From e277fe5f8c5d569737c3239de365b2fced07c2d6 Mon Sep 17 00:00:00 2001
From: mtardy <mahe5397@hotmail.fr>
Date: Tue, 20 Dec 2022 16:02:05 +0100
Subject: [PATCH 1/3] Update CVE feed layouts for new JSON feed format

Also add information about last update time on CVE table
---
 data/i18n/en/en.toml             | 10 ++++++++--
 layouts/_default/cve-feed.json   | 24 +-----------------------
 layouts/shortcodes/cve-feed.html | 13 +++++++------
 3 files changed, 16 insertions(+), 31 deletions(-)

diff --git a/data/i18n/en/en.toml b/data/i18n/en/en.toml
index eee6e8661b..d477cb95b8 100644
--- a/data/i18n/en/en.toml
+++ b/data/i18n/en/en.toml
@@ -67,8 +67,14 @@ other = "Issue Summary"
 [cve_table]
 other = "Official Kubernetes CVE List"
 
-[cve_url]
-other = "CVE URL"
+[cve_table_date_before]
+other = "(last updated: "
+
+[cve_table_date_format]
+other = "02 Jan 2006 15:04:05 MST"
+
+[cve_table_date_after]
+other = ")"
 
 [deprecation_title]
 other = "You are viewing documentation for Kubernetes version:"
diff --git a/layouts/_default/cve-feed.json b/layouts/_default/cve-feed.json
index a185fde22f..3812e9533b 100644
--- a/layouts/_default/cve-feed.json
+++ b/layouts/_default/cve-feed.json
@@ -1,23 +1 @@
-{
-  "version": "https://jsonfeed.org/version/1.1",
-  "title": "Auto-refreshing Official CVE Feed",
-  "home_page_url": "https://kubernetes.io",
-  "feed_url": "https://kubernetes.io/docs/reference/issues-security/official-cve-feed/index.json",
-  "description": "Auto-refreshing official CVE feed for Kubernetes repository",
-  "authors": [
-    {
-      "name": "Kubernetes Community",
-      "url": "https://www.kubernetes.dev"
-    }
-  ],
-  "items": [
-  {{ range $i, $e := getJSON .Site.Params.cveFeedBucket }}
-    {{ if $i }}, {{ end }}
-      {
-        {{ T "cve_json_id" | jsonify }}: {{ .cve_id | jsonify }},
-        {{ T "cve_json_url" | jsonify }}: {{ .issue_url | jsonify }},
-        {{ T "cve_json_external_url" | jsonify }}: {{ .cve_url | jsonify}},
-        {{ T "cve_json_summary" | jsonify }}: {{ replace (.summary | jsonify ) "\\u003e" ">"  }}
-      }{{ end }}
-   ]
-}
+{{ getJSON .Site.Params.cveFeedBucket | jsonify }}
diff --git a/layouts/shortcodes/cve-feed.html b/layouts/shortcodes/cve-feed.html
index 1c04efab7e..7c4aa2d56c 100644
--- a/layouts/shortcodes/cve-feed.html
+++ b/layouts/shortcodes/cve-feed.html
@@ -1,19 +1,20 @@
 <table class="security-cves">
-  <caption>{{ T "cve_table" }}</caption>
+  {{ $feed := getJSON .Site.Params.cveFeedBucket }}
+  <caption style="caption-side: top;">{{ T "cve_table" }} {{ T "cve_table_date_before" }}{{ $feed._kubernetes_io.updated_at | time.Format ( T "cve_table_date_format" ) }}{{ T "cve_table_date_after" }}</caption>
   <thead>
   <tr>
     <th>{{ T "cve_id" }}</th>
-    <th>{{ T "cve_summary"}}</th>
+    <th>{{ T "cve_summary" }}</th>
     <th>{{ T "cve_issue_url" }}</th>
   </tr>
   </thead>
   <tbody>
-  {{ range $issues := getJSON .Site.Params.cveFeedBucket }}
+  {{ range $feed.items }}
   <tr>
-    <td><a href="{{ .cve_url }}">{{ .cve_id | htmlEscape | safeHTML }}</a></td>
+    <td><a href="{{ .url }}">{{ .id | htmlEscape | safeHTML }}</a></td>
     <td>{{ .summary | htmlEscape | safeHTML }}</td>
-    <td><a href="{{ .issue_url }}">#{{ .number }}</a></td>
+    <td><a href="{{ .url }}">#{{ ._kubernetes_io.issue_number }}</a></td>
   </tr>
   {{ end }}
   </tbody>
-</table>
\ No newline at end of file
+</table>

From 96fe0763305edc9fa0c65d1b83078f847f600913 Mon Sep 17 00:00:00 2001
From: mtardy <mahe5397@hotmail.fr>
Date: Sun, 22 Jan 2023 18:27:21 +0100
Subject: [PATCH 2/3] Remove unused localization strings

---
 data/i18n/en/en.toml | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/data/i18n/en/en.toml b/data/i18n/en/en.toml
index d477cb95b8..d38f0e9c70 100644
--- a/data/i18n/en/en.toml
+++ b/data/i18n/en/en.toml
@@ -49,18 +49,6 @@ other = "CVE ID"
 [cve_issue_url]
 other = "CVE GitHub Issue URL"
 
-[cve_json_external_url]
-other = "external_url"
-
-[cve_json_id]
-other = "id"
-
-[cve_json_summary]
-other = "summary"
-
-[cve_json_url]
-other = "url"
-
 [cve_summary]
 other = "Issue Summary"
 

From 3305d7b1db96731d0b90150b0cdc19dfcc74b4f1 Mon Sep 17 00:00:00 2001
From: mtardy <mahe5397@hotmail.fr>
Date: Sun, 22 Jan 2023 19:08:24 +0100
Subject: [PATCH 3/3] Check that the fetched feed is a JSON feed 1.1 and fail
 if not

---
 layouts/shortcodes/cve-feed.html | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/layouts/shortcodes/cve-feed.html b/layouts/shortcodes/cve-feed.html
index 7c4aa2d56c..887999305a 100644
--- a/layouts/shortcodes/cve-feed.html
+++ b/layouts/shortcodes/cve-feed.html
@@ -1,5 +1,8 @@
+{{ $feed := getJSON .Site.Params.cveFeedBucket }}
+{{ if ne $feed.version "https://jsonfeed.org/version/1.1" }}
+  {{ errorf "Build Failed. CVE feed does not comply with JSON feed v1.1" }}
+{{ end }}
 <table class="security-cves">
-  {{ $feed := getJSON .Site.Params.cveFeedBucket }}
   <caption style="caption-side: top;">{{ T "cve_table" }} {{ T "cve_table_date_before" }}{{ $feed._kubernetes_io.updated_at | time.Format ( T "cve_table_date_format" ) }}{{ T "cve_table_date_after" }}</caption>
   <thead>
   <tr>