A client for gathering vulnerability-related information from GitHub Gists.
Project description
GistSight
A client for gathering vulnerability-related information from GitHub Gists. The collected data is then sent to the Vulnerability-Lookup API as sightings.
Installation
pipx is an easy way to install and run Python applications in isolated environments. It's easy to install.
$ pipx install GistSight
$ export GISTSIGHT_CONFIG=~/.gistsight/conf.py
With Docker
git clone https://github.com/vulnerability-lookup/GistSight
cd GistSight
# Make sure conf.py exists in the project root before running
docker compose up --build
[!NOTE] The docker-compose.yml expects a conf.py file in the root directory. You can create it manually or copy the provided example:
$ cp gistsight/conf_sample.py conf.py
Collecting new Gists
$ GistSight
Waiting 10 seconds before next run…
No vulnerabilities found.
Waiting 10 seconds before next run…
No vulnerabilities found.
Waiting 10 seconds before next run…
Gist: https://gist.github.com/voidvxvt/719c34da30a644b822765729be648985
Created At: 2025-01-06T18:43:12+00:00
Vulnerabilities: CVE-2021-26828
--------------------------------------------------
Pushing sighting to Vulnerability-Lookup…
{'type': 'seen', 'source': 'https://gist.github.com/voidvxvt/719c34da30a644b822765729be648985', 'vulnerability': 'CVE-2021-26828', 'creation_timestamp': datetime.datetime(2025, 1, 6, 18, 43, 12, tzinfo=datetime.timezone.utc)}
Waiting 10 seconds before next run…
License
GistSight is licensed under GNU General Public License version 3
Copyright (c) 2025-2026 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (C) 2025-2026 Cédric Bonhomme - https://github.com/cedricbonhomme
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file gistsight-1.2.0.tar.gz.
File metadata
- Download URL: gistsight-1.2.0.tar.gz
- Upload date:
- Size: 17.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
29b4c6fa30f00a8502a16707f6a51f1a23c1eab7a4a7c797dfc0d317a067330b
|
|
| MD5 |
faffce33135d21f5f86b65e2c9fc01c4
|
|
| BLAKE2b-256 |
14323b56a85d925602586f9d41b4013accbbb4a41eb532f60ae09fef3b09da6c
|
Provenance
The following attestation bundles were made for gistsight-1.2.0.tar.gz:
Publisher:
release.yml on vulnerability-lookup/GistSight
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
gistsight-1.2.0.tar.gz -
Subject digest:
29b4c6fa30f00a8502a16707f6a51f1a23c1eab7a4a7c797dfc0d317a067330b - Sigstore transparency entry: 1439831398
- Sigstore integration time:
-
Permalink:
vulnerability-lookup/GistSight@91c86a6b357f9710ec299bf5615a1606ff29bc6d -
Branch / Tag:
refs/tags/v1.2.0 - Owner: https://github.com/vulnerability-lookup
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@91c86a6b357f9710ec299bf5615a1606ff29bc6d -
Trigger Event:
release
-
Statement type:
File details
Details for the file gistsight-1.2.0-py3-none-any.whl.
File metadata
- Download URL: gistsight-1.2.0-py3-none-any.whl
- Upload date:
- Size: 18.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4604bc1293a96a94a3576a6a76aa29e0c98815740e9e00995f5c71e79f1488ca
|
|
| MD5 |
6db6d372a72074eef350075a18d5b570
|
|
| BLAKE2b-256 |
9d6f2f3f16105e3718e7a3c3089ea85b9b81fa078722be71382e539e3d4ef34b
|
Provenance
The following attestation bundles were made for gistsight-1.2.0-py3-none-any.whl:
Publisher:
release.yml on vulnerability-lookup/GistSight
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
gistsight-1.2.0-py3-none-any.whl -
Subject digest:
4604bc1293a96a94a3576a6a76aa29e0c98815740e9e00995f5c71e79f1488ca - Sigstore transparency entry: 1439831406
- Sigstore integration time:
-
Permalink:
vulnerability-lookup/GistSight@91c86a6b357f9710ec299bf5615a1606ff29bc6d -
Branch / Tag:
refs/tags/v1.2.0 - Owner: https://github.com/vulnerability-lookup
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@91c86a6b357f9710ec299bf5615a1606ff29bc6d -
Trigger Event:
release
-
Statement type:
