Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: allow filtering of CertifyVuln query results based on whether they have vulnerabilities #1073

Merged
merged 1 commit into from Jul 19, 2023
Merged

feat: allow filtering of CertifyVuln query results based on whether they have vulnerabilities #1073

merged 1 commit into from Jul 19, 2023

Conversation

dejanb
Copy link
Contributor

@dejanb dejanb commented Jul 19, 2023

Description of the PR

This is an attempt to fix #1044 and allow CertifyVuln queries to return only results that include packages with or without vulnerabilities.

For that I changed the semantics of the NoVuln attribute to allow this filtering. This filter could be then used in combination with package filtering.

Some examples of valid queries with this change

  1. return all packages with vulnerabilities
query CertifyVuln {
  CertifyVuln(certifyVulnSpec: {
    vulnerability: {noVuln: false}
  }) {
    ...allCertifyVulnTree
  }
}
  1. return all openssl packages that have no vulnerabilties
query CertifyNoVuln {
  CertifyVuln(certifyVulnSpec: {
    package: {name: "openssl"},
    vulnerability: {noVuln: true}
  }) {
    ...allCertifyVulnTree
  }
}

All other queries, using no filter, specific vulnerability or package filters should keep working the same

Fixes #1044

PR Checklist

  • All commits have a Developer Certificate of Origin (DCO) -- they are generated using -s flag to git commit.
  • All new changes are covered by tests
  • If GraphQL schema is changed, make generate has been run
  • If collectsub protobuf has been changed, make proto has been run
  • All CI checks are passing (tests and formatting)
  • All dependent PRs have already been merged

@dejanb
feat: allow filtering of CertifyVuln query results based on whether t…
8d8eb7f 
…hey have vulnerabilities

Signed-off-by: Dejan Bosanac <dbosanac@redhat.com>
@dejanb dejanb mentioned this pull request Jul 19, 2023
Open
mihaimaruseac
mihaimaruseac approved these changes Jul 19, 2023
View reviewed changes
Copy link
Collaborator

@mihaimaruseac mihaimaruseac left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this! Thank you

pxp928
pxp928 approved these changes Jul 19, 2023
View reviewed changes
Copy link
Collaborator

@pxp928 pxp928 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM Thanks @dejanb

@kodiakhq kodiakhq bot merged commit d438521 into guacsec:main Jul 19, 2023
9 checks passed
This was referenced Aug 16, 2023
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mihaimaruseac mihaimaruseac mihaimaruseac approved these changes

@pxp928 pxp928 pxp928 approved these changes

Assignees
No one assigned
Labels
size/M
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[feature] Querying a package for direct vulnerabilities (experimental query API)
3 participants
@dejanb @mihaimaruseac @pxp928