fix: epss schema parsing

Author: BacchusJackson

CHANGELOG.md

@@ -7,11 +7,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [UNRELEASED]
 
+### Fixed
+
+- Updated EPSS schema to work with 3.14.2025
+
 ## [0.8.0] - 2024-10-23
 
 * Fixed a bug where validation failures were not resulting in a non-zero exit code
 * Renamed the --file / -f CLI argument to --config / -f for consistency with other tools
-* improvements to validate output  
+* improvements to validate output
    These "improvements" are short term hacks. There is a need for a fundamental
    overhaul of how output is generated to improve usability
 * Implemented code coverage support.

README.md

@@ -3,7 +3,6 @@
 [![Go Reference](https://pkg.go.dev/badge/github.com/gatecheckdev/gatecheck.svg)](https://pkg.go.dev/github.com/gatecheckdev/gatecheck)
 [![Go Report Card](https://goreportcard.com/badge/github.com/gatecheckdev/gatecheck)](https://goreportcard.com/report/github.com/gatecheckdev/gatecheck)
 
-
 ![Gatecheck Logo](https://static.gatecheck.dev/gatecheck-logo-splash-dark.png)
 
 Gatecheck automates report validation in a CI/CD Pipeline by comparing security findings to pre-determined thresholds.

Taskfile.yml

@@ -0,0 +1,88 @@
+version: "3"
+
+env:
+  INSTALL_DIR: "/usr/local/bin"
+  IMAGE_TAG: "gatecheck:latest"
+
+tasks:
+  build:
+    desc: "Build the gatecheck binary"
+    vars:
+      BUILD_DATE: '{{dateInZone "2006-01-02T15:04:05Z" now "UTC"}}'
+      CLI_VERSION:
+        sh: git describe --tags || git rev-parse --short HEAD || "v0.0.0-unknown"
+      GIT_COMMIT:
+        sh: git rev-parse HEAD
+      GIT_DESCRIPTION:
+        sh: git log -1 --pretty=%B
+    cmds:
+      - mkdir -p bin
+      - go build -ldflags="-X 'main.cliVersion={{.CLI_VERSION}}' -X 'main.gitCommit={{.GIT_COMMIT}}' -X 'main.buildDate={{.BUILD_DATE}}' -X 'main.gitDescription={{.GIT_DESCRIPTION}}'" -o ./bin ./cmd/gatecheck
+    sources:
+      - cmd/*
+      - pkg/*
+      - go*
+    generates:
+      - bin/gatecheck
+
+  install:
+    desc: "Install the gatecheck binary"
+    prompt: 'Install gatecheck binary to {{joinPath .INSTALL_DIR "gatecheck"}} ...Continue?'
+    deps:
+      - build
+    cmds:
+      - cp ./bin/gatecheck {{joinPath .INSTALL_DIR "gatecheck"}}
+    sources:
+      - ./bin/gatecheck
+    generates:
+      - '{{joinPath .INSTALL_DIR "gatecheck"}}'
+
+  uninstall:
+    desc: "Uninstall the gatecheck binary"
+    prompt: 'Will remove binary {{joinPath .INSTALL_DIR "gatecheck"}}'
+    cmds:
+      - rm '{{joinPath .INSTALL_DIR "gatecheck"}}'
+
+  test:
+    desc: "Run unit tests with coverage"
+    cmds:
+      - go test -cover ./...
+
+  lint:
+    desc: "Run golangci-lint in view-only mode"
+    cmds:
+      - golangci-lint run --fast
+
+  fix:
+    desc: "Fix linting errors and format code"
+    cmds:
+      - golangci-lint run --fast --fix
+
+  release-snapshot:
+    desc: "Create a snapshot release"
+    cmds:
+      - goreleaser release --snapshot --rm-dist
+
+  release:
+    desc: "Create a release"
+    cmds:
+      - goreleaser release --rm-dist
+
+  upgrade:
+    desc: "Upgrade package dependencies"
+    preconditions:
+      - sh: git status --porcelain | grep -q .
+        msg: "Repository is dirty, commit changes before upgrading."
+    cmds:
+      - go get -u ./...
+      - go mod tidy
+
+  serve-docs:
+    desc: "Serve documentation locally"
+    cmds:
+      - mdbook serve
+
+  clean:
+    desc: "Clean up build directory"
+    cmds:
+      - rm -rf ./bin

pkg/epss/epss.go

@@ -17,8 +17,8 @@ import (
 )
 
 const (
-	dataModel       = "v2023.03.01"
-	modelDateLayout = "2006-01-02T15:04:05-0700"
+	dataModel       = "v2025.03.14"
+	modelDateLayout = "2006-01-02T15:04:05Z"
 	defaultEPSSURL  = "https://epss.cyentia.com"
 )