Release v1.1.0: year/limit filters and unified release workflow

Author: DebaA17

.github/workflows/release.yml

@@ -0,0 +1,149 @@
+name: Release
+
+on:
+  workflow_dispatch:
+  push:
+    tags:
+      - "v*"
+
+permissions:
+  contents: write
+
+jobs:
+  build:
+    name: Build (${{ matrix.asset_suffix }})
+    runs-on: ${{ matrix.runs_on }}
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - runs_on: windows-latest
+            asset_suffix: windows-x64
+            add_data: "VERSION;."
+            exe_name: cvecli.exe
+          - runs_on: ubuntu-latest
+            asset_suffix: linux-x64
+            add_data: "VERSION:."
+            exe_name: cvecli
+          - runs_on: macos-13
+            asset_suffix: macos-x64
+            add_data: "VERSION:."
+            exe_name: cvecli
+          - runs_on: macos-14
+            asset_suffix: macos-arm64
+            add_data: "VERSION:."
+            exe_name: cvecli
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Derive version
+        id: version
+        shell: bash
+        run: |
+          tag="${GITHUB_REF_NAME}"
+          version="${tag#v}"
+          echo "version=$version" >> "$GITHUB_OUTPUT"
+          printf '%s\n' "$version" > VERSION
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install dependencies
+        shell: bash
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install -r requirements.txt
+          python -m pip install pyinstaller
+
+      - name: Build binary (PyInstaller)
+        shell: bash
+        run: |
+          pyinstaller --noconfirm --clean --onefile --name cvecli --add-data "${{ matrix.add_data }}" cve_search_cli.py
+
+      - name: Package + checksums
+        shell: bash
+        run: |
+          python - <<'PY'
+          import hashlib
+          import os
+          import pathlib
+          import zipfile
+          from datetime import datetime
+          
+          version = os.environ["VERSION"]
+          suffix = os.environ["ASSET_SUFFIX"]
+          exe_name = os.environ["EXE_NAME"]
+          
+          repo = pathlib.Path(".").resolve()
+          dist = repo / "dist"
+          exe_path = dist / exe_name
+          if not exe_path.exists():
+            raise SystemExit(f"missing built binary: {exe_path}")
+          
+          zip_name = f"cvecli-{version}-{suffix}.zip"
+          sha_name = f"SHA256SUMS-{suffix}.txt"
+          
+          def sha256_file(path: pathlib.Path) -> str:
+            h = hashlib.sha256()
+            with path.open("rb") as f:
+              for chunk in iter(lambda: f.read(1024 * 1024), b""):
+                h.update(chunk)
+            return h.hexdigest()
+          
+          files_for_zip = [
+            (exe_path, exe_name),
+            (repo / "LICENSE", "LICENSE"),
+            (repo / "README.md", "README.md"),
+          ]
+          
+          with zipfile.ZipFile(zip_name, "w", compression=zipfile.ZIP_DEFLATED) as zf:
+            for src, arc in files_for_zip:
+              zf.write(src, arcname=arc)
+          
+          lines = []
+          lines.append(f"{sha256_file(exe_path)}  {exe_name}")
+          lines.append(f"{sha256_file(pathlib.Path(zip_name))}  {zip_name}")
+          pathlib.Path(sha_name).write_text("\n".join(lines) + "\n", encoding="ascii")
+          print(f"Wrote {zip_name} and {sha_name} at {datetime.utcnow().isoformat()}Z")
+          PY
+        env:
+          VERSION: ${{ steps.version.outputs.version }}
+          ASSET_SUFFIX: ${{ matrix.asset_suffix }}
+          EXE_NAME: ${{ matrix.exe_name }}
+
+      - name: Upload artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: release-${{ matrix.asset_suffix }}
+          path: |
+            dist/${{ matrix.exe_name }}
+            cvecli-${{ steps.version.outputs.version }}-${{ matrix.asset_suffix }}.zip
+            SHA256SUMS-${{ matrix.asset_suffix }}.txt
+
+  release:
+    name: Create GitHub Release
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Download artifacts
+        uses: actions/download-artifact@v4
+        with:
+          path: release_assets
+
+      - name: Consolidate checksums
+        shell: bash
+        run: |
+          set -euo pipefail
+          find release_assets -type f -name "SHA256SUMS-*.txt" -print0 | sort -z | xargs -0 cat > SHA256SUMS.txt
+
+      - name: Publish GitHub Release assets
+        uses: softprops/action-gh-release@v2
+        with:
+          files: |
+            release_assets/**/cvecli*
+            release_assets/**/SHA256SUMS-*.txt
+            SHA256SUMS.txt

.github/workflows/windows-release.yml

@@ -16,6 +16,7 @@ A command-line tool to search for CVEs (Common Vulnerabilities and Exposures) us
 ## Features
 - Search CVEs by ID (using cve.circl.lu)
 - Search CVEs by keyword in description (using NVD)
+- Filter keyword searches by published year
 - Prints formatted CVE details (ID, published/modified date, CVSS score, severity, description, references)
 - Interactive menu or command-line arguments
 
@@ -104,6 +105,7 @@ Or pass arguments directly:
 ```bash
 docker run --rm cvecli --id CVE-2025-55184
 docker run --rm cvecli --keyword wordpress
+docker run --rm cvecli --keyword apache --year 2026
 ```
 
 ## Usage
@@ -123,6 +125,16 @@ cvecli --id CVE-2025-55184
 cvecli --keyword wordpress
 ```
 
+### Search by Keyword with Limit
+```bash
+cvecli --keyword kernel --limit 10
+```
+
+### Search by Keyword and Year
+```bash
+cvecli --keyword apache --year 2026
+```
+
 ## Output Example
 Results are shown in the terminal with color formatting for better readability.
 
@@ -136,6 +148,7 @@ Results are shown in the terminal with color formatting for better readability.
 
 - CVE ID search uses the cve.circl.lu API.
 - Keyword search uses the NVD API and returns up to 5 results per search.
+- Year filtering applies to keyword searches and matches the CVE ID year.
 
 ## Disclaimer
 This tool is provided for educational and informational purposes only. The owner and contributors are not responsible for any misuse, damage, or legal issues resulting from the use of this software. Use at your own risk.