| Name | gcve JSON |
| Version |
0.11.3
JSON |
| download |
| home_page | None |
| Summary | A Python client for the Global CVE Allocation System. |
| upload_time | 2025-07-17 08:38:06 |
| maintainer | None |
| docs_url | None |
| author | Cédric Bonhomme |
| requires_python | >=3.10 |
| license | GPL-3.0 |
| keywords |
gcve
vulnerability
cve
cvd
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# A Python client for the Global CVE Allocation System
The [Global CVE (GCVE) allocation system](https://gcve.eu) is a new, decentralized
approach to vulnerability identification and numbering, designed to improve flexibility,
scalability, and autonomy for participating entities.
This client can be integrated into software such as
[Vulnerability-Lookup](https://github.com/vulnerability-lookup/vulnerability-lookup)
to provide core GCVE functionalities by adhering to the
[Best Current Practices](https://gcve.eu/bcp/).
It can also be used as a standalone command-line tool.
## Examples of usage
### As a command line tool
First install the gcve client:
```bash
$ python -m pip install --user pipx
$ python -m pipx ensurepath
$ pipx install gcve
installed package gcve 0.11.0, installed using Python 3.13.0
These apps are now globally available
- gcve
done! ✨ 🌟 ✨
```
#### Pulling the registry locally
```bash
$ gcve registry --pull
Pulling from registry…
Downloaded updated https://gcve.eu/dist/key/public.pem to .gcve/registry/public.pem
Downloaded updated https://gcve.eu/dist/gcve.json.sigsha512 to .gcve/registry/gcve.json.sigsha512
Downloaded updated https://gcve.eu/dist/gcve.json to .gcve/registry/gcve.json
Integrity check passed successfully.
```
#### Retrieving a GNA
Note: This operation is case sensitive.
```bash
$ gcve registry --get CIRCL
{
"id": 1,
"short_name": "CIRCL",
"cpe_vendor_name": "circl",
"full_name": "Computer Incident Response Center Luxembourg",
"gcve_url": "https://vulnerability.circl.lu/",
"gcve_api": "https://vulnerability.circl.lu/api/",
"gcve_dump": "https://vulnerability.circl.lu/dumps/",
"gcve_allocation": "https://vulnerability.circl.lu/",
"gcve_pull_api": "https://vulnerability.circl.lu/"
}
$ gcve registry --get CIRCL | jq .id
1
```
#### Searching the Registry
Note: Search operations are case insensitive.
```bash
$ gcve registry --find cert
[
{
"id": 106,
"full_name": "National Cyber Security Centre SK-CERT",
"short_name": "SK-CERT",
"gcve_url": "https://www.sk-cert.sk/"
},
{
"id": 680,
"short_name": "DFN-CERT",
"full_name": "DFN-CERT Services GmbH",
"gcve_url": "https://adv-archiv.dfn-cert.de/"
}
]
```
### As a library
#### Verifying the integrity of your local GNA directory copy
```python
Python 3.13.0 (main, Oct 10 2024, 07:28:38) [GCC 12.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from typing import List
... from gcve.gna import GNAEntry
... from gcve.registry import (
... update_registry_public_key,
... update_registry_signature,
... update_registry,
... verify_registry_integrity,
... load_registry,
... )
...
>>> update_registry_public_key()
No changes — using cached .gcve/registry/public.pem.
False
>>> update_registry_signature()
No changes — using cached .gcve/registry/gcve.json.sigsha512.
False
>>> update_registry()
No changes — using cached .gcve/registry/gcve.json.
False
>>> if verify_registry_integrity():
... gcve_data: List[GNAEntry] = load_registry()
...
>>>
```
#### Generating new GCVE entries
Example with GCVE-1 entries (CIRCL namespace):
```python
from typing import List
from gcve.gna import GNAEntry
from gcve import gcve_generator, get_gna_id_by_short_name, to_gcve_id
from gcve.gna import GNAEntry
from gcve.registry import update_registry, load_registry
# Retrieve the JSON Directory file available at GCVE.eu if it has changed
update_registry()
# Initializes the GNA entries
gcve_data = load_registry()
# If "CIRCL" found in the registry
if CIRCL_GNA_ID := get_gna_id_by_short_name("CIRCL", gcve_data):
# Existing GCVE-O
existing_gcves = {to_gcve_id(cve) for cve in vulnerabilitylookup.get_all_ids()}
generator = gcve_generator(existing_gcves, CIRCL_GNA_ID)
for _ in range(5):
print(next(generator))
```
## License
[GCVE](https://github.com/gcve-eu/gcve) is licensed under
[GNU General Public License version 3](https://www.gnu.org/licenses/gpl-3.0.html).
- Copyright (c) 2025 Computer Incident Response Center Luxembourg (CIRCL)
- Copyright (c) 2025 Cédric Bonhomme - https://github.com/cedricbonhomme
## Contact
~~~
Att: GCVE.EU
CIRCL - Computer Incident Response Center Luxembourg
c/o "Luxembourg House of Cybersecurity" g.i.e.
122, rue Adolphe Fischer
L-1521 Luxembourg
Grand-Duchy of Luxembourg
~~~
Raw data
{
"_id": null,
"home_page": null,
"name": "gcve",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.10",
"maintainer_email": null,
"keywords": "GCVE, Vulnerability, CVE, CVD",
"author": "C\u00e9dric Bonhomme",
"author_email": "cedric.bonhomme@circl.lu",
"download_url": "https://files.pythonhosted.org/packages/0f/b9/e50d0b94540112cd8fffa0c70cf93fa0cbc0ec8d41054cccbb3488ce6e2f/gcve-0.11.3.tar.gz",
"platform": null,
"description": "# A Python client for the Global CVE Allocation System\n\nThe [Global CVE (GCVE) allocation system](https://gcve.eu) is a new, decentralized\napproach to vulnerability identification and numbering, designed to improve flexibility,\nscalability, and autonomy for participating entities.\n\nThis client can be integrated into software such as\n[Vulnerability-Lookup](https://github.com/vulnerability-lookup/vulnerability-lookup)\nto provide core GCVE functionalities by adhering to the\n[Best Current Practices](https://gcve.eu/bcp/). \nIt can also be used as a standalone command-line tool.\n\n\n## Examples of usage\n\n### As a command line tool\n\nFirst install the gcve client:\n\n```bash\n$ python -m pip install --user pipx\n$ python -m pipx ensurepath\n\n$ pipx install gcve\n installed package gcve 0.11.0, installed using Python 3.13.0\n These apps are now globally available\n - gcve\ndone! \u2728 \ud83c\udf1f \u2728\n```\n\n#### Pulling the registry locally\n\n```bash\n$ gcve registry --pull\nPulling from registry\u2026\nDownloaded updated https://gcve.eu/dist/key/public.pem to .gcve/registry/public.pem\nDownloaded updated https://gcve.eu/dist/gcve.json.sigsha512 to .gcve/registry/gcve.json.sigsha512\nDownloaded updated https://gcve.eu/dist/gcve.json to .gcve/registry/gcve.json\nIntegrity check passed successfully.\n```\n\n#### Retrieving a GNA\n\nNote: This operation is case sensitive.\n\n```bash\n$ gcve registry --get CIRCL\n{\n \"id\": 1,\n \"short_name\": \"CIRCL\",\n \"cpe_vendor_name\": \"circl\",\n \"full_name\": \"Computer Incident Response Center Luxembourg\",\n \"gcve_url\": \"https://vulnerability.circl.lu/\",\n \"gcve_api\": \"https://vulnerability.circl.lu/api/\",\n \"gcve_dump\": \"https://vulnerability.circl.lu/dumps/\",\n \"gcve_allocation\": \"https://vulnerability.circl.lu/\",\n \"gcve_pull_api\": \"https://vulnerability.circl.lu/\"\n}\n\n$ gcve registry --get CIRCL | jq .id\n1\n```\n\n#### Searching the Registry\n\nNote: Search operations are case insensitive.\n\n```bash\n$ gcve registry --find cert\n[\n {\n \"id\": 106,\n \"full_name\": \"National Cyber Security Centre SK-CERT\",\n \"short_name\": \"SK-CERT\",\n \"gcve_url\": \"https://www.sk-cert.sk/\"\n },\n {\n \"id\": 680,\n \"short_name\": \"DFN-CERT\",\n \"full_name\": \"DFN-CERT Services GmbH\",\n \"gcve_url\": \"https://adv-archiv.dfn-cert.de/\"\n }\n]\n```\n\n\n### As a library\n\n#### Verifying the integrity of your local GNA directory copy\n\n```python\nPython 3.13.0 (main, Oct 10 2024, 07:28:38) [GCC 12.2.0] on linux\nType \"help\", \"copyright\", \"credits\" or \"license\" for more information.\n>>> from typing import List\n... from gcve.gna import GNAEntry\n... from gcve.registry import (\n... update_registry_public_key,\n... update_registry_signature,\n... update_registry,\n... verify_registry_integrity,\n... load_registry,\n... )\n... \n>>> update_registry_public_key()\nNo changes \u2014 using cached .gcve/registry/public.pem.\nFalse\n>>> update_registry_signature()\nNo changes \u2014 using cached .gcve/registry/gcve.json.sigsha512.\nFalse\n>>> update_registry()\nNo changes \u2014 using cached .gcve/registry/gcve.json.\nFalse\n>>> if verify_registry_integrity():\n... gcve_data: List[GNAEntry] = load_registry()\n... \n>>> \n```\n\n#### Generating new GCVE entries\n\nExample with GCVE-1 entries (CIRCL namespace):\n\n```python\nfrom typing import List\nfrom gcve.gna import GNAEntry\nfrom gcve import gcve_generator, get_gna_id_by_short_name, to_gcve_id\nfrom gcve.gna import GNAEntry\nfrom gcve.registry import update_registry, load_registry\n\n# Retrieve the JSON Directory file available at GCVE.eu if it has changed\nupdate_registry()\n# Initializes the GNA entries\ngcve_data = load_registry()\n\n# If \"CIRCL\" found in the registry\nif CIRCL_GNA_ID := get_gna_id_by_short_name(\"CIRCL\", gcve_data):\n # Existing GCVE-O\n existing_gcves = {to_gcve_id(cve) for cve in vulnerabilitylookup.get_all_ids()}\n\n generator = gcve_generator(existing_gcves, CIRCL_GNA_ID)\n for _ in range(5):\n print(next(generator))\n```\n\n\n## License\n\n[GCVE](https://github.com/gcve-eu/gcve) is licensed under\n[GNU General Public License version 3](https://www.gnu.org/licenses/gpl-3.0.html).\n\n\n- Copyright (c) 2025 Computer Incident Response Center Luxembourg (CIRCL)\n- Copyright (c) 2025 C\u00e9dric Bonhomme - https://github.com/cedricbonhomme\n\n\n## Contact\n\n~~~\nAtt: GCVE.EU\nCIRCL - Computer Incident Response Center Luxembourg\nc/o \"Luxembourg House of Cybersecurity\" g.i.e.\n122, rue Adolphe Fischer\nL-1521 Luxembourg\nGrand-Duchy of Luxembourg\n~~~\n\n",
"bugtrack_url": null,
"license": "GPL-3.0",
"summary": "A Python client for the Global CVE Allocation System.",
"version": "0.11.3",
"project_urls": {
"Documentation": "https://gcve.eu",
"Homepage": "https://gcve.eu",
"Repository": "https://github.com/gcve-eu/gcve"
},
"split_keywords": [
"gcve",
" vulnerability",
" cve",
" cvd"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "aa5fdad7ff6331f856a5290b7ba2da74c8336c7649c35512c1d7707172799e38",
"md5": "4b67e03b960fb76aeaf6818f7f646abf",
"sha256": "de3a87acc00ce0480e9f907be5b5e23b2c190bed25c3e4b6c2e62c16926d99bf"
},
"downloads": -1,
"filename": "gcve-0.11.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "4b67e03b960fb76aeaf6818f7f646abf",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10",
"size": 21370,
"upload_time": "2025-07-17T08:38:05",
"upload_time_iso_8601": "2025-07-17T08:38:05.193748Z",
"url": "https://files.pythonhosted.org/packages/aa/5f/dad7ff6331f856a5290b7ba2da74c8336c7649c35512c1d7707172799e38/gcve-0.11.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "0fb9e50d0b94540112cd8fffa0c70cf93fa0cbc0ec8d41054cccbb3488ce6e2f",
"md5": "1a971939d78d7a9dbb3326c9e36e52c0",
"sha256": "fd1ad1d0aa8628d2f6e488e2d2347d79a60da53358265ea93bbdcd968d0939dc"
},
"downloads": -1,
"filename": "gcve-0.11.3.tar.gz",
"has_sig": false,
"md5_digest": "1a971939d78d7a9dbb3326c9e36e52c0",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10",
"size": 19932,
"upload_time": "2025-07-17T08:38:06",
"upload_time_iso_8601": "2025-07-17T08:38:06.541344Z",
"url": "https://files.pythonhosted.org/packages/0f/b9/e50d0b94540112cd8fffa0c70cf93fa0cbc0ec8d41054cccbb3488ce6e2f/gcve-0.11.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-07-17 08:38:06",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "gcve-eu",
"github_project": "gcve",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "gcve"
}
