{"id":48883271,"url":"https://github.com/adminlove520/github_cve_monitor","last_synced_at":"2026-04-16T04:04:09.913Z","repository":{"id":316107615,"uuid":"1061932151","full_name":"adminlove520/github_cve_monitor","owner":"adminlove520","description":"一个无可匹敌的傻逼Bug","archived":false,"fork":false,"pushed_at":"2026-04-11T05:21:56.000Z","size":79328,"stargazers_count":6,"open_issues_count":5,"forks_count":2,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-11T06:11:02.466Z","etag":null,"topics":["cve","cve-monitor","exp","poc"],"latest_commit_sha":null,"homepage":"https://adminlove520.github.io/github_cve_monitor/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/adminlove520.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-09-22T15:21:44.000Z","updated_at":"2026-04-11T05:21:59.000Z","dependencies_parsed_at":"2025-10-15T06:39:14.873Z","dependency_job_id":null,"html_url":"https://github.com/adminlove520/github_cve_monitor","commit_stats":null,"previous_names":["adminlove520/github_cve_monitor"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/adminlove520/github_cve_monitor","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adminlove520%2Fgithub_cve_monitor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adminlove520%2Fgithub_cve_monitor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adminlove520%2Fgithub_cve_monitor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adminlove520%2Fgithub_cve_monitor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/adminlove520","download_url":"https://codeload.github.com/adminlove520/github_cve_monitor/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adminlove520%2Fgithub_cve_monitor/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31870520,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-15T15:24:51.572Z","status":"online","status_checked_at":"2026-04-16T02:00:06.042Z","response_time":69,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve","cve-monitor","exp","poc"],"created_at":"2026-04-16T04:03:51.797Z","updated_at":"2026-04-16T04:04:09.902Z","avatar_url":"https://github.com/adminlove520.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Github CVE 监控 ![版本](https://img.shields.io/badge/version-3.0-blue.svg)\n\n\u003e 使用 Github Actions 自动监控 Github 上的 CVE 信息\n\n\n## 文档 📖 \n\n访问 [cve-monitor](https://adminlove520.github.io/github_cve_monitor/) 查看演示。 \n\n### 命令行使用  💻\n\n执行  `python main.py` \n\n### 使用 Github-Action ⚙️\n\n查看 [run.yml](https://github.com/adminlove520/github_cve_monitor/blob/main/.github/workflows/run.yml) 文件\n\n## 安装 💿\n\n### 依赖项\n\n```\npip install -r requirements.txt\n```\n\n## ⚠️ 限制 \n\nGithub API 每页限制返回 100 条记录 \n\n### 数据获取与安全改进\n\n为了解决GitHub API的请求限制问题并提高安全性，本项目实现了新的数据获取和缓存机制。\n\n#### 新的数据获取方式\n\n我们引入了一个专门的工作流`data_fetch.yml`，该工作流：\n- 每30分钟自动运行一次\n- 优先使用`secrets.GH_TOKEN`，其次使用`GITHUB_TOKEN`进行认证\n- 获取统计数据和每日报告数据\n- 将数据缓存为JSON文件存储在仓库中\n\n#### 安全改进\n\n- **移除前端token依赖**：统计数据和每日报告页面现在直接从缓存的JSON文件读取数据，不再在前端代码中使用或暴露GitHub Token\n- **降低API调用频率**：通过缓存机制显著减少了API调用次数，避免触发速率限制\n- **提高页面加载速度**：从本地JSON文件读取数据比实时调用API更快\n- **增强稳定性**：即使GitHub API暂时不可用，页面仍能显示缓存的数据\n\n#### 缓存文件\n\n数据存储在以下位置：\n- `docs/data/cache/stats.json` - 统计数据缓存\n- `docs/data/cache/reports.json` - 每日报告数据缓存\n\n#### 配置GitHub Token（后端使用）\n\n要配置用于后端数据获取的GitHub Token：\n\n1. **GitHub Actions**：\n   - 在GitHub仓库设置中添加名为 `GH_TOKEN` 的Secret\n     - 进入仓库 \u003e Settings \u003e Secrets and variables \u003e Actions\n     - 点击\"New repository secret\"\n     - Name: `GH_TOKEN`\n     - Secret: 你的GitHub个人访问令牌\n   - 工作流程已配置为自动使用此令牌\n\n2. **本地运行**（仅用于测试）：\n   - 设置环境变量 `GITHUB_TOKEN` 为你的令牌值\n   ```bash\n   export GITHUB_TOKEN=your_token_here  # Linux/Mac\n   set GITHUB_TOKEN=your_token_here     # Windows\n   ```\n\n#### Token权限要求\n\nGitHub Token需要以下权限：\n- `public_repo` - 访问公共仓库信息\n- `repo` (可选) - 如果需要访问私有仓库\n\n## 路线图\n\n| 状态 | 任务  | 版本 |\n|---|---|---|\n| 🛠 | 修复增长率显示baseline问题\u0026本周热点CVE时间维度显示不正确（滞后性bug）\u0026修正API错误: GitHub API 调用失败: 403以及敏感信息特殊过滤 | 3.0 |\n| 🛠 | 修复每日 情报速递 报告的当日获取逻辑问题\u0026以及原始条数\u0026判断依据由created_at改为updated_at（*有待商榷*） | 3.0 |\n| 🛠 | 解决UTC*CN*时区问题\u0026导致出现 24 小时延迟的问题，即出现23日的 情报速递 报告 而不是 22 日的 情报速递 报告 | 3.0 |\n| 🛠 | 添加**钉钉**、**飞书**推送*当日 情报速递 报告* | 3.0 |\n| 🛠 | 添加描述（译文）功能【暂定采用主翻译（**有道**）次翻译（**Google Translate**）】 | 3.0 |\n| 🛠 | 添加统计功能 | 3.0 |\n| ✅ | ~~修复CVE字段的bug~~ | 2.0c | \n| ✅ | ~~按CVE排序~~ | 2.0b |  \n| ✅ | ~~提取CVE~~ | 2.0 |  \n| ✅ | ~~增加API调用的响应数量（现在是30）~~ | 2.0 |\n| ✅ | 绕过API限制 | 3.0 | \n\n#### 图例\n\n| 状态 | 描述 |\n|---|---|\n| ✅ | 已完成 |\n| 🛠 | 进行中 |\n| 🟢 | 待办 | \n| 🟡 | 可能有一天会做 |\n| 🔴 | 永不  |\n#### Author\n- [Anonymous](https://github.com/adminlove520)\n- [**东方隐侠安全实验室**](https://www.dfyxsec.com/)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadminlove520%2Fgithub_cve_monitor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadminlove520%2Fgithub_cve_monitor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadminlove520%2Fgithub_cve_monitor/lists"}