mirror of https://github.com/vulnerability-lookup/BlueSkySight synced 2025-10-01 17:16:08 +00:00

A client to gather vulnerability-related information from Bluesky.

Find a file

Cédric Bonhomme b7e2e7a918 new: [docker] Added docker setup. vulnerability-lookup/vulnerability-lookup#192		2025-08-18 14:12:21 +02:00
.github/workflows	new: [core] Added new async report_error function and preparing a first trusted release on Pypi.	2025-02-13 08:48:06 +01:00
blueskysight	new: [core] Added new async report_error function and preparing a first trusted release on Pypi.	2025-02-13 08:48:06 +01:00
.editorconfig	chg: Initial commit.	2024-12-18 23:29:17 +01:00
.gitignore	chg: Initial commit.	2024-12-18 23:29:17 +01:00
.pre-commit-config.yaml	chg: Initial commit.	2024-12-18 23:29:17 +01:00
CHANGELOG.md	new: [core] Added new async report_error function and preparing a first trusted release on Pypi.	2025-02-13 08:48:06 +01:00
COPYING	chg: Initial commit.	2024-12-18 23:29:17 +01:00
docker-compose.yml	new: [docker] Added docker setup. vulnerability-lookup/vulnerability-lookup#192	2025-08-18 14:12:21 +02:00
Dockerfile	new: [docker] Added docker setup. vulnerability-lookup/vulnerability-lookup#192	2025-08-18 14:12:21 +02:00
poetry.lock	chg: [dependencies] Updated Python dependencies.	2025-08-18 14:10:30 +02:00
pyproject.toml	chg: [dependencies] Updated Python dependencies.	2025-08-18 14:10:30 +02:00
README.md	new: [docker] Added docker setup. vulnerability-lookup/vulnerability-lookup#192	2025-08-18 14:09:01 +02:00

README.md

BlueSkySight

A client to gather vulnerability-related information from Bluesky. The collected data is then sent to the Vulnerability-Lookup API as sightings.

Installation

pipx is an easy way to install and run Python applications in isolated environments. It's easy to install.

$ pipx install BlueSkySight
$ export BLUESKYSIGHT_CONFIG=~/.BlueSkySight/conf.py

The configuration should be defined in a Python file (e.g., ~/.BlueSkySight/conf.py). You must then set an environment variable (BLUESKYSIGHT_CONFIG) with the full path to this file.

You can have a look at this example of configuration.

With Docker

git clone https://github.com/vulnerability-lookup/BlueSkySight
cd BlueSkySight

# Make sure conf.py exists in the project root before running
docker compose up --build

Note

The docker-compose.yml expects a conf.py file in the root directory. You can create it manually or copy the provided example:
$ cp blueskysight/conf_sample.py conf.py

Streaming the Firehose

BlueSkySight-Firehose streams data from the Bluesky's firehose and uses PyVulnerabilityLookup to create sightings in Vulnerability-Lookup.

$ BlueSkySight-Firehose   
Connecting to the Bluesky firehose…
Connection established.

Streaming a Jetstream service

BlueSkySight-Jetstream connects to Bluesky's firehose via Jetstream.

$ BlueSkySight-Jetstream --help
usage: BlueSkySight-Jetstream [-h] [--collections COLLECTIONS] [--geo {us-east,us-west}] [--instance {1,2}]

Connect to a Jetstream service.

options:
  -h, --help            show this help message and exit
  --collections COLLECTIONS
                        The collections to subscribe to. If not provided, subscribe to all.
  --geo {us-east,us-west}
                        Region of the Jetstream service.
  --instance {1,2}      Instance of the Jetstream service.


$ BlueSkySight-Jetstream 
Connecting to the Bluesky Jetstream at wss://jetstream1.us-west.bsky.network/subscribe?wantedCollections=app.bsky.feed.post…
Connection established. Listening for messages…

License

BlueSkySight is licensed under GNU General Public License version 3

Copyright (c) 2024-2025 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (C) 2024-2025 Cédric Bonhomme - https://github.com/cedricbonhomme