From f8172fc05ced1d2ea2b3ec340cf3850ad08c0e9e Mon Sep 17 00:00:00 2001
From: fan-tastic-z <fantastic.fun.zf@gmail.com>
Date: Fri, 29 Aug 2025 15:58:29 +0800
Subject: [PATCH] feat: add readme and github action

---
 .github/workflows/ci.yml         | 41 +++++++++++++++
 .gitignore                       |  4 +-
 README.md                        | 88 ++++++++++++++++++++++++++++++++
 src/output/db/repository_impl.rs |  7 +--
 4 files changed, 133 insertions(+), 7 deletions(-)
 create mode 100644 .github/workflows/ci.yml
 create mode 100644 README.md

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..30cd9d5
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,41 @@
+name: ci
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - v*
+  pull_request:
+    branches:
+      - main
+
+permissions:
+  contents: write
+
+jobs:
+  build-rust:
+    strategy:
+      matrix:
+        platform: [ubuntu-latest]
+    runs-on: ${{ matrix.platform }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          submodules: recursive
+      - name: Install Rust
+        run: rustup toolchain install stable --component llvm-tools-preview
+      - name: Install cargo-llvm-cov
+        uses: taiki-e/install-action@cargo-llvm-cov
+      - name: install nextest
+        uses: taiki-e/install-action@nextest
+      - uses: Swatinem/rust-cache@v2
+      - name: Check code format
+        run: cargo fmt -- --check
+      - name: Check the package for errors
+        run: cargo check --all
+      - name: Lint rust sources
+        run: cargo clippy --all-targets --all-features --tests --benches -- -D warnings
+      - name: Execute rust tests
+        run: cargo nextest run --all-features
diff --git a/.gitignore b/.gitignore
index aa886fc..5984af6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -33,5 +33,5 @@ report.*.json
 # logs
 logs/
 
-# pulic
-public/
\ No newline at end of file
+# public
+public/
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..6b169fb
--- /dev/null
+++ b/README.md
@@ -0,0 +1,88 @@
+# VulnFeed 高价值漏洞采集与推送
+
+VulnFeed 是一个用于收集和推送高价值漏洞信息的工具。它从多个数据源抓取漏洞信息，并通过钉钉机器人进行推送。
+
+## 数据源
+
+当前抓取了这几个站点的数据:
+
+| 名称                 | 地址                                                           | 推送策略                                                                     |
+| -------------------- | -------------------------------------------------------------- | ---------------------------------------------------------------------------- |
+| 阿里云漏洞库         | <https://avd.aliyun.com/high-risk/list>                        | 等级为高危或严重                                                             |
+| OSCS开源安全情报预警 | <https://www.oscs1024.com/cm>                                  | 等级为高危或严重**并且**包含 `预警` 标签                                     |
+| 知道创宇Seebug漏洞库 | <https://www.seebug.org/>                                      | 等级为高危或严重                                                             |
+| CISA KEV             | <https://www.cisa.gov/known-exploited-vulnerabilities-catalog> | 全部推送                                                                     |
+| 奇安信威胁情报中心   | <https://ti.qianxin.com/>                                      | 等级为高危严重**并且**包含 `奇安信CERT验证` `POC公开` `技术细节公布`标签之一 |
+| 微步在线             | <https://x.threatbook.com/v5/vulIntelligence>                  | 等级为高危或严重                                                             |
+
+## Features
+
+- [x] 支持多数据源采集
+- [x] 支持定时任务
+- [x] 支持钉钉推送
+- [x] 支持根据 CVE 号在`github`上检索近一年的相关代码仓库链接
+- [x] 支持根据 CVE 号在 `nuclei` 上的 PR 记录
+
+## 本地开发
+
+### 安装 sqlx-cli
+
+```bash
+cargo install --version='~0.8' sqlx-cli --no-default-features --features rustls,postgres
+```
+
+### 启动数据库
+
+```bash
+chmod a+x ./scripts/init_db.sh
+./scripts/init_db.sh
+```
+
+### 后端服务
+
+创建初始化管理员密码
+
+```bash
+cargo run --bin vulnfeed create-super-user -c ./dev/config.toml -p "密码"
+```
+
+```bash
+cargo run --bin vulnfeed server -c ./dev/config.toml
+```
+
+### 前端服务
+
+```bash
+cd assets && pnpm install
+pnpm dev
+```
+
+## 服务部署
+
+项目已经写好了 `Dockerfiel` 和 `docker-compose.yml`, 可以本地构建服务镜像，这里将前端代码打包到后端服务中，不需要单独的Nginx服务。
+
+```bash
+docker build -t vulnfeed:latest .
+docker save -o vulnfeed.tar vulnfeed:latest
+```
+
+将构建好的镜像在服务器上导入。
+
+```bash
+docker load -i vulnfeed.tar
+```
+
+服务器创建部署目录：
+
+```bash
+mkdir /data/vulnfeed/config -p
+```
+
+将 `dev/config.toml` 配置文件拷贝到 `/data/vulnfeed/config`
+
+将 `docker-compose.yml` 拷贝到 `/data/vulnfeed/`
+
+```bash
+docker-compose up -d
+docker exec 3b990565dba7 /app/vulnfeed create-super-user -c /app/vulnfeed/config.toml -p "密码"
+```
diff --git a/src/output/db/repository_impl.rs b/src/output/db/repository_impl.rs
index 9c203d5..cfa90d2 100644
--- a/src/output/db/repository_impl.rs
+++ b/src/output/db/repository_impl.rs
@@ -72,7 +72,7 @@ impl VulnRepository for Pg {
             self.pool.begin().await.change_context_lazy(|| {
                 Error::Message("failed to begin transaction".to_string())
             })?;
-        let vuln_informations = VulnInformationDao::filter_vulnfusion_information(
+        let data = VulnInformationDao::filter_vulnfusion_information(
             &mut tx,
             &req.page_filter,
             &req.search_params,
@@ -85,10 +85,7 @@ impl VulnRepository for Pg {
         tx.commit()
             .await
             .change_context_lazy(|| Error::Message("failed to commit transaction".to_string()))?;
-        Ok(ListVulnInformationResponseData {
-            data: vuln_informations,
-            total: count,
-        })
+        Ok(ListVulnInformationResponseData { data, total: count })
     }
 
     async fn get_vuln_information(