From c3c48c9a18b31192e68bf6e1817e7dd61c059a74 Mon Sep 17 00:00:00 2001 From: zema1 Date: Sat, 25 Mar 2023 21:32:44 +0800 Subject: [PATCH 1/2] feat: release in action --- .github/workflows/release.yml | 77 +++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..440f311 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,77 @@ +name: Release WatchVuln + +on: + push: + branches: + - 'release/**' + - 'main' + release: + types: [ published ] + +permissions: + contents: read + +jobs: + build-cli: + name: Build cli + strategy: + fail-fast: true + matrix: + include: + - os: windows + arch: amd64 + output: watchvuln-windows-amd64.exe + - os: darwin + arch: amd64 + output: watchvuln-darwin-amd64 + - os: darwin + arch: arm64 + output: watchvuln-darwin-arm64 + - os: linux + arch: amd64 + output: watchvuln-linux-amd64 + - os: linux + arch: arm64 + output: watchvuln-linux-arm64 + runs-on: ubuntu-latest + env: + CGO_ENABLED: 0 + GOOS: ${{ matrix.os }} + GOARCH: ${{ matrix.arch }} + steps: + - uses: actions/checkout@v3 + with: + submodules: recursive + - uses: actions/setup-go@v3 + with: + go-version: 1.19 + cache: true + - run: go build -trimpath -ldflags "-w -s -extldflags '-static'" -o target/${{ matrix.output }} + - uses: actions/upload-artifact@v3 + with: + name: target + path: target/* + + collect-release: + name: Release + needs: [ build-cli ] + runs-on: ubuntu-latest + permissions: + contents: write + steps: + - uses: actions/checkout@v3 + - uses: actions/download-artifact@v3 + with: + name: target + path: target + - run: ls -al target && ls -R target/ && file target/ + - uses: actions/upload-artifact@v3 + with: + name: release-build + path: target/* + + # release assets + - uses: softprops/action-gh-release@v1 + if: startsWith(github.ref, 'refs/tags/') + with: + files: target/* From 13c565115a08d067e3a736255d0769e5a81c12e0 Mon Sep 17 00:00:00 2001 From: zema1 Date: Sat, 25 Mar 2023 21:42:38 +0800 Subject: [PATCH 2/2] feat: update README --- .github/workflows/release.yml | 5 ----- README.md | 4 +++- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 440f311..f6bf087 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -65,11 +65,6 @@ jobs: name: target path: target - run: ls -al target && ls -R target/ && file target/ - - uses: actions/upload-artifact@v3 - with: - name: release-build - path: target/* - # release assets - uses: softprops/action-gh-release@v1 if: startsWith(github.ref, 'refs/tags/') diff --git a/README.md b/README.md index c976a51..f1945ad 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # WatchVuln 高价值漏洞采集与推送 众所周知,CVE 漏洞库中 99% 以上的漏洞只是无现实意义的编号。我想集中精力看下当下需要关注的高价值漏洞有哪些,而不是被各类 RSS -和公众号的 ~~威胁情报~~ 淹没。 于是这个小项目来抓取部分高质量的漏洞信息源然后做推送。 `WatchVuln`意为**监测**漏洞更新,同时也表示这些漏洞需要**注意** +和公众号的 ~~威胁情报~~ 淹没。 于是写了这个小项目来抓取部分高质量的漏洞信息源然后做推送。 `WatchVuln`意为**监测**漏洞更新,同时也表示这些漏洞需要**注意** 一下。 当前抓取了这几个站点的数据: @@ -13,6 +13,8 @@ | 奇安信威胁情报中心 | https://ti.qianxin.com/vulnerability | 等级为高危严重**并且**包含 `奇安信CERT验证` `POC公开` `技术细节公布`标签之一 | > 所有站点采用的都是公开接口,且抓取策略很柔和,无恶意。如果有侵权,请提交 issue, 我会删除相关源。 +> +> 如果有更好的信息源也可以反馈给我,需要能够响应及时 & 漏洞有价值 当有漏洞更新时,会受到一条推送消息: