Skip to content

Commit ef9f19f

Browse files
committed
Added homebrew support
1 parent 8e5aa8b commit ef9f19f

3 files changed

Lines changed: 161 additions & 0 deletions

File tree

Lines changed: 140 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,140 @@
1+
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
2+
3+
name: Daily macOS Monitor
4+
5+
on:
6+
schedule:
7+
- cron: "17 3 * * *"
8+
workflow_dispatch:
9+
10+
permissions:
11+
contents: read
12+
13+
jobs:
14+
monitor:
15+
runs-on: macos-latest
16+
17+
env:
18+
TAP_NAME: DebaA17/tap
19+
FORMULA_NAME: cvecli
20+
CVE_ID: CVE-2025-55182
21+
22+
steps:
23+
- name: Initialize state
24+
shell: bash
25+
run: |
26+
set -euo pipefail
27+
echo "CVECLI_VERSION=unknown" >> "$GITHUB_ENV"
28+
echo "TEST_STATUS=failed" >> "$GITHUB_ENV"
29+
echo "CVE_OUTPUT_RETURNED=no" >> "$GITHUB_ENV"
30+
echo "CVE_COMMAND=cvecli --id ${CVE_ID}" >> "$GITHUB_ENV"
31+
32+
- name: Install or update cvecli (Homebrew)
33+
shell: bash
34+
run: |
35+
set -euo pipefail
36+
37+
brew --version
38+
brew tap "${TAP_NAME}"
39+
40+
if brew list --formula "${FORMULA_NAME}" >/dev/null 2>&1; then
41+
brew upgrade "${FORMULA_NAME}" || true
42+
else
43+
brew install "${FORMULA_NAME}"
44+
fi
45+
46+
command -v cvecli
47+
48+
- name: Get version
49+
shell: bash
50+
run: |
51+
set -euo pipefail
52+
53+
version="$(cvecli --version 2>/dev/null || true)"
54+
version="$(echo "$version" | head -n 1 | tr -d '\r')"
55+
if [ -z "$version" ]; then
56+
version="unknown"
57+
fi
58+
echo "CVECLI_VERSION=${version}" >> "$GITHUB_ENV"
59+
60+
- name: Run CVE functional test
61+
shell: bash
62+
run: |
63+
set -euo pipefail
64+
65+
set +e
66+
output="$(cvecli --id "${CVE_ID}" 2>&1)"
67+
rc=$?
68+
set -e
69+
70+
printf '%s\n' "$output" > cve_output.txt
71+
72+
stripped="$(printf '%s' "$output" | tr -d '\r' | tr -d '[:space:]')"
73+
lowered="$(printf '%s' "$output" | tr -d '\r' | tr '[:upper:]' '[:lower:]')"
74+
75+
if [ $rc -ne 0 ]; then
76+
echo "TEST_STATUS=failed" >> "$GITHUB_ENV"
77+
echo "CVE_OUTPUT_RETURNED=no" >> "$GITHUB_ENV"
78+
elif [ -z "$stripped" ]; then
79+
echo "TEST_STATUS=failed" >> "$GITHUB_ENV"
80+
echo "CVE_OUTPUT_RETURNED=no" >> "$GITHUB_ENV"
81+
elif printf '%s' "$lowered" | grep -q "^[[:space:]]*error:\|failed to fetch cve\|network error\|invalid json"; then
82+
echo "TEST_STATUS=failed" >> "$GITHUB_ENV"
83+
echo "CVE_OUTPUT_RETURNED=yes" >> "$GITHUB_ENV"
84+
else
85+
echo "TEST_STATUS=success" >> "$GITHUB_ENV"
86+
echo "CVE_OUTPUT_RETURNED=yes" >> "$GITHUB_ENV"
87+
fi
88+
89+
- name: Build Telegram message
90+
if: always()
91+
shell: bash
92+
run: |
93+
set -euo pipefail
94+
95+
if [ "${TEST_STATUS}" = "success" ]; then
96+
STATUS="✅ Healthy"
97+
else
98+
STATUS="❌ Failed"
99+
fi
100+
101+
MSG="$(printf '%s\n' \
102+
"Monitor: macOS (Homebrew)" \
103+
"Status: ${STATUS}" \
104+
"Tap: ${TAP_NAME}" \
105+
"Formula: ${FORMULA_NAME}" \
106+
"Version: ${CVECLI_VERSION}" \
107+
"CVE command: ${CVE_COMMAND}" \
108+
"Output returned: ${CVE_OUTPUT_RETURNED}" \
109+
"Repo: ${GITHUB_REPOSITORY}" \
110+
"Run: #${GITHUB_RUN_NUMBER}" \
111+
"SHA: ${GITHUB_SHA}" \
112+
"Branch: ${GITHUB_REF_NAME}")"
113+
114+
echo "MESSAGE<<EOF" >> "$GITHUB_ENV"
115+
echo "$MSG" >> "$GITHUB_ENV"
116+
echo "EOF" >> "$GITHUB_ENV"
117+
118+
- name: Send Telegram notification
119+
if: always()
120+
shell: bash
121+
env:
122+
TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_TOKEN }}
123+
TELEGRAM_CHAT_ID: ${{ secrets.TELEGRAM_CHAT_ID }}
124+
run: |
125+
set -euo pipefail
126+
127+
curl -fsS --retry 3 --retry-all-errors \
128+
-X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
129+
-d "chat_id=${TELEGRAM_CHAT_ID}" \
130+
--data-urlencode "text=${MESSAGE}"
131+
132+
- name: Fail workflow if unhealthy
133+
if: always()
134+
shell: bash
135+
run: |
136+
set -euo pipefail
137+
if [ "${TEST_STATUS}" != "success" ]; then
138+
exit 1
139+
fi
140+

README.md

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -45,6 +45,27 @@ cvecli --version
4545
cvecli --id CVE-2025-55184
4646
```
4747

48+
## Installation (macOS / Homebrew)
49+
50+
```bash
51+
brew tap DebaA17/tap
52+
brew install cvecli
53+
```
54+
55+
After installing:
56+
57+
```bash
58+
cvecli --version
59+
cvecli --id CVE-2025-55184
60+
```
61+
62+
## Installation (Linux / Homebrew)
63+
64+
```bash
65+
brew tap DebaA17/tap
66+
brew install cvecli
67+
```
68+
4869
## Installation (Local/Global Usage)
4970
```bash
5071
git clone https://github.com/DebaA17/CVE-scanner-cli.git

demo/demo.png

-731 KB
Loading

0 commit comments

Comments
 (0)