Skip to content

Add support for parsing Git commit messages #1992

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add support for parsing Git commit messages #1992

wants to merge 3 commits into from
+293 −0

Conversation

ziadhany
Copy link
Collaborator

@ziadhany ziadhany commented Aug 30, 2025
edited by pombredanne
Loading

I created an initial script to parse Git commit messages that can be easily integrated with our model. The script takes a Git repository as input, parses all commits, and returns the CVEs along with their corresponding fixed commits.

Issues:

results:

Found 192 unique CVEs
{
  "CVE-2025-4575": [
    "https://github.com/openssl/openssl/commit/0eb9acc24febb1f3f01f0320cfba9654cf66b0ac",
    "https://github.com/openssl/openssl/commit/e96d22446e633d117e6c9904cb15b4693e956eaa"
  ],
  "CVE-2024-12797": [
    "https://github.com/openssl/openssl/commit/6ae8e947d8e3f3f03eeb7d9ad993e341791900bc",
    "https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7",
    "https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699",
    "https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9"
  ],
  "CVE-2024-13176": [
    "https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467",
    "https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844",
    "https://github.com/openssl/openssl/commit/fcebf0a79a0a69f63721b66e94b01400a7de332e",
    "https://github.com/openssl/openssl/commit/78f6c35b83713d33b263fb85e3727543463d6fd5",
    "https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f",
    "https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65",
    "https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902",
    "https://github.com/openssl/openssl/commit/3fc4b112da2e2107a65ae2556fb6137098e08801",
    "https://github.com/openssl/openssl/commit/f15294228451217b5e58e2b7f5ad4c7a42303212",
    "https://github.com/openssl/openssl/commit/7d8a8c20e1370e43b0cad17e47a460a6f8e81a34",
    "https://github.com/openssl/openssl/commit/63c40a66c5dc287485705d06122d3a6e74a6a203",
    "https://github.com/openssl/openssl/commit/c3144e102571517df6c15ccc049fa3660ab3cb0a"
  ],

openssl.json

@ziadhany
Add CollectRepoFixCommitPipeline
082134e 
Add a test for CollectRepoFixCommitPipeline

Signed-off-by: ziad hany <[email protected]>
@ziadhany
Remove a test script related to fix commits and issue tracker
9c20737 
Signed-off-by: ziad hany <[email protected]>
ziadhany
ziadhany commented Oct 13, 2025
View reviewed changes
vulnerabilities/pipelines/v2_importers/collect_repo_fix_commits.py

def clone(self):
"""Clone the repository."""
self.repo_url = "https://github.com/torvalds/linux"
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This part should not be static

@pombredanne pombredanne mentioned this pull request Oct 15, 2025
Open
4 tasks
@ziadhany ziadhany requested a review from keshav-space October 15, 2025 14:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@keshav-space keshav-space Awaiting requested review from keshav-space

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ziadhany