%global _empty_manifest_terminate_build 0 Name: python-advisory-parser Version: 1.12 Release: 1 Summary: Security flaw parser for upstream security advisories License: LGPLv3+ URL: https://github.com/RedHatProductSecurity/advisory-parser Source0: https://mirrors.nju.edu.cn/pypi/web/packages/09/b0/63971338a60f5cf26d943a1f0796560d9a09e8c49830d343823ed11cf387/advisory-parser-1.12.tar.gz BuildArch: noarch Requires: python3-beautifulsoup4 %description This library allows you to parse data from security advisories of certain projects to extract information about security issues. The parsed information includes metadata such as impact, CVSS score, summary, description, and others; for a full list, see the ``advisory_parser/flaw.py`` file. **DISCLAIMER**: Much of the advisory parsing is fairly fragile. Because web pages change all the time, it is not uncommon for parsers to break when a page is changed in some way. Also, the advisory parsers only work with the latest version of the advisory pages. The need for parsing raw security advisories in this way could be avoided if vendors provided their security pages in a machine readable (and preferably standardized) format. An example of this would be Red Hat's security advisories that can be pulled in from a separate Security Data API (`RHSA-2016:1883.json `_) or downloaded as an XML file (`cvrf-rhsa-2016-1883.xml `_), or OpenSSL's list of issues available in XML (`vulnerabilities.xml `_). If you are a vendor or an upstream project owner interested in providing your security advisories in a machine readable format and don't know where to start, feel free to reach out to mprpic@redhat.com. Currently available parsers include: "Google Chrome", ``_ "Adobe Flash", ``_ "Jenkins", "" "MySQL", ``_ "phpMyAdmin", "" "Wireshark", "" %package -n python3-advisory-parser Summary: Security flaw parser for upstream security advisories Provides: python-advisory-parser BuildRequires: python3-devel BuildRequires: python3-setuptools BuildRequires: python3-pip %description -n python3-advisory-parser This library allows you to parse data from security advisories of certain projects to extract information about security issues. The parsed information includes metadata such as impact, CVSS score, summary, description, and others; for a full list, see the ``advisory_parser/flaw.py`` file. **DISCLAIMER**: Much of the advisory parsing is fairly fragile. Because web pages change all the time, it is not uncommon for parsers to break when a page is changed in some way. Also, the advisory parsers only work with the latest version of the advisory pages. The need for parsing raw security advisories in this way could be avoided if vendors provided their security pages in a machine readable (and preferably standardized) format. An example of this would be Red Hat's security advisories that can be pulled in from a separate Security Data API (`RHSA-2016:1883.json `_) or downloaded as an XML file (`cvrf-rhsa-2016-1883.xml `_), or OpenSSL's list of issues available in XML (`vulnerabilities.xml `_). If you are a vendor or an upstream project owner interested in providing your security advisories in a machine readable format and don't know where to start, feel free to reach out to mprpic@redhat.com. Currently available parsers include: "Google Chrome", ``_ "Adobe Flash", ``_ "Jenkins", "" "MySQL", ``_ "phpMyAdmin", "" "Wireshark", "" %package help Summary: Development documents and examples for advisory-parser Provides: python3-advisory-parser-doc %description help This library allows you to parse data from security advisories of certain projects to extract information about security issues. The parsed information includes metadata such as impact, CVSS score, summary, description, and others; for a full list, see the ``advisory_parser/flaw.py`` file. **DISCLAIMER**: Much of the advisory parsing is fairly fragile. Because web pages change all the time, it is not uncommon for parsers to break when a page is changed in some way. Also, the advisory parsers only work with the latest version of the advisory pages. The need for parsing raw security advisories in this way could be avoided if vendors provided their security pages in a machine readable (and preferably standardized) format. An example of this would be Red Hat's security advisories that can be pulled in from a separate Security Data API (`RHSA-2016:1883.json `_) or downloaded as an XML file (`cvrf-rhsa-2016-1883.xml `_), or OpenSSL's list of issues available in XML (`vulnerabilities.xml `_). If you are a vendor or an upstream project owner interested in providing your security advisories in a machine readable format and don't know where to start, feel free to reach out to mprpic@redhat.com. Currently available parsers include: "Google Chrome", ``_ "Adobe Flash", ``_ "Jenkins", "" "MySQL", ``_ "phpMyAdmin", "" "Wireshark", "" %prep %autosetup -n advisory-parser-1.12 %build %py3_build %install %py3_install install -d -m755 %{buildroot}/%{_pkgdocdir} if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi pushd %{buildroot} if [ -d usr/lib ]; then find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst fi if [ -d usr/lib64 ]; then find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst fi if [ -d usr/bin ]; then find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst fi if [ -d usr/sbin ]; then find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst fi touch doclist.lst if [ -d usr/share/man ]; then find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst fi popd mv %{buildroot}/filelist.lst . mv %{buildroot}/doclist.lst . %files -n python3-advisory-parser -f filelist.lst %dir %{python3_sitelib}/* %files help -f doclist.lst %{_docdir}/* %changelog * Fri Apr 07 2023 Python_Bot - 1.12-1 - Package Spec generated