-
Notifications
You must be signed in to change notification settings - Fork 0
/
vulnerabilities.go
118 lines (106 loc) · 2.97 KB
/
vulnerabilities.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
package govex
import (
"cmp"
"slices"
"sort"
"strings"
"github.com/grokify/mogo/type/slicesutil"
"github.com/grokify/mogo/type/stringsutil"
"github.com/grokify/govex/cve20"
)
type Vulnerabilities []Vulnerability
// FilterFixedInVersion returns a filtered subset with a fix version match, including empty string.
func (vs *Vulnerabilities) FilterFixedInVersion(fixVersions []string, severity string) (Vulnerabilities, error) {
fixVersions = stringsutil.SliceCondenseSpace(fixVersions, true, true)
severity = strings.TrimSpace(severity)
fnIncl := func(jv Vulnerability) (bool, error) {
verExcl := strings.TrimSpace(jv.VersionEndExcluding)
if !slices.Contains(fixVersions, verExcl) {
return false, nil
}
if severity != "" && severity != jv.Severity {
return false, nil
} else {
return true, nil
}
}
return vs.FilterFunc(fnIncl)
}
func (vs *Vulnerabilities) FilterFunc(fnFilter func(j Vulnerability) (bool, error)) (Vulnerabilities, error) {
out := Vulnerabilities{}
for _, ji := range *vs {
if incl, err := fnFilter(ji); err != nil {
return out, err
} else if incl {
out = append(out, ji)
}
}
return out, nil
}
// FilterFixedInVersion returns a filtered subset with a fix version match, including empty string.
func (vs *Vulnerabilities) FilterFixedInVersionAge(fixVersion, baseSeverity string, slaDays uint, slaElapsed bool) Vulnerabilities {
fixVersion = strings.TrimSpace(fixVersion)
baseSeverity = strings.TrimSpace(baseSeverity)
out := Vulnerabilities{}
for _, ci := range *vs {
verExcl := strings.TrimSpace(ci.VersionEndExcluding)
if verExcl != fixVersion {
continue
}
if baseSeverity != "" && baseSeverity != ci.Severity {
continue
}
}
return out
}
func (vs *Vulnerabilities) IDs(unique bool) []string {
var ids []string
for _, ci := range *vs {
ids = append(ids, ci.ID)
}
if unique {
ids = slicesutil.Dedupe(ids)
}
sort.Strings(ids)
return ids
}
func (vs *Vulnerabilities) OrderdListMarkdownBytes(opts *ValueOpts) []byte {
var out []byte
lines := vs.OrderdListMarkdownLines(opts)
for i, line := range lines {
out = append(out, []byte(line)...)
if i < len(lines)-1 {
out = append(out, []byte("\n")...)
}
}
return out
}
func (vs *Vulnerabilities) OrderdListMarkdownLines(opts *ValueOpts) []string {
var lines []string
for _, ji := range *vs {
parts := []string{
"1.",
ji.Value(FieldID, "", opts),
ji.Value(FieldSeverity, "", opts),
ji.Value(FieldSLAOpenStatus, "", opts),
ji.Value(FieldNameAndDesc, "", opts),
ji.Value(FieldAcceptedTimeRFC3339, "", opts),
ji.Value(FieldFixVersion, "", opts),
}
lines = append(lines, strings.Join(parts, " "))
}
return lines
}
func (vs *Vulnerabilities) SortByID() {
slices.SortFunc(*vs, func(a, b Vulnerability) int {
return cmp.Compare(a.ID, b.ID)
})
}
func (vs *Vulnerabilities) CVE20Vulnerabilities() cve20.Vulnerabilities {
var v []cve20.Vulnerability
for _, ci := range *vs {
cvi := ci.CVE()
v = append(v, cve20.Vulnerability{CVE: &cvi})
}
return v
}