{"id":50401158,"url":"https://github.com/devopsvanilla/vicarius-reports","last_synced_at":"2026-05-30T23:30:46.304Z","repository":{"id":358784173,"uuid":"1242900633","full_name":"devopsvanilla/vicarius-reports","owner":"devopsvanilla","description":null,"archived":false,"fork":false,"pushed_at":"2026-05-19T02:59:44.000Z","size":28,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-19T04:58:40.607Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devopsvanilla.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-18T21:36:00.000Z","updated_at":"2026-05-19T02:59:48.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/devopsvanilla/vicarius-reports","commit_stats":null,"previous_names":["devopsvanilla/vicarius-reports"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/devopsvanilla/vicarius-reports","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devopsvanilla%2Fvicarius-reports","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devopsvanilla%2Fvicarius-reports/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devopsvanilla%2Fvicarius-reports/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devopsvanilla%2Fvicarius-reports/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devopsvanilla","download_url":"https://codeload.github.com/devopsvanilla/vicarius-reports/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devopsvanilla%2Fvicarius-reports/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33714033,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-30T02:00:06.278Z","response_time":92,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-05-30T23:30:42.237Z","updated_at":"2026-05-30T23:30:46.299Z","avatar_url":"https://github.com/devopsvanilla.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# vicarius-reports\n\nÍndice dos scripts do projeto para coleta/enriquecimento de CVEs Ubuntu via Vicarius + OVAL.\n\n## Visão geral do fluxo\n\n1. `get_endpoint_so.py` gera o mapeamento endpoint -\u003e SO/versão.\n2. `get_oval_ubuntu.py` baixa os feeds OVAL das releases detectadas.\n3. `get_active_cve.py` gera relatório final (`jsonl`, `xlsx`, `csv`) e dashboard.\n4. `get_ubuntu_oval_status.py` é utilitário técnico (normalmente chamado internamente pelo passo 3).\n\n## Índice dos scripts\n\n| Script                        | Função principal                                                  | Entradas                                                        | Saídas                                                                                                                    |\n| ----------------------------- | ------------------------------------------------------------------- | --------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------- |\n| `get_endpoint_so.py`        | Consulta endpoints no Vicarius e resolve SO/versão                 | `.env` (`VICARIUS_BASE_URL`, `VICARIUS_API_KEY`)          | `reports/endpoint_so.jsonl`                                                                                              |\n| `get_oval_ubuntu.py`        | Baixa e descompacta OVAL Ubuntu por release                         | `reports/endpoint_so.jsonl`                                   | `reports/oval/*.xml` e `reports/oval/*.bz2`                                                                            |\n| `get_active_cve.py`         | Coleta CVEs ativas, enriquece status Ubuntu e gera relatório final | `.env`, `reports/endpoint_so.jsonl`, `reports/oval/*.xml` | `reports/active_cve.jsonl`, `reports/active_cve.xlsx`, `reports/active_cve.csv`, `reports/ubuntu_oval_cache.jsonl` |\n| `get_ubuntu_oval_status.py` | Resolve status de CVE em OVAL/API Ubuntu (uso técnico)             | `--ubuntu`, `--cve`, `--pkg`                              | JSON em stdout                                                                                                             |\n\n## Pré-requisitos\n\nPara executar os scripts nesta estação (Linux), certifique-se de ter:\n\n- **Sistema Operacional:** Linux (ambiente de terminal Bash/Zsh).\n- **Python 3:** Instalado no sistema.\n- **Módulo venv:** Necessário para o isolamento das bibliotecas (em distros Debian/Ubuntu, instalável via `sudo apt install python3-venv`).\n- **Acesso à rede:** Para o download dos feeds OVAL Ubuntu e comunicação com a API do Vicarius.\n- **Credenciais do Vicarius:** URL Base e chave de API para o arquivo de configuração `.env`.\n\n## Execução\n\n```shell\ngit clone https://github.com/loonar-morpheus-sysint/vicarius-reports.git\ncd vicarius-reports\n\npython3 -m venv .venv\nsource .venv/bin/activate\npip install -r requirements.txt\n\ncp .env-sample .env\n\n# Edite o arquivo .env com sua API e URL (opcionalmente com $EDITOR)\n${EDITOR:-vi} .env\n\n# Execute os scripts nessa ordem\npython3 get_endpoint_so.py\npython3 get_oval_ubuntu.py\npython3 get_active_cve.py --force-update\n```\n\n## Estrutura esperada de artefatos\n\n```text\nreports/\n├── endpoint_so.jsonl\n├── active_cve.jsonl\n├── active_cve.xlsx\n├── active_cve.csv\n├── ubuntu_oval_cache.jsonl\n└── oval/\n    ├── com.ubuntu.\u003ccodename\u003e.usn.oval.xml\n    └── com.ubuntu.\u003ccodename\u003e.cve.oval.xml\n```\n\n## Documentação detalhada\n\n- `get_active_cve.py`: veja [`get_active_cve.md`](./get_active_cve.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevopsvanilla%2Fvicarius-reports","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdevopsvanilla%2Fvicarius-reports","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevopsvanilla%2Fvicarius-reports/lists"}