fix build errors

.gitignore

@@ -0,0 +1,122 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+pip-wheel-metadata/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+
+# Virtual environments
+venv/
+ENV/
+env/
+
+# Environment variables
+.env
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+
+# Node.js
+node_modules/
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# React build
+frontend/build/
+
+# Docker
+.dockerignore
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# OS
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db
+
+# Database
+*.db
+*.sqlite
+*.sqlite3
+
+# Logs
+logs
+*.log
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Optional npm cache directory
+.npm
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# parcel-bundler cache
+.cache
+.parcel-cache
+
+# Docker volumes
+postgres_data/
+redis_data/

Makefile

@@ -0,0 +1,70 @@
+.PHONY: help start stop restart build logs clean dev setup
+
+# Default target
+help:
+	@echo "CVE-SIGMA Auto Generator - Available Commands:"
+	@echo "=============================================="
+	@echo "  make start     - Start the application"
+	@echo "  make stop      - Stop the application"
+	@echo "  make restart   - Restart the application"
+	@echo "  make build     - Build and start with fresh images"
+	@echo "  make logs      - Show application logs"
+	@echo "  make clean     - Stop and remove all containers/volumes"
+	@echo "  make dev       - Start in development mode"
+	@echo "  make setup     - Initial setup (copy .env, etc.)"
+	@echo "  make help      - Show this help message"
+
+# Initial setup
+setup:
+	@echo "🔧 Setting up CVE-SIGMA Auto Generator..."
+	@if [ ! -f .env ]; then \
+		cp .env.example .env; \
+		echo "✅ .env file created from .env.example"; \
+		echo "💡 Edit .env to add your NVD API key for better rate limits"; \
+	else \
+		echo "✅ .env file already exists"; \
+	fi
+
+# Start the application
+start: setup
+	@echo "🚀 Starting CVE-SIGMA Auto Generator..."
+	docker-compose up -d
+	@echo "✅ Application started!"
+	@echo "🌐 Frontend: http://localhost:3000"
+	@echo "🔧 Backend: http://localhost:8000"
+	@echo "📚 API Docs: http://localhost:8000/docs"
+
+# Stop the application
+stop:
+	@echo "🛑 Stopping CVE-SIGMA Auto Generator..."
+	docker-compose down
+	@echo "✅ Application stopped!"
+
+# Restart the application
+restart: stop start
+
+# Build and start with fresh images
+build: setup
+	@echo "🔨 Building and starting CVE-SIGMA Auto Generator..."
+	docker-compose up -d --build
+	@echo "✅ Application built and started!"
+
+# Show logs
+logs:
+	@echo "📋 Application logs (press Ctrl+C to exit):"
+	docker-compose logs -f
+
+# Clean everything
+clean:
+	@echo "🧹 Cleaning up CVE-SIGMA Auto Generator..."
+	docker-compose down -v --remove-orphans
+	docker system prune -f
+	@echo "✅ Cleanup complete!"
+
+# Development mode (with hot reload)
+dev: setup
+	@echo "🔧 Starting in development mode..."
+	docker-compose -f docker-compose.yml up -d db redis
+	@echo "💡 Database and Redis started. Run backend and frontend locally for development."
+	@echo "   Backend: cd backend && pip install -r requirements.txt && uvicorn main:app --reload"
+	@echo "   Frontend: cd frontend && npm install && npm start"

README.md

@@ -34,14 +34,22 @@ git clone <repository-url>
 cd cve-sigma-generator
 ```
 
-2. (Optional) Set your NVD API Key:
+2. **Quick Start** (Recommended):
 ```bash
-export NVD_API_KEY="your-api-key-here"
+chmod +x start.sh
+./start.sh
 ```
 
-3. Start the application:
+3. **Manual Setup**:
 ```bash
-docker-compose up -d
+# Copy environment file
+cp .env.example .env
+
+# (Optional) Edit .env and add your NVD API key
+nano .env
+
+# Start the application
+docker-compose up -d --build
 ```
 
 4. Wait for services to initialize (about 30-60 seconds)
@@ -186,10 +194,12 @@ docker-compose ps
 
 ### Common Issues
 
-1. **CVE Fetch Failing**: Check NVD API rate limits or network connectivity
+1. **Frontend build fails with "npm ci" error**: This is fixed in the current version. The Dockerfile now uses `npm install` instead of `npm ci`.
-2. **Database Connection Error**: Ensure PostgreSQL is running and accessible
+2. **CVE Fetch Failing**: Check NVD API rate limits or network connectivity
-3. **Frontend Not Loading**: Verify backend is running and CORS is configured
+3. **Database Connection Error**: Ensure PostgreSQL is running and accessible
-4. **Rule Generation Issues**: Check CVE description quality and template matching
+4. **Frontend Not Loading**: Verify backend is running and CORS is configured
+5. **Rule Generation Issues**: Check CVE description quality and template matching
+6. **Port conflicts**: If ports 3000, 8000, or 5432 are in use, stop other services or modify docker-compose.yml
 
 ### Rate Limits
 

backend/main.py

@@ -34,7 +34,7 @@ class CVE(Base):
     published_date = Column(TIMESTAMP)
     modified_date = Column(TIMESTAMP)
     affected_products = Column(ARRAY(String))
-    references = Column(ARRAY(String))
+    reference_urls = Column(ARRAY(String))
     created_at = Column(TIMESTAMP, default=datetime.utcnow)
     updated_at = Column(TIMESTAMP, default=datetime.utcnow)
 
@@ -71,6 +71,7 @@ class CVEResponse(BaseModel):
     severity: Optional[str]
     published_date: Optional[datetime]
     affected_products: Optional[List[str]]
+    reference_urls: Optional[List[str]]
     
     class Config:
         from_attributes = True
@@ -146,9 +147,9 @@ class CVESigmaService:
                                 if cpe_match.get("vulnerable"):
                                     affected_products.append(cpe_match.get("criteria", ""))
                 
-                references = []
+                reference_urls = []
                 if cve_data.get("references"):
-                    references = [ref.get("url", "") for ref in cve_data["references"]]
+                    reference_urls = [ref.get("url", "") for ref in cve_data["references"]]
                 
                 cve_obj = CVE(
                     cve_id=cve_id,
@@ -158,7 +159,7 @@ class CVESigmaService:
                     published_date=datetime.fromisoformat(cve_data.get("published", "").replace("Z", "+00:00")),
                     modified_date=datetime.fromisoformat(cve_data.get("lastModified", "").replace("Z", "+00:00")),
                     affected_products=affected_products,
-                    references=references
+                    reference_urls=reference_urls
                 )
                 
                 self.db.add(cve_obj)

frontend/Dockerfile

@@ -6,18 +6,18 @@ WORKDIR /app
 COPY package*.json ./
 
 # Install dependencies
-RUN npm ci
+RUN npm install
 
 # Copy source code
 COPY . .
 
 # Create non-root user
 RUN addgroup -g 1001 -S nodejs
-RUN adduser -S nextjs -u 1001
+RUN adduser -S reactuser -u 1001
 
 # Change ownership
-RUN chown -R nextjs:nodejs /app
+RUN chown -R reactuser:nodejs /app
-USER nextjs
+USER reactuser
 
 EXPOSE 3000
 

frontend/package.json

@@ -11,14 +11,14 @@
     "react-scripts": "5.0.1",
     "axios": "^1.6.0",
     "react-router-dom": "^6.8.0",
-    "tailwindcss": "^3.3.0",
-    "autoprefixer": "^10.4.14",
-    "postcss": "^8.4.24",
-    "@headlessui/react": "^1.7.17",
-    "@heroicons/react": "^2.0.18",
     "react-syntax-highlighter": "^15.5.0",
     "web-vitals": "^2.1.4"
   },
+  "devDependencies": {
+    "tailwindcss": "^3.3.0",
+    "autoprefixer": "^10.4.14",
+    "postcss": "^8.4.24"
+  },
   "scripts": {
     "start": "react-scripts start",
     "build": "react-scripts build",

frontend/postcss.config.js

@@ -0,0 +1,6 @@
+module.exports = {
+  plugins: {
+    tailwindcss: {},
+    autoprefixer: {},
+  },
+}

frontend/tailwind.config.js

@@ -0,0 +1,33 @@
+/** @type {import('tailwindcss').Config} */
+module.exports = {
+  content: [
+    "./src/**/*.{js,jsx,ts,tsx}",
+    "./public/index.html"
+  ],
+  theme: {
+    extend: {
+      colors: {
+        'cve-blue': '#3b82f6',
+        'cve-green': '#10b981',
+        'cve-red': '#ef4444',
+        'cve-orange': '#f97316',
+        'cve-yellow': '#eab308',
+      },
+      animation: {
+        'fade-in': 'fadeIn 0.5s ease-in-out',
+        'slide-up': 'slideUp 0.3s ease-out',
+      },
+      keyframes: {
+        fadeIn: {
+          '0%': { opacity: '0' },
+          '100%': { opacity: '1' },
+        },
+        slideUp: {
+          '0%': { transform: 'translateY(10px)', opacity: '0' },
+          '100%': { transform: 'translateY(0)', opacity: '1' },
+        },
+      },
+    },
+  },
+  plugins: [],
+}

init.sql

@@ -12,7 +12,7 @@ CREATE TABLE cves (
     published_date TIMESTAMP,
     modified_date TIMESTAMP,
     affected_products TEXT[],
-    references TEXT[],
+    reference_urls TEXT[],
     created_at TIMESTAMP DEFAULT NOW(),
     updated_at TIMESTAMP DEFAULT NOW()
 );

start.sh

@@ -0,0 +1,63 @@
+#!/bin/bash
+
+# CVE-SIGMA Auto Generator Startup Script
+
+echo "🚀 Starting CVE-SIGMA Auto Generator..."
+echo "==============================================="
+
+# Check if Docker and Docker Compose are installed
+if ! command -v docker &> /dev/null; then
+    echo "❌ Docker is not installed. Please install Docker first."
+    exit 1
+fi
+
+if ! command -v docker-compose &> /dev/null; then
+    echo "❌ Docker Compose is not installed. Please install Docker Compose first."
+    exit 1
+fi
+
+# Check if .env file exists, if not create from example
+if [ ! -f .env ]; then
+    echo "📝 Creating .env file from .env.example..."
+    cp .env.example .env
+    echo "✅ .env file created. Please edit it to add your NVD API key for better rate limits."
+fi
+
+# Stop any existing containers
+echo "🛑 Stopping any existing containers..."
+docker-compose down
+
+# Build and start the application
+echo "🔨 Building and starting the application..."
+docker-compose up -d --build
+
+# Wait for services to be ready
+echo "⏳ Waiting for services to start..."
+sleep 10
+
+# Check if services are running
+echo "🔍 Checking service status..."
+if docker-compose ps | grep -q "Up"; then
+    echo "✅ Services are running!"
+    echo ""
+    echo "🌐 Access the application at:"
+    echo "   Frontend: http://localhost:3000"
+    echo "   Backend API: http://localhost:8000"
+    echo "   API Documentation: http://localhost:8000/docs"
+    echo ""
+    echo "📊 The application will automatically:"
+    echo "   - Fetch recent CVEs from NVD"
+    echo "   - Generate SIGMA rules"
+    echo "   - Update every hour"
+    echo ""
+    echo "💡 Tip: Add your NVD API key to .env for higher rate limits"
+    echo "   Get one free at: https://nvd.nist.gov/developers/request-an-api-key"
+else
+    echo "❌ Some services failed to start. Check logs with:"
+    echo "   docker-compose logs"
+fi
+
+# Show logs
+echo ""
+echo "📋 Recent logs (press Ctrl+C to exit):"
+docker-compose logs -f --tail=50