openscap-daemon icon indicating copy to clipboard operation
openscap-daemon copied to clipboard
verified publisher icon OpenSCAP

Remove obsolete cve_scanner package

Open mpreisler opened this issue 9 years ago • 7 comments

CVE scanning is now done as a task, the cve_scanner package is of no use. Let's remove it so that we don't have to maintain it any more.

mpreisler avatar Aug 10 '16 15:08 mpreisler

I don't think we can remove it, because oscapd-cli scan uses cli_scan which uses CVEScanListAsync which uses Worker which is defined in cve_scanner package. @dahaic @mpreisler @matejak @yuumasato @mildass @matusmarhefka Do we want to drop this functionality from oscapd-cli?

jan-cerny avatar Sep 06 '18 12:09 jan-cerny

@jan-cerny Is atomic scan using oscapd-cli in any way? I think it uses oscapd-evaluate.

matusmarhefka avatar Sep 06 '18 13:09 matusmarhefka

@matusmarhefka atomic scan is just using daemon. Let's look at this problem from the perspective of daemon, not of one particular use case.

@jan-cerny I would suggest to preserve the functionality.

dahaic avatar Sep 06 '18 19:09 dahaic

@matusmarhefka I think it isn't using oscapd-cli. I think you're right that it uses oscapd-evaluate.

jan-cerny avatar Sep 07 '18 07:09 jan-cerny

@dahaic I agree that we should preserve the functionality.

jan-cerny avatar Sep 07 '18 07:09 jan-cerny

Do you think we should rework the code to avoid using the cve_scanner package?

jan-cerny avatar Sep 07 '18 07:09 jan-cerny

the cli_scan stuff is virtually unused, it was replaced with oscapd-evaluate and the task API VulnerabilityScan mode. We can remove cli_scan IMO, it's obsolete anyway.

mpreisler avatar Sep 07 '18 13:09 mpreisler