{"id":18565021,"url":"https://github.com/greenbone/greenbone-scap-api","last_synced_at":"2025-04-10T04:32:10.815Z","repository":{"id":228959445,"uuid":"775014093","full_name":"greenbone/greenbone-scap-api","owner":"greenbone","description":"REST API build on top of greenbone-scap","archived":false,"fork":false,"pushed_at":"2025-04-07T06:20:21.000Z","size":999,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-04-07T07:26:35.149Z","etag":null,"topics":["api","cpe","cve","fastapi","greenbone","nist","nvd","openvas","python","rest","scap","vulnerabilities"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/greenbone.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-03-20T15:54:24.000Z","updated_at":"2025-04-07T06:20:24.000Z","dependencies_parsed_at":"2024-04-02T06:23:20.204Z","dependency_job_id":"70534418-a3ec-4dc5-a11a-020fd80433b2","html_url":"https://github.com/greenbone/greenbone-scap-api","commit_stats":null,"previous_names":["greenbone/greenbone-scap-api"],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/greenbone%2Fgreenbone-scap-api","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/greenbone%2Fgreenbone-scap-api/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/greenbone%2Fgreenbone-scap-api/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/greenbone%2Fgreenbone-scap-api/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/greenbone","download_url":"https://codeload.github.com/greenbone/greenbone-scap-api/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248157539,"owners_count":21057033,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","cpe","cve","fastapi","greenbone","nist","nvd","openvas","python","rest","scap","vulnerabilities"],"created_at":"2024-11-06T22:17:26.018Z","updated_at":"2025-04-10T04:32:10.481Z","avatar_url":"https://github.com/greenbone.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"![Greenbone Logo](https://www.greenbone.net/wp-content/uploads/gb_new-logo_horizontal_rgb_small.png)\n\n# greenbone-scap-api \u003c!-- omit in toc --\u003e\n\n[![GitHub releases](https://img.shields.io/github/release/greenbone/greenbone-scap-api.svg)](https://github.com/greenbone/greenbone-scap-api/releases)\n[![PyPI release](https://img.shields.io/pypi/v/greenbone-scap-api.svg)](https://pypi.org/project/greenbone-scap-api/)\n\nA REST API on top of [greenbone-scap](https://github.com/greenbone/greenbone-scap)\nbased on [FastAPI](https://fastapi.tiangolo.com/) to mirror the [NIST NVD CVE API].\n\nIt provides a very similar CVE API compared to [NVD NIST](https://nvd.nist.gov/developers/vulnerabilities)\nat [https://services.nvd.nist.gov/rest/json/cves/2.0][NIST NVD CVE API].\n\n## Table of Contents \u003c!-- omit in toc --\u003e\n\n- [Requirements](#requirements)\n  - [Install using pipx](#install-using-pipx)\n  - [Install using pip](#install-using-pip)\n- [Usage](#usage)\n- [Settings](#settings)\n- [Docker Compose](#docker-compose)\n- [Development](#development)\n- [Maintainer](#maintainer)\n- [License](#license)\n\n## Requirements\n\nPython 3.11 and later is supported.\n\n### Install using pipx\n\nYou can install the latest stable release of **greenbone-scap-api** from the\n[Python Package Index (pypi)][pypi] using [pipx]\n\n    python3 -m pipx install greenbone-scap-api\n\n### Install using pip\n\n\u003e [!NOTE]\n\u003e The `pip install` command does no longer work out-of-the-box in newer\n\u003e distributions like Ubuntu 23.04 because of [PEP 668](https://peps.python.org/pep-0668).\n\u003e Please use the [installation via pipx](#install-using-pipx) instead.\n\nYou can install the latest stable release of **greenbone-scap-api** from the\n[Python Package Index (pypi)][pypi] using [pip]\n\n    python3 -m pip install --user greenbone-scap-api\n\n## Usage\n\nA simple web server to serve the API can be started by running\n`greenbone-scap-api`. The settings of the web server can be controlled via\n[environment variables](#settings).\n\nInternally the `greenbone-scap-api` script uses [uvicorn](https://www.uvicorn.org/)\n\nIt's also possible to serve the API with uvicorn directly\n\n```\nuvicorn greenbone.scap.api.app:app --reload\n```\n\nUsing uvicorn directly allows for more flexibility regarding the [settings](https://www.uvicorn.org/settings/)\nfor serving the API.\n\nAfter starting the web server the CVE API is available at `http://127.0.0.1:8000/cves`\n(by default). [Interactive API docs](https://github.com/swagger-api/swagger-ui)\nare served at `http://127.0.0.1:8000/docs`.\n\n## Settings\n\n**greenbone-scap-api** can be configured via the following environment variables\n\n| Name              | Description                                                                                           | Default   |\n| ----------------- | ----------------------------------------------------------------------------------------------------- | --------- |\n| DATABASE_USER     | Username for the connection to the PostgreSQL database.                                               | scap      |\n| DATABASE_PASSWORD | Username for the connection to the PostgreSQL database.                                               |           |\n| DATABASE_NAME     | Name of the PostgreSQL database.                                                                      | scap      |\n| DATABASE_HOST     | Host where the PostgreSQL database is running. IP or DNS name.                                        | 127.0.0.1 |\n| DATABASE_PORT     | Port on which the PostgreSQL database is listening.                                                   | 5432      |\n| ECHO_SQL          | Log SQL statements. `true` or `1` to enable.                                                          | disabled  |\n| API_HOST          | IP address or DNS name to listen on                                                                   | 127.0.0.1 |\n| API_PORT          | Port to listen on                                                                                     | 8000      |\n| LOG_LEVEL         | Log level for server output. Options are `critical`, `error`, `warning`, `info`, `debug` and `trace`. | `info`    |\n\n## Docker Compose\n\nThe API is easiest to use via the provided [docker compose](https://docs.docker.com/compose/)\nfile. [The compose file](./docker/compose.yml) extends the compose file of\n[greenbone-scap](https://github.com/greenbone/greenbone-scap/blob/main/docker/compose.yml).\nPlease take a look at the [README of greenbone-scap](https://github.com/greenbone/greenbone-scap?tab=readme-ov-file#docker-compose)\nfor the initial setup of the containers.\n\nFor a quick setup the following commands can be used:\n\n```sh\ncd docker\necho \"DATABASE_PASSWORD=my-super-safe-password\" \u003e .env\ndocker compose up\n```\n\nAfter starting the containers the CVE API is available at `http://127.0.0.1:8000/cves`\n(by default). [Interactive API docs](https://github.com/swagger-api/swagger-ui)\nare served at `http://127.0.0.1:8000/docs`.\n\n\u003e [!NOTE]\n\u003e On the initial startup all CVE will be downloaded from the [NIST NVD CVE API]\n\u003e Downloading the data may take several hours and due to unreliable servers at\n\u003e NIST may even fail. After a successful full download of the data at NIST, only\n\u003e the changed and new CVEs will be downloaded. To trigger a download\n\u003e `docker compose up cve` can be used.\n\n## Development\n\n**greenbone-scap-api** uses [poetry] for its own dependency management and build\nprocess.\n\nFirst install poetry via [pipx]\n\n    python3 -m pipx install poetry\n\nAfterwards run\n\n    poetry install\n\nin the checkout directory of **greenbone-scap-api** (the directory containing the\n`pyproject.toml` file) to install all dependencies including the packages only\nrequired for development.\n\nAfterwards activate the git hooks for auto-formatting and linting via\n[autohooks].\n\n    poetry run autohooks activate\n\nValidate the activated git hooks by running\n\n    poetry run autohooks check\n\n## Maintainer\n\nThis project is maintained by [Greenbone AG][Greenbone]\n\n## License\n\nCopyright (C) 2024 [Greenbone AG][Greenbone]\n\nLicensed under the [GNU Affero General Public License v3.0 or later](LICENSE).\n\n[Greenbone]: https://www.greenbone.net/\n[poetry]: https://python-poetry.org/\n[pip]: https://pip.pypa.io/\n[pipx]: https://pypa.github.io/pipx/\n[autohooks]: https://github.com/greenbone/autohooks\n[pypi]: https://pypi.org\n[NIST NVD CVE API]: https://services.nvd.nist.gov/rest/json/cves/2.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgreenbone%2Fgreenbone-scap-api","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgreenbone%2Fgreenbone-scap-api","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgreenbone%2Fgreenbone-scap-api/lists"}