Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add: Add new API for parsing CPEs (pontos.cpe) #913

Merged
merged 1 commit into from
Oct 27, 2023
Merged

Add: Add new API for parsing CPEs (pontos.cpe) #913

merged 1 commit into from
Oct 27, 2023

Conversation

bjoernricks
Copy link
Contributor

What

Add new API for parsing CPEs (pontos.cpe)

It follows the spec at https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf very closely and implements all their escaping. Just the conversion to percent-encoded strings for quoting non-alphanumeric characters is using urllib.parser.quote and unquote which support additional quoting besides specified in the CPE document.

Why

Allow to parse and analyze CPE information from their v2.2 and v2.3 string representations. It's also possible to convert a v2.2 CPE representation into a v2.3 and vice versa. We need this for being able to use the new NIST CVE and CPE API.

References

DEVOPS-472

Checklist

  • Tests

@bjoernricks
Add: Add new API for parsing CPEs (pontos.cpe)
a59d24a 
Allow to parse and analyze CPE information from their v2.2 and v2.3
string representations. It's also possible to convert a v2.2 CPE
representation into a v2.3 and vice versa.

It follows the spec at https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf
very closely and implements all their escaping. Just the conversion to
percent-encoded strings for quoting non-alphanumeric characters is using
`urllib.parser.quote` and `unquote` which support additional quoting
besides specified in the CPE document.
@bjoernricks bjoernricks requested a review from a team as a code owner October 27, 2023 08:46
@bjoernricks bjoernricks enabled auto-merge (rebase) October 27, 2023 08:46
@github-actions
Copy link

Conventional Commits Report

Type Number
Added 1

🚀 Conventional commits found.

@codecov
Copy link

codecov bot commented Oct 27, 2023

Codecov Report

Merging #913 (a59d24a) into main (84ee098) will increase coverage by 0.14%.
The diff coverage is 94.59%.

@@            Coverage Diff             @@
##             main     #913      +/-   ##
==========================================
+ Coverage   90.18%   90.33%   +0.14%     
==========================================
  Files          94       95       +1     
  Lines        6366     6588     +222     
  Branches      900      944      +44     
==========================================
+ Hits         5741     5951     +210     
- Misses        432      437       +5     
- Partials      193      200       +7
Files Coverage Δ
pontos/cpe/_cpe.py 94.59% <94.59%> (ø)

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@bjoernricks bjoernricks added the make release To trigger GitHub release action. label Oct 27, 2023
@bjoernricks bjoernricks merged commit 79ec113 into main Oct 27, 2023
21 checks passed
@bjoernricks bjoernricks deleted the cpe-parsing branch October 27, 2023 10:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@y0urself y0urself y0urself approved these changes

Assignees
No one assigned
Labels
make release To trigger GitHub release action.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bjoernricks @y0urself