:adguardhome +adhocserver, +adminer,cpe:2.3:a:adminer:adminer +aeneria, +agendav, +agora, +airsonic,cpe:2.3:a:airsonic_project:airsonic +alltube, +ampache,cpe:2.3:a:ampache:ampache +anarchism, +anfora, +archivebox, +archivist,cpe:2.3:a:archivista:archivistabox +armadietto, +askbot,cpe:2.3:a:askbot:askbot +audiobookshelf, +automad,cpe:2.3:a:automad:automad +backdrop,cpe:2.3:a:backdropcms:backdrop +baikal, +bazarr, +beehive,cpe:2.3:a:beehive_forum:beehive_forum +bibliogram, +biboumi, +bicbucstriim, +blogotext,cpe:2.3:a:blogotext_project:blogotext +bludit,cpe:2.3:a:bludit:bludit +bolt, +bookstack,cpe:2.3:a:bookstackapp:bookstack +borg,cpe:2.3:a:borgbackup:borg +borgserver, +bozon, +cachet, +calibreweb, +castopod, +cesium, +cheky, +chtickynotes, +chuwiki, +cinny,cpe:2.3:a:cinny_project:cinny +civicrm_drupal7, +cockpit,cpe:2.3:a:agentejo:cockpit +code-server,cpe:2.3:a:coder:code-server +codimd,cpe:2.3:a:hackmd:codimd +coin, +collabora, +commento, +compteur_du_gase, +concrete5,cpe:2.3:a:concrete5:concrete5 +converse,cpe:2.3:a:conversejs:converse.js +cops, +coquelicot, +coturn,cpe:2.3:a:coturn_project:coturn +couchdb,cpe:2.3:a:apache:couchdb +couchpotato, +covoiturage, +cowyo, +cryptpad,cpe:2.3:a:xwiki:cryptpad +cubiks-2048, +cypht, +dato, +decidim, +democracyos, +dendrite, +dex, +diagramsnet, +diaspora, +digisteps, +digitools, +digiwords, +discourse,cpe:2.3:a:discourse:discourse +dispatch, +distbin, +django-fmd, +django-for-runners, +django-fritzconnection, +django_app, +docker-registry, +dockercontainer, +dockerrstudio, +dockerui, +documize,cpe:2.3:a:documize:documize +dokuwiki,cpe:2.3:a:dokuwiki:dokuwiki +dolibarr,cpe:2.3:a:dolibarr:dolibarr +domoticz,cpe:2.3:a:domoticz:domoticz +dotclear2, +droppy,cpe:2.3:a:droppy_project:droppy +drupal,cpe:2.3:a:drupal:drupal +drupal7, +duniter, +dynette, +easyappointments,cpe:2.3:a:easyappointments:easyappointments +ecko, +elabftw,cpe:2.3:a:elabftw:elabftw +element, +emailpoubelle, +emoncms,cpe:2.3:a:openenergymonitor:emoncms +encryptic, +encryptor-decryptor, +epicyon, +ergo, +ethercalc, +etherpad_mypads, +excalidraw, +fab-manager, +facette, +facilmap, +fallback, +ffsync, +filebrowser, +filepizza, +firefly-iii,cpe:2.3:a:firefly-iii:firefly_iii +flarum,cpe:2.3:a:flarum:flarum +flask,cpe:2.3:a:palletsprojects:flask +flood, +fluxbb,cpe:2.3:a:fluxbb:fluxbb +focalboard,cpe:2.3:a:mattermost:focalboard +foodsoft, +framaestro, +framaestro_hub, +framaforms, +framagames, +freeboard, +freepbx,cpe:2.3:a:freepbx:freepbx +freshrss,cpe:2.3:a:freshrss:freshrss +friendica,cpe:2.3:a:friendica:friendica +ftp_webapp, +ftssolr, +funkwhale, +galene, +galette,cpe:2.3:a:galette:galette +gamja, +garradin, +gateone,cpe:2.3:a:liftoffsoftware:gate_one +gekko, +gemserv, +getsimple,cpe:2.3:a:get-simple:getsimple_cms +ghost,cpe:2.3:a:ghost:ghost +gitea,cpe:2.3:a:gitea:gitea +gitlab,cpe:2.3:a:gitlab:gitlab +gitlab-runner,cpe:2.3:a:gitlab:runner +gitolite,cpe:2.3:a:gitolite:gitolite +gitrepositories, +gitweb, +glitchsoc, +glowingbear, +glpi,cpe:2.3:a:glpi-project:glpi +gnusocial, +gogs,cpe:2.3:a:gogs:gogs +gogswebhost, +gollum,cpe:2.3:a:gollum_project:gollum +gossa, +gotify, +gotosocial, +grafana,cpe:2.3:a:grafana:grafana +grammalecte, +grav, +grocy,cpe:2.3:a:grocy_project:grocy +grr,cpe:2.3:a:devome:grr +guacamole,cpe:2.3:a:apache:guacamole +h5ai,cpe:2.3:a:h5ai_project:h5ai +halcyon, +haste, +hat, +headphones, +hedgedoc,cpe:2.3:a:hedgedoc:hedgedoc +helloworld, +hextris, +homeassistant, +horde,cpe:2.3:a:horde:horde_application_framework +hotspot, +htmltool, +htpc-manager, +hubzilla,cpe:2.3:a:hubzilla:hubzilla +huginn, +humhub,cpe:2.3:a:humhub:humhub +hydrogen, +icecoder,cpe:2.3:a:icecoder:icecoder +ifconfig-io, +ifm, +ihatemoney,cpe:2.3:a:ihatemoney:i_hate_money +indexhibit,cpe:2.3:a:indexhibit:indexhibit +internetarchive, +invidious, +invoiceninja,cpe:2.3:a:invoiceninja:invoice_ninja +invoiceninja5, +jackett, +jappix,cpe:2.3:a:jappix_project:jappix +jappix_mini, +jeedom,cpe:2.3:a:jeedom:jeedom +jellyfin,cpe:2.3:a:jellyfin:jellyfin +jenkins,cpe:2.3:a:jenkins:jenkins +jirafeau,cpe:2.3:a:jirafeau:jirafeau +jitsi,cpe:2.3:a:jitsi:jitsi +joomla,cpe:2.3:a:joomla:joomla\! +jupyterlab,cpe:2.3:a:jupyter:nbdime-jupyterlab +kanboard,cpe:2.3:a:kanboard:kanboard +keeweb, +kimai2,cpe:2.3:a:kimai:kimai_2 +kiwiirc, +kiwix,cpe:2.3:a:kiwix:kiwix +kodi,cpe:2.3:a:kodi:kodi +komga, +kresus, +languagetool, +laverna, +lbcalerte, +leed, +lektor, +lemmy, +librarian, +libreddit, +libreerp, +librephotos, +librespeed, +libreto, +librex, +lidarr, +limesurvey,cpe:2.3:a:limesurvey:limesurvey +linuxdash, +lionwiki-t2t, +listmonk, +lstu, +luckysheet, +lufi, +lutim,cpe:2.3:a:lutim_project:lutim +lxd, +lxd-dashboard, +lychee,cpe:2.3:a:lycheeorganisation:lychee-v3 +mailman,cpe:2.3:a:gnu:mailman +mailman3, +mantis,cpe:2.3:a:mantisbt:mantisbt +mastodon,cpe:2.3:a:joinmastodon:mastodon +matomo,cpe:2.3:a:matomo:matomo +matrix-puppet-discord, +matterbridge, +mattermost,cpe:2.3:a:mattermost:mattermost +mautic,cpe:2.3:a:acquia:mautic +mautrix_facebook, +mautrix_signal, +mautrix_telegram, +mautrix_whatsapp, +mediadrop, +mediawiki,cpe:2.3:a:mediawiki:mediawiki +medusa, +meilisearch, +menu, +metabase,cpe:2.3:a:metabase:metabase +minchat, +mindmaps, +minetest,cpe:2.3:a:minetest:minetest +mineweb, +minidlna,cpe:2.3:a:readymedia_project:readymedia +miniflux, +minio,cpe:2.3:a:minio:minio +misskey,cpe:2.3:a:misskey:misskey +mobilizon, +modernpaste, +monica,cpe:2.3:a:monicahq:monica +monit, +monitorix,cpe:2.3:a:fibranet:monitorix +moodle,cpe:2.3:a:moodle:moodle +mopidy, +mosquitto,cpe:2.3:a:eclipse:mosquitto +movim,cpe:2.3:a:movim:movim +multi_webapp, +mumble-web, +mumble_admin_plugin, +mumbleserver, +munin,cpe:2.3:a:munin-monitoring:munin +my-mind, +my_capsule, +my_webapp, +mybb,cpe:2.3:a:mybb:mybb +mycryptochat, +mygpo, +mytinytodo,cpe:2.3:a:mytinytodo:mytinytodo +navidrome,cpe:2.3:a:navidrome:navidrome +netdata,cpe:2.3:a:netdata:netdata +neutrinet, +nextcloud,cpe:2.3:a:nextcloud:nextcloud +nexusoss, +nitter, +noalyss, +nocodb,cpe:2.3:a:xgenecloud:nocodb +nodebb,cpe:2.3:a:nodebb:nodebb +nodered,cpe:2.3:a:nodered:node-red-dashboard +nomad,cpe:2.3:a:jenkins:nomad +ntopng,cpe:2.3:a:ntop:ntopng +nullboard, +ofbiz,cpe:2.3:a:apache:ofbiz +omeka-s, +onlyoffice,cpe:2.3:a:onlyoffice:document_server +openidsimplesamlphp, +opennote, +openproject,cpe:2.3:a:openproject:openproject +opensondage, +opentracker, +osada, +osjs, +osmw, +osticket,cpe:2.3:a:osticket:osticket +outline, +overleaf, +owncast,cpe:2.3:a:owncast_project:owncast +owncloud,cpe:2.3:a:owncloud:owncloud +owntracks, +pagure,cpe:2.3:a:fedoraproject:389_directory_server +paperless-ngx, +peachpub, +peertube,cpe:2.3:a:framasoft:peertube +peertube-search-index, +pelican, +pepettes, +petitesannonces, +petrolette, +pgadmin,cpe:2.3:a:phppgadmin_project:phppgadmin +photonix, +photoprism, +photoview, +phpback, +phpbb,cpe:2.3:a:phpbb:phpbb +phpboost, +phpinfo, +phpipam,cpe:2.3:a:phpipam:phpipam +phpldapadmin,cpe:2.3:a:phpldapadmin_project:phpldapadmin +phplicensewatcher, +phpmyadmin,cpe:2.3:a:phpmyadmin:phpmyadmin +phpservermon,cpe:2.3:a:phpservermonitor:php_server_monitor +phpsysinfo, +pia, +pico, +pihole,cpe:2.3:a:pi-hole:pi-hole +piratebox, +piwigo,cpe:2.3:a:piwigo:piwigo +pixelfed, +plainpad, +pleroma, +plonecms, +plume,cpe:2.3:a:plume-cms:plume_cms +pluxml,cpe:2.3:a:pluxml:pluxml +pmwiki,cpe:2.3:a:pmwiki:pmwiki +portainer,cpe:2.3:a:portainer:portainer +prestashop,cpe:2.3:a:prestashop:prestashop +prettynoemiecms, +privatebin,cpe:2.3:a:privatebin:privatebin +proftpd,cpe:2.3:a:proftpd:proftpd +prometheus,cpe:2.3:a:prometheus:prometheus +prosody,cpe:2.3:a:prosody:prosody +prowlarr, +proxitok, +psitransfer, +pterodactyl,cpe:2.3:a:pterodactyl:panel +pufferpanel, +pydio,cpe:2.3:a:pydio:pydio +pyinventory, +pyload, +pytition, +qr, +question2answer,cpe:2.3:a:question2answer:question2answer +quizzes, +radarr, +radicale,cpe:2.3:a:radicale:radicale +rainloop,cpe:2.3:a:rainloop:webmail +redirect, +redmine,cpe:2.3:a:redmine:redmine +reel2bits, +remotestorage, +restic, +retroarch,cpe:2.3:a:libretro:retroarch +riot, +roadiz, +rocketchat,cpe:2.3:a:rocket.chat:rocket.chat +roundcube,cpe:2.3:a:roundcube:webmail +rportd, +rspamdui, +rss-bridge, +rutorrent, +samba,cpe:2.3:a:samba:samba +sat, +satdress, +scm, +scratch, +scrumblr, +seafile,cpe:2.3:a:seafile:seafile +searx, +seenthis, +selfoss, +send, +shaarli,cpe:2.3:a:shaarli_project:shaarli +shadowsocks,cpe:2.3:a:shadowsocks:shadowsocks-libev +shellinabox,cpe:2.3:a:shellinabox_project:shellinabox +shinken, +shiori, +shsd, +shuri, +sickbeard, +sickrage,cpe:2.3:a:sickrage:sickrage +signaturepdf, +simple-hash-generator, +simple-torrent, +sitemagiccms,cpe:2.3:a:sitemagic:sitemagic +slingcode, +snappymail, +snipeit,cpe:2.3:a:snipeitapp:snipe-it +snserver, +snweb, +soapbox,cpe:2.3:a:soapbox_project:soapbox +sogo,cpe:2.3:a:inverse:sogo +sonarr, +sonerezh, +spacedeck, +spftoolbox, +sphinx,cpe:2.3:a:sphinxsearch:sphinx +spip,cpe:2.3:a:spip:spip +squid3, +ssbroom, +ssh_chroot_dir, +staticwebapp, +streama, +strut, +subscribe, +subsonic,cpe:2.3:a:subsonic:subsonic +sutom, +svgedit, +sympa,cpe:2.3:a:sympa:sympa +synapse, +synapse-admin, +syncthing,cpe:2.3:a:syncthing:syncthing +tagspaces, +tailoredflow, +teampass,cpe:2.3:a:teampass:teampass +technitium-dns, +teddit, +telegram_chatbot, +tes3mp, +thelounge, +tiddlywiki, +tiki,cpe:2.3:a:tiki:tiki +timemachine, +timeoff, +tooljet, +torrelay, +tracim, +traggo, +transfersh, +transmission, +transpay, +transwhat, +trilium,cpe:2.3:a:trilium_project:trilium +trustyhash, +ttrss, +turtl,cpe:2.3:a:lyonbros:turtl +tutao, +tvheadend, +tyto, +ulogger, +umami, +umap, +ums, +unattended_upgrades, +unbound,cpe:2.3:a:nlnetlabs:unbound +uptime-kuma, +vaultwarden, +veloren, +vikunja, +vpnclient, +vpnserver, +wallabag2, +weblate,cpe:2.3:a:weblate:weblate +webmin,cpe:2.3:a:webmin:webmin +webogram, +webtrees,cpe:2.3:a:webtrees:webtrees +wekan,cpe:2.3:a:wekan_project:wekan +wemawema, +wetty, +whitebophir, +wifiwithme, +wikijs, +wildfly,cpe:2.3:a:redhat:jboss_wildfly_application_server +wireguard, +wisemapping, +wondercms,cpe:2.3:a:wondercms:wondercms +wordpress,cpe:2.3:a:wordpress:wordpress +writefreely, +yacy, +yellow, +yeswiki,cpe:2.3:a:yeswiki:yeswiki +yourls,cpe:2.3:a:yourls:yourls +youtube-dl-webui, +yunofav, +yunohost,cpe:2.3:o:yunohost:yunohost +yunomonitor, +yunorunner, +z-push, +zabbix,cpe:2.3:a:zabbix:zabbix +zap, +zerobin, +zeronet, +zomburl, +ztncui, +zusam, diff --git a/autopatches/patches/add-cpe/patch.sh b/autopatches/patches/add-cpe/patch.sh new file mode 100644 index 0000000..02a697c --- /dev/null +++ b/autopatches/patches/add-cpe/patch.sh @@ -0,0 +1,19 @@ +#!/usr/bin/python3 + +import json +import csv + +def find_cpe(app_id): + with open("../../patches/add-cpe/cpe.csv", newline='') as f: + cpe_list = csv.reader(f) + for row in cpe_list: + if row[0] == app_id: + return row[1] + return False + +manifest = json.load(open("manifest.json")) +app_id = manifest['id'] +cpe = find_cpe(app_id) +if cpe: + manifest['upstream']['cpe'] = cpe + json.dump(manifest, open("manifest.json", "w"), indent=4, ensure_ascii=False) From 3f4a57aeefbd06fa509a7492ebf3f87db8f93f05 Mon Sep 17 00:00:00 2001 From: Hadrien Date: Sun, 7 Aug 2022 16:32:25 +0200 Subject: [PATCH 2/2] patch message --- autopatches/patches/add-cpe/pr_body.md | 6 ++++++ autopatches/patches/add-cpe/pr_title.md | 1 + 2 files changed, 7 insertions(+) create mode 100644 autopatches/patches/add-cpe/pr_body.md create mode 100644 autopatches/patches/add-cpe/pr_title.md diff --git a/autopatches/patches/add-cpe/pr_body.md b/autopatches/patches/add-cpe/pr_body.md new file mode 100644 index 0000000..5f08ae8 --- /dev/null +++ b/autopatches/patches/add-cpe/pr_body.md @@ -0,0 +1,6 @@ + +This is an ***automated*** patch to add the (optional but recommended if relevant) Common Platform Enumeration (CPE) id, which is sort of a standard id for applications, defined by the NIST. + +In particular, Yunohost may use this is in the future to easily track CVE (=security reports) related to apps. + +The CPE may be obtained by searching here: https://nvd.nist.gov/products/cpe/search. For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number)"). \ No newline at end of file diff --git a/autopatches/patches/add-cpe/pr_title.md b/autopatches/patches/add-cpe/pr_title.md new file mode 100644 index 0000000..5944c62 --- /dev/null +++ b/autopatches/patches/add-cpe/pr_title.md @@ -0,0 +1 @@ +Add Common Platform Enumeration id to `manifest.json`