name: Sync CVE PoCs

on:
  schedule:
    - cron: "15 2 * * *"
  workflow_dispatch:

jobs:
  sync:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3

      - name: Set up Python
        uses: actions/setup-python@v4
        with:
          python-version: '3.x'

      - name: Update CVE records from GitHub PoCs
        run: python scripts/update_cves.py

      - name: Check for changes and commit
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          git config --global user.name '0xMarcio'
          git config --global user.email 'marc@codepwn.win'
          git remote set-url origin https://github-actions[bot]:$GITHUB_TOKEN@github.com/0xMarcio/cve.git

          if [ -n "$(git status --porcelain)" ]; then
            git add .
            git commit -m "Daily CVE sync $(date +'%Y-%m-%d %H:%M')"
            git push origin main
          else
            echo "No changes to commit"
          fi