Python script to mine CVEs from git projects and create some statisctisc about them.
> PostgreSQL
> Airtable
Currently the tool optinally stores mined data in a predetermined airtable. The data needed to identify cve-s is stored in a Postrge database, therefore it is also needed for usage.
The script is intended to be used in order to mine a git repository. This repository can should be accessable both by local paths and git checkout links.
It is also possible to mine a set of projects from a json file. The file should contain a list of dictionaries, each of which needs to have a url string key, that holds the api path to the repo.
> [{
>"url": "https://api.github.com/repos/django/django",
>"something": "123" ...
>}, ... ]
> cve_miner -o https://github.com/someone/something.git
> cve_miner -l /home/username/gitrepo
> cve_miner -d
> cve_miner -db
> Since the tool uses both a local and a cload database, and is designed to be able to mine more then one project at a time, it is possible to save the postgre password and the airtable api key. Otherwise these will be requested for every project that is being mined.
> The mined data is currenctly being stored in an airtable, to access this you will need an api key, by default only a local stats.json will be created
The output data will be stored in a json file, and multiple files with various statistics should be created.