From 1920fe32a9bd0d55eb6f063ebb183344331700c3 Mon Sep 17 00:00:00 2001 From: Willis Berrios Date: Tue, 19 Nov 2024 21:31:29 +0000 Subject: [PATCH] Added hookspec for third party plugin to update databases. --- .../cvebin2vex/surfactantplugin_cvebintool2vex.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/plugins/cvebin2vex/surfactantplugin_cvebintool2vex.py b/plugins/cvebin2vex/surfactantplugin_cvebintool2vex.py index 72aa77d4..b9be94f0 100644 --- a/plugins/cvebin2vex/surfactantplugin_cvebintool2vex.py +++ b/plugins/cvebin2vex/surfactantplugin_cvebintool2vex.py @@ -210,3 +210,16 @@ def cvebintool2vex(sbom: SBOM, software: Software, filename: str, filetype: str) # Clean up extra files delete_extra_files(cdxvex_file_path, vex_file_path, json_file_path) + +from pluggy import HookimplMarker + +hookimpl = HookimplMarker("surfactant") + +@hookimpl +def update_db(): + # Example update logic + try: + subprocess.check_call(["cve-bin-tool", "--update", "now", "."]) + return "Database updated successfully." + except subprocess.CalledProcessError as e: + return f"Failed to update database: {e}"