new: [core] Added new report_error function and preparing a first trusted release on Pypi.

Author: cedricbonhomme

.github/workflows/release.yml

@@ -0,0 +1,27 @@
+on:
+  release:
+    types:
+      - published
+
+name: release
+
+jobs:
+  pypi-publish:
+    name: Upload release to PyPI
+    runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/p/FediVuln
+
+    permissions:
+      id-token: write  # IMPORTANT: this permission is mandatory for trusted publishing
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Install Poetry
+        run: python -m pip install --upgrade pip poetry
+      - name: Build artifacts
+        run: poetry build
+      - name: Publish package distributions to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1

CHANGELOG.md

@@ -0,0 +1,23 @@
+# Changelog
+
+## Release 1.0.0 (2025-02-13)
+
+This release introduces the capability to report errors, warnings,
+and heartbeats to a Valkey datastore, facilitating centralized monitoring.
+
+
+## Release 0.8.0 (2025-01-23)
+
+Bugfix (stupid bug) and updated dependencies.
+
+
+## Release 0.7.0 (2025-01-14)
+
+Regular expressions are now defined in the configuration file.
+
+
+## Release 0.6.2 (2024-12-16)
+
+Directly return the updated status before trying another source of
+vulnerabilities. This prevents overriding the content generated in
+the previous try block.

fedivuln/publish.py

@@ -7,7 +7,7 @@
 from mastodon import Mastodon
 
 from fedivuln import config
-from fedivuln.utils import heartbeat
+from fedivuln.utils import heartbeat, report_error
 
 # Set up your Mastodon instance with access credentials
 if config.mastodon_clientcred_push and config.mastodon_usercred_push:
@@ -117,10 +117,13 @@ def listen_to_http_event_stream(url, headers=None, params=None, topic="comment")
 
     except requests.exceptions.RequestException as req_err:
         print(f"Request error: {req_err}")
+        report_error("error", f"Request error with HTTP event stream: {req_err}")
     except KeyboardInterrupt:
         print("\nStream interrupted by user. Closing connection.")
+        report_error("error", "Stream interrupted by user. Closing connection.")
     except Exception as e:
         print(f"Unexpected error: {e}")
+        report_error("error", f"Unexpected error in listen_to_http_event_stream: {e}")
 
 
 def listen_to_valkey_stream(topic="comment"):
@@ -141,7 +144,7 @@ def listen_to_valkey_stream(topic="comment"):
                 # Send entire JSON object as a single `data:` line
                 json_message = json.dumps(message["data"])  # Ensure single-line JSON
                 yield f"{json_message}"
-            heartbeat(process_name=f"process_FediVuln-Publish_{topic}_heartbeat")
+            heartbeat(process_name=f"process_heartbeat_FediVuln-Publish_{topic}")
     except GeneratorExit:
         valkey_client.unsubscribe(topic)
     except valkey.exceptions.ConnectionError:

fedivuln/stream.py

@@ -7,7 +7,7 @@
 from pyvulnerabilitylookup import PyVulnerabilityLookup
 
 from fedivuln import config
-from fedivuln.utils import heartbeat
+from fedivuln.utils import heartbeat, report_error
 
 
 # Custom encoder for datetime
@@ -50,11 +50,11 @@ def on_update(self, status):
             if self.push_sighting:
                 push_sighting_to_vulnerability_lookup(
                     status["uri"], vulnerability_ids
-                )  # Push the sighting to Vulnerability Lookup
+                )  # Push the sighting to Vulnerability-Lookup
             # if self.push_status:
             #     push_status_to_vulnerability_lookup(
             #         status, vulnerability_ids
-            #     )  # Push the status to Vulnerability Lookup
+            #     )  # Push the status to Vulnerability-Lookup
         else:
             print("No ID detected. Ignoring.")
 
@@ -71,9 +71,10 @@ def on_direct_message(self, message):
     # Handle any errors in streaming
     def on_abort(self, err):
         print("Stream aborted with error:", err)
+        report_error("error", f"Stream aborted with error: {err}")
 
     def handle_heartbeat(self):
-        heartbeat(process_name="process_FediVuln-Stream_heartbeat")
+        heartbeat(process_name="process_heartbeat_FediVuln")
 
 
 def remove_case_insensitive_duplicates(input_list):
@@ -86,23 +87,27 @@ def remove_case_insensitive_duplicates(input_list):
 
 
 def push_sighting_to_vulnerability_lookup(status_uri, vulnerability_ids):
-    """Create a sighting from an incoming status and push it to the Vulnerability Lookup instance."""
-    print("Pushing sighting to Vulnerability Lookup…")
+    """Create a sighting from an incoming status and push it to the Vulnerability-Lookup instance."""
+    print("Pushing sighting to Vulnerability-Lookup…")
     vuln_lookup = PyVulnerabilityLookup(
         config.vulnerability_lookup_base_url, token=config.vulnerability_auth_token
     )
     for vuln in vulnerability_ids:
         # Create the sighting
         sighting = {"type": "seen", "source": status_uri, "vulnerability": vuln}
 
-        # Post the JSON to Vulnerability Lookup
+        # Post the JSON to Vulnerability-Lookup
         try:
             r = vuln_lookup.create_sighting(sighting=sighting)
             if "message" in r:
                 print(r["message"])
         except Exception as e:
             print(
-                f"Error when sending POST request to the Vulnerability Lookup server:\n{e}"
+                f"Error when sending POST request to the Vulnerability-Lookup server:\n{e}"
+            )
+            report_error(
+                "error",
+                f"Error when sending POST request to the Vulnerability-Lookup server: {e}",
             )
 
 
@@ -123,12 +128,12 @@ def main():
     parser.add_argument(
         "--push-sighting",
         action="store_true",
-        help="Push the sightings to Vulnerability Lookup.",
+        help="Push the sightings to Vulnerability-Lookup.",
     )
     # parser.add_argument(
     #     "--push-status",
     #     action="store_true",
-    #     help="Push the status to Vulnerability Lookup.",
+    #     help="Push the status to Vulnerability-Lookup.",
     # )
 
     arguments = parser.parse_args()

fedivuln/utils.py

@@ -4,7 +4,8 @@
 
 from fedivuln import config
 
-valkey_client = valkey.Valkey(config.valkey_host, config.valkey_port)
+if config.heartbeat_enabled:
+    valkey_client = valkey.Valkey(config.valkey_host, config.valkey_port)
 
 
 def heartbeat(process_name) -> None:
@@ -16,3 +17,16 @@ def heartbeat(process_name) -> None:
     except Exception as e:
         print(f"Heartbeat error: {e}")
         raise  # Propagate the error to stop the process
+
+
+def report_error(level="warning", message="", key="process_logs_FediVuln") -> None:
+    """Reports an error or warning in the Valkey datastore."""
+    timestamp = time.time()
+    log_entry = {"timestamp": timestamp, "level": level, "message": message}
+    try:
+        # Add the log entry to a list, so multiple messages are preserved
+        valkey_client.rpush(key, str(log_entry))
+        valkey_client.expire(key, 86400)  # Expire after 24 hours
+    except Exception as e:
+        print(f"Error reporting failure: {e}")
+        raise

poetry.lock

@@ -5,15 +5,15 @@ build-backend = "poetry.core.masonry.api"
 
 [project]
 name = "FediVuln"
-version = "0.8.0"
+version = "1.0.0"
 description = "A client to gather vulnerability-related information from the Fediverse."
 authors = [
     {name = "Cédric Bonhomme", email = "[email protected]"}
 ]
 license = "GPL-3.0-or-later"
 readme = "README.md"
 keywords = ["Vulnerability-Lookup", "Vulnerability", "CVE", "Fediverse", "Mastodon"]
-# classifieres is dynamic because we want to create Python classifiers automatically
+
 dynamic = ["classifiers"]
 
 requires-python = ">=3.10,<4.0"
@@ -28,6 +28,7 @@ dependencies = [
 [project.urls]
 Homepage = "https://github.com/vulnerability-lookup/FediVuln"
 Repository = "https://github.com/vulnerability-lookup/FediVuln"
+Changelog = "https://github.com/vulnerability-lookup/FediVuln/blob/main/CHANGELOG.md"
 
 
 [project.scripts]