chg: Use PyVulnerabilityLookup to interact with Vulnerability-Lookup.

CIRCL · Nov 19, 2024 · 353e4d0 · 353e4d0
1 parent 39b2dab
commit 353e4d0
Show file tree

Hide file tree

Showing 5 changed files with 30 additions and 18 deletions.
diff --git a/fedivuln/conf_sample.py b/fedivuln/conf_sample.py
@@ -4,5 +4,5 @@
 mastodon_clientcred = "mastodon_clientcred.secret"
 mastodon_usercred = "mastodon_usercred.secret"
 
-vulnerability_lookup_base_url = "https://vulnerability.circl.lu/api/"
+vulnerability_lookup_base_url = "https://vulnerability.circl.lu/"
 vulnerability_auth_token = ""
diff --git a/fedivuln/config.py b/fedivuln/config.py
@@ -18,7 +18,7 @@ def load_config(path):
 
 conf = None
 try:
-    conf = load_config(os.environ.get("FEDIVULN_CONFIG", "./fedivuln/conf_sample.py"))
+    conf = load_config(os.environ.get("FEDIVULN_CONFIG", "fedivuln/conf_sample.py"))
 except Exception as exc:
     raise Exception("No configuration file provided.") from exc
 finally:

diff --git a/fedivuln/stream.py b/fedivuln/stream.py
@@ -7,6 +7,7 @@
 
 import requests
 from mastodon import Mastodon, StreamListener
+from pyvulnerabilitylookup import PyVulnerabilityLookup
 
 from fedivuln import config
 
@@ -98,24 +99,17 @@ def remove_case_insensitive_duplicates(input_list):
 def push_sighting_to_vulnerability_lookup(status_uri, vulnerability_ids):
     """Create a sighting from an incoming status and push it to the Vulnerability Lookup instance."""
     print("Pushing sighting to Vulnerability Lookup...")
-    headers_json = {
-        "Content-Type": "application/json",
-        "accept": "application/json",
-        "X-API-KEY": f"{config.vulnerability_auth_token}",
-    }
+    vuln_lookup = PyVulnerabilityLookup(
+        config.vulnerability_lookup_base_url, token=config.vulnerability_auth_token
+    )
     for vuln in vulnerability_ids:
+        # Create the sighting
         sighting = {"type": "seen", "source": status_uri, "vulnerability": vuln}
+
+        # Post the JSON to Vulnerability Lookup
         try:
-            r = requests.post(
-                urllib.parse.urljoin(config.vulnerability_lookup_base_url, "sighting/"),
-                json=sighting,
-                headers=headers_json,
-            )
-            if r.status_code not in (200, 201):
-                print(
-                    f"Error when sending POST request to the Vulnerability Lookup server: {r.reason}"
-                )
-        except requests.exceptions.ConnectionError as e:
+            vuln_lookup.create_sighting(sighting=sighting)
+        except Exception as e:
             print(
                 f"Error when sending POST request to the Vulnerability Lookup server:\n{e}"
             )

diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -40,6 +40,7 @@ FediVuln-Publish = "fedivuln.publish:main"
 [tool.poetry.dependencies]
 python = "^3.10"
 mastodon-py = "^1.8.1"
+pyvulnerabilitylookup = "^2.1.0"
 
 [tool.poetry.group.dev.dependencies]
 mypy = "^1.13.0"