All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.metaeffekt.mirror.download.other.EpssDownload Maven / Gradle / Ivy

/*
 * Copyright 2021-2024 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.metaeffekt.mirror.download.other;

import com.metaeffekt.artifact.analysis.utils.ArchiveUtils;
import com.metaeffekt.artifact.analysis.utils.FileUtils;
import com.metaeffekt.mirror.download.documentation.MirrorMetadata;
import com.metaeffekt.mirror.download.Download;
import com.metaeffekt.mirror.download.ResourceLocation;
import lombok.extern.slf4j.Slf4j;

import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Optional;

/**
 * 

References:

* *

The EPSS (Exploit Prediction Scoring System) scores are available as a single CSV file, compressed using GZIP format, which is retrieved from the official EPSS data provider.

*/ @Slf4j @MirrorMetadata(directoryName = "epss", mavenPropertyName = "epssDownload") public class EpssDownload extends Download { public EpssDownload(File baseMirrorDirectory) { super(baseMirrorDirectory, EpssDownload.class); } @Override protected void performDownload() { final URL epssScoreDownloadUrl = getRemoteResourceLocationUrl(ResourceLocationEpss.EPSS_ALL_SCORES_CSV); final File downloadIntoFile = getDownloadIntoFile(); super.downloader.fetchResponseBodyFromUrlToFile(epssScoreDownloadUrl, downloadIntoFile); final ArrayList unpackIssues = new ArrayList<>(); if (!ArchiveUtils.unpackIfPossible(downloadIntoFile, super.getDownloadIntoDirectory(), unpackIssues)) { log.error("Issue(s) during unpacking of EPSS scores archive from: {}", downloadIntoFile); unpackIssues.forEach(issue -> log.error(" - {}", issue)); throw new IllegalStateException("Issue(s) during unpacking of EPSS scores archive from: " + downloadIntoFile + "\n - " + String.join("\n - ", unpackIssues)); } super.propertyFiles.set(super.getDownloadIntoDirectory(), "info", InfoFileAttributes.EPSS_PREFIX.getKey() + "resource-size", String.valueOf(downloadIntoFile.length())); try { FileUtils.delete(downloadIntoFile); } catch (IOException e) { throw new IllegalStateException("Could not delete downloaded EPSS scores archive: " + downloadIntoFile, e); } } private File getDownloadIntoFile() { return new File(super.getDownloadIntoDirectory(), "epss_scores-current.csv.gz"); } @Override protected boolean additionalIsDownloadRequired() { final URL epssScoreDownloadUrl = getRemoteResourceLocationUrl(ResourceLocationEpss.EPSS_ALL_SCORES_CSV); final long fetchedFileSize = super.downloader.fetchFileSizeFromUrl(epssScoreDownloadUrl, false); if (fetchedFileSize < 0) { log.info("Skipping check for EPSS mirror requirement: EPSS scores file size at {} could not be fetched without downloading entire file.", epssScoreDownloadUrl); return false; } final Optional presentSize = super.propertyFiles.getLong(super.getDownloadIntoDirectory(), "info", InfoFileAttributes.EPSS_PREFIX.getKey() + "resource-size"); if (!presentSize.isPresent()) { log.info("EPSS mirror is required: EPSS scores file size at {} is not present. New size: {}", epssScoreDownloadUrl, fetchedFileSize); super.propertyFiles.set(super.getDownloadIntoDirectory(), "info", InfoFileAttributes.EPSS_PREFIX.getKey() + "resource-size", String.valueOf(fetchedFileSize)); return true; } final boolean isNotEqual = fetchedFileSize != presentSize.get(); if (isNotEqual) { log.info("EPSS mirror is required: EPSS scores file size at {} has changed. Old size: {}, new size: {}", epssScoreDownloadUrl, presentSize.get(), fetchedFileSize); super.propertyFiles.set(super.getDownloadIntoDirectory(), "info", InfoFileAttributes.EPSS_PREFIX.getKey() + "resource-size", String.valueOf(fetchedFileSize)); } return isNotEqual; } @Override public void setRemoteResourceLocation(String location, String url) { super.setRemoteResourceLocation(ResourceLocationEpss.valueOf(location), url); } /** * The ResourceLocationEOL enum defines the URLs for accessing the EPSS data feeds. * https://www.first.org/epss/data_stats */ public enum ResourceLocationEpss implements ResourceLocation { /** * URL for fetching the current CSV file with the EPSS scores.
* Data is of format: *
         * #model_version:v2023.03.01,score_date:2024-04-17T00:00:00+0000
         * cve,epss,percentile
         * CVE-1999-0001,0.00383,0.72764
         * CVE-1999-0002,0.02080,0.88906
         * CVE-1999-0003,0.04409,0.92276
         * CVE-1999-0004,0.00917,0.82643
         * CVE-1999-0005,0.91963,0.98891
         * 
* Default value: https://epss.cyentia.com/epss_scores-current.csv.gz */ EPSS_ALL_SCORES_CSV("https://epss.cyentia.com/epss_scores-current.csv.gz"), /** * If you would like historical data for EPSS, you can directly access daily files by entering the target date into the URL in this format: * https://epss.cyentia.com/epss_scores-YYYY-mm-dd.csv.gz, where YYYY is the four digit year, mm is the two digit month and dd is a two digit day.

* For example, if you want to pull February 1st, 2023, you would retrieve https://epss.cyentia.com/epss_scores-2023-02-01.csv.gz. *

    *
  1. %s - Year (YYYY)
  2. *
  3. %s - Month (mm)
  4. *
  5. %s - Day (dd)
  6. *
*/ EPSS_SPECIFIC_DATE_CSV("https://epss.cyentia.com/epss_scores-%s-%s-%s.csv.gz"); private final String defaultValue; ResourceLocationEpss(String defaultValue) { this.defaultValue = defaultValue; } @Override public String getDefault() { return this.defaultValue; } } }




© 2015 - 2025 Weber Informatics LLC | Privacy Policy