PeterCxy/android-asb-scraper
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
fsck AOSP for not providing monthly security tags or a machine-readable manifest
11 commits 1 branch 0 tags 428 KiB
  • Python 100%
Find a file
Exact
Android ASB Scraper e59f0dc0f7 Add warning
2026-04-12 12:36:59 -04:00
asb_data Update Apr 2026 patch JSON 2026-04-12 12:24:43 -04:00
patches Add downloaded patches 2026-04-12 12:26:25 -04:00
utils Refactor: create utils package and add enhancements 2026-04-07 19:28:45 -04:00
.gitignore Add PLAN.md to .gitignore 2026-04-07 19:31:03 -04:00
download_patches.py Refactor: create utils package and add enhancements 2026-04-07 19:28:45 -04:00
README.md Add warning 2026-04-12 12:36:59 -04:00
requirements.txt Refactor: create utils package and add enhancements 2026-04-07 19:28:45 -04:00
scrape_asb.py Refactor: create utils package and add enhancements 2026-04-07 19:28:45 -04:00

README.md

WARNING: This repo is almost entirely vibe-coded. If you choose to use it, you should always manually verify the JSON / download patches against the ASB web page. This repo saves you from clicking on every single link just to download the patches, it does NOT absolve you from the responsibility of using the patches.

It is also possible that these patches do not apply cleanly over your AOSP checkout, because Google, in their infinite wisdom, does not provide links to version-specific forward-ports / backports when there are conflicts. It is outside of the scope of this repo to resolve that.

Android Security Bulletin Scraper

A Python tool to scrape Android Security Bulletins from https://source.android.com/docs/security/bulletin/asb-overview.

Features

  • Scrapes all monthly bulletins from the past year
  • Filters out kernel vulnerabilities (CVEs in Kernel section)
  • Filters out vendor-specific vulnerabilities (Qualcomm, MediaTek, Samsung, etc.)
  • Outputs JSON per month with the following structure:
    • Month identifier (YYYY-MM)
    • Source URL
    • List of vulnerabilities with:
      • CVE ID
      • References (including multiple patches when available)
      • Vulnerability type (EoP, DoS, ID, etc.)
      • Severity (Critical, High, Medium, Low)
      • Affected Android versions

Usage

Scrape ASB Data

pip install -r requirements.txt
python scrape_asb.py

This will scrape all monthly bulletins from the past year and save them to asb_data/.

Output

The scraper creates an asb_data/ directory with one JSON file per month (e.g., 2025-12.json).

The patch downloader creates an patches/ directory with subdirectories organized by component path (e.g., patches/2025-12/frameworks/base/).

Patch Downloader

After running the scraper, you can download git patches for specific vulnerabilities:

python download_patches.py asb_data/2025-12.json -a 14 -s /path/to/android/source

Or with custom output directory:

python download_patches.py asb_data/2025-12.json -a 14 -s /path/to/android/source -o /custom/output/path

Note: The --source-tree and --android-version flags are required.

The patch downloader:

  • Requires an existing Android source tree (no cloning)
  • Downloads only the commits referenced in the ASB JSON
  • Does not modify the source tree (read-only operations)
  • Organizes patches in subdirectories matching their AOSP location (e.g., patches/2025-12/frameworks/base/)
  • Saves patches with meaningful filenames: {datetime}_{commit_subject}_{commit_hash}.patch

Required arguments

  • -a, --android-version: Filter patches for a specific Android version (e.g., 14, 15, 16)
  • -s, --source-tree: Path to your existing Android source tree checkout

Optional arguments

  • -o, --output-dir: Output directory for patches (default: patches/)

Requirements

  • Python 3.7+
  • requests
  • beautifulsoup4
  • git (for cloning repositories, format-patch, and using existing source tree)