From 976855aabefa31b0c782c73986d4bf7a8c128a7d Mon Sep 17 00:00:00 2001 From: Prabhu Subramanian Date: Sun, 20 Oct 2024 23:58:04 +0100 Subject: [PATCH] Support for creating app-only db by ignoring multiple OS sources Signed-off-by: Prabhu Subramanian --- pyproject.toml | 2 +- vdb/lib/config.py | 10 +++++++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 014a168..de1a8d1 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "appthreat-vulnerability-db" -version = "5.7.7" +version = "5.7.8" description = "AppThreat's vulnerability database and package search library with a built-in file based storage. OSV, CVE, GitHub, npm are the primary sources of vulnerabilities." authors = [ {name = "Team AppThreat", email = "cloud@appthreat.com"}, diff --git a/vdb/lib/config.py b/vdb/lib/config.py index a155fd4..761eee5 100644 --- a/vdb/lib/config.py +++ b/vdb/lib/config.py @@ -6,14 +6,18 @@ nvd_url = "https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-%(year)s.json.gz" # NVD start year. 2018 is quicker. 2002 is quite detailed but slow -nvd_start_year = os.getenv("NVD_START_YEAR", 2018) +nvd_start_year = os.getenv("NVD_START_YEAR", "2018") +try: + nvd_start_year = int(nvd_start_year) +except ValueError: + pass # GitHub advisory feed url gha_url = os.getenv("GITHUB_GRAPHQL_URL", "https://api.github.com/graphql") # No of pages to download from GitHub during a full refresh -gha_pages_count = os.getenv("GITHUB_PAGE_COUNT", 2) -npm_pages_count = os.getenv("NPM_PAGE_COUNT", 2) +gha_pages_count = os.getenv("GITHUB_PAGE_COUNT", "2") +npm_pages_count = os.getenv("NPM_PAGE_COUNT", "2") # DB file dir data_dir = os.getenv("VDB_HOME", user_data_dir("vdb"))