update prod-staging from int

.env

@@ -6,3 +6,4 @@ RATE_LIMIT_WINDOW_SECONDS=60
 # The maximum number of connections allowed within the rate limiting window.
 # This sets the threshold for how many requests can be made in the specified time frame.
 RATE_LIMIT_MAX_CONNECTIONS=1000
+#USEMONGO=true

.github/workflows/codeql.yml

@@ -44,7 +44,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@231aa2c8a89117b126725a0e11897209b7118144
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -58,4 +58,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@231aa2c8a89117b126725a0e11897209b7118144

.github/workflows/latest-staging.yml

@@ -15,7 +15,7 @@ jobs:
     # needs: npm-run-tests
     steps:
     - name: Checkout Repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5
     - name: Log in to GCR
       run: |
         docker login docker.pkg.github.com \

.github/workflows/latest.yml

@@ -15,7 +15,7 @@ jobs:
     # needs: npm-run-tests
     steps:
     - name: Checkout Repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5
     - name: Log in to GCR
       run: |
         docker login docker.pkg.github.com \

.github/workflows/lint.yml

@@ -13,9 +13,9 @@ jobs:
 
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e
         with:
           node-version: ${{ matrix.node-version }}
       - run: npm ci
@@ -30,9 +30,9 @@ jobs:
 
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e
         with:
           node-version: ${{ matrix.node-version }}
       - run: npm ci
@@ -47,9 +47,9 @@ jobs:
 
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e
         with:
           node-version: ${{ matrix.node-version }}
       - run: npm ci

.github/workflows/release.yml

@@ -15,7 +15,7 @@ jobs:
     # needs: npm-run-tests
     steps:
     - name: Checkout Repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5
     - name: Extract tag name
       run: echo "##[set-output name=tag;]$(echo ${GITHUB_REF#refs/tags/})"
       id: extract_tag

.github/workflows/test-http.yml

@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout Repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5
     - name: Build and Run Services and Mongo Containers
       run: |
         cp docker/.docker-env.example docker/.docker-env
@@ -31,7 +31,7 @@ jobs:
       run: |
         docker compose --file test-http/docker/docker-compose.yml exec -T demon pytest src/ | tee test-http/src/testOutput.txt
     - name: Archive Test Results
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1
       with:
         name: test-results
         path: test-http/src/testOutput.txt

.github/workflows/test-integration.yml

@@ -10,14 +10,28 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout Repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5
     - name: Build and Run Services and Mongo Containers
       run: |
         cp docker/.docker-env.test-example docker/.docker-env
         docker compose --file docker/docker-compose.yml build
         docker compose --file docker/docker-compose.yml up -d
     - name: Sleep
-      run: bash -c "while ! docker compose --file docker/docker-compose.yml logs --tail=10 cveawg | grep -q 'Serving on port'; do sleep 1; done"
+      run: |
+        dockercompose="docker compose --file docker/docker-compose.yml"
+        attempts=60
+        while ! $dockercompose logs cveawg | grep -q 'Serving on port'; do
+          attempts=$(expr $attempts - 1)
+          if [ $($dockercompose ps --status running -q | wc -l) -eq 2 ] && [ $attempts -gt 0 ]; then
+            sleep 10
+            $dockercompose logs || true
+            continue
+          fi
+          $dockercompose ps || true
+          $dockercompose logs || true
+          echo "==== COULD NOT FIND 'Serving on port' in cveawg output OR one of the services died ====" 1>&2
+          exit 1
+        done
     - name: Run Tests
       run: docker compose -f docker/docker-compose.yml exec -T cveawg npm run test:integration
       continue-on-error: false

.github/workflows/test.yml

@@ -13,9 +13,9 @@ jobs:
 
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e
         with:
           node-version: ${{ matrix.node-version }}
       - run: npm ci
@@ -30,9 +30,9 @@ jobs:
 
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e
         with:
           node-version: ${{ matrix.node-version }}
       - run: npm ci

api-docs/openapi.json

@@ -1,7 +1,7 @@
 {
   "openapi": "3.0.2",
   "info": {
-    "version": "2.5.2",
+    "version": "2.5.4",
     "title": "CVE Services API",
     "description": "The CVE Services API supports automation tooling for the CVE Program. Credentials are     required for most service endpoints. Representatives of     <a href='https://www.cve.org/ProgramOrganization/CNAs'>CVE Numbering Authorities (CNAs)</a> should     use one of the methods below to obtain credentials:    <ul><li>If your organization already has an Organizational Administrator (OA) account for the CVE     Services, ask your admin for credentials</li>     <li>Contact your Root (<a href='https://www.cve.org/PartnerInformation/ListofPartners/partner/Google'>Google</a>,     <a href='https://www.cve.org/PartnerInformation/ListofPartners/partner/INCIBE'>INCIBE</a>,     <a href='https://www.cve.org/PartnerInformation/ListofPartners/partner/jpcert'>JPCERT/CC</a>, or     <a href='https://www.cve.org/PartnerInformation/ListofPartners/partner/redhat'>Red Hat</a>) or     Top-Level Root (<a href='https://www.cve.org/PartnerInformation/ListofPartners/partner/icscert'>CISA ICS</a>     or <a href='https://www.cve.org/PartnerInformation/ListofPartners/partner/mitre'>MITRE</a>) to request credentials     </ul>     <p>CVE data is to be in the JSON 5.1 CVE Record format. Details of the JSON 5.1 schema are     located <a href='https://github.com/CVEProject/cve-schema/tree/v5.1.1-rc2/schema' target='_blank'>here</a>.</p>    <a href='https://cveform.mitre.org/' class='link' target='_blank'>Contact the CVE Services team</a>",
     "contact": {
@@ -1190,6 +1190,63 @@
         }
       }
     },
+    "/cve_count": {
+      "get": {
+        "tags": [
+          "CVE Record"
+        ],
+        "summary": "Retrieves the count of all the CVE Records after applying the query parameters as filters (accessible to all users)",
+        "description": "  <h2>Access Control</h2>  <p>Endpoint is accessible to all</p>  <h2>Expected Behavior</h2>  <p>Retrieves the count of all CVE records for all organizations</p>",
+        "operationId": "cveGetFilteredCount",
+        "parameters": [
+          {
+            "$ref": "#/components/parameters/cveState"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "A count of the total number of filtered CVE records",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "../schemas/cve/get-cve-record-count.json"
+                }
+              }
+            }
+          },
+          "400": {
+            "description": "Bad Request",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "../schemas/errors/bad-request.json"
+                }
+              }
+            }
+          },
+          "404": {
+            "description": "Not Found",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "../schemas/errors/generic.json"
+                }
+              }
+            }
+          },
+          "500": {
+            "description": "Internal Server Error",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "../schemas/errors/generic.json"
+                }
+              }
+            }
+          }
+        }
+      }
+    },
     "/cve_cursor": {
       "get": {
         "tags": [

docker/docker-compose.yml

@@ -1,8 +1,7 @@
-version: '3'
 services:
   docdb:
     # use a mongo image that most closely matches the DocumentDB API
-    image: mongo:3.6.20-xenial
+    image: mongo:5.0
     container_name: mongo
     env_file: .docker-env
     networks: ["cve-services"]