-
Notifications
You must be signed in to change notification settings - Fork 114
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A few adjustments to the new Vulnerability findings class #718
Conversation
Signed-off-by: Rajas <rajaspa@amazon.com>
Signed-off-by: Rajas <rajaspa@amazon.com>
Signed-off-by: Rajas <rajaspa@amazon.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
It looks like this change leaves the new kb_article object orphaned? I see the attribute kb_articles used in the remediation object. But I don't see the kb_article object is related to the vulnerability/cve? |
@jasonbreimer The original kb_articles field was a simple string array, it was replaced with references in the remediation object. The new kb_articles object is now used in the vulnerability object. Each vulnerability object in the vulnerabilities array, will have kb_articles(an array of the new kb_article object). Hopefully this clarifies, but let me know if you have any questions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder about the standards object. It is meant for a compliance finding, which probably should be a separate class (not part of the vulnerability finding class).
Yep that's correct, it's not a part of this class. Just added it to the dictionary to be used in the upcoming compliance findings class |
Related Issue: #684
Description of changes:
fixed_in_version
,kb_articles
(attribute only) andstandards
to dictionarykb_articles
withreferences
inremediation
objectkb_articles
andremediation
invulnerability
objectfixed_in_version
,path
,remediation
inaffected_package
objectremediation
from the base vulnerability finding class, (each vulnerability has it's own contextual remediation)