Conversation
cmd/cvetool/update.go
Outdated
| if !lastUpdate.IsZero() { | ||
| fmt.Printf("Last update: %s (%s ago)\n", lastUpdate.Format(time.RFC1123), time.Since(lastUpdate).Round(time.Second)) | ||
| if time.Since(lastUpdate) > (24 * time.Hour * 30) { | ||
| return fmt.Errorf("Database more than 30 days old, refusing to update. Delete the database and run this commmand again.") |
There was a problem hiding this comment.
| return fmt.Errorf("Database more than 30 days old, refusing to update. Delete the database and run this commmand again.") | |
| return fmt.Errorf("Database more than 30 days old, refusing to update. Delete the database and run this command again.") |
cmd/cvetool/update.go
Outdated
| if !lastUpdate.IsZero() { | ||
| fmt.Printf("Last update: %s (%s ago)\n", lastUpdate.Format(time.RFC1123), time.Since(lastUpdate).Round(time.Second)) | ||
| if time.Since(lastUpdate) > (24 * time.Hour * 30) { | ||
| return fmt.Errorf("Database more than 30 days old, refusing to update. Delete the database and run this commmand again.") |
There was a problem hiding this comment.
Can we print out the path of the database so that the user knows what to delete?
cmd/cvetool/update.go
Outdated
|
|
||
| if !lastUpdate.IsZero() { | ||
| fmt.Printf("Last update: %s (%s ago)\n", lastUpdate.Format(time.RFC1123), time.Since(lastUpdate).Round(time.Second)) | ||
| if time.Since(lastUpdate) > (24 * time.Hour * 30) { |
There was a problem hiding this comment.
Can we make this some kind of constant so that it is not hardcoded in the middle of the code?
vojtapolasek
left a comment
vojtapolasek
left a comment
There was a problem hiding this comment.
In general I agree with the implementation and I acknowledge the reason; downloading many updates causes many small HTTP requests -> inefficiency -> actually higher amount of transfered data because if the user would download full database, it would be compressed.
I just have one thing apart from comments; could we put there some kind of command line parameter / env variable to override this behavior? I think a user should be given chance to go with the old way if they really wish so.
Very old databases can cause 1000+ http requests due getting every CVE. For very old database it is better to download the latest new archive.
2 participants
Very old databases can causes 1000+ changes (ie. HTTP request) due getting every CVE listed in changes.csv getting updated. For very old database it is better to download the latest new archive.