From b3d2c6b601a278bf96d22d609633c36f7905c544 Mon Sep 17 00:00:00 2001 From: Jordan Jensen Date: Fri, 20 Jun 2025 16:41:11 -0700 Subject: [PATCH 1/2] Prefer ECOSYSTEM fixed event --- .../src/components/VulnerabilityChecker.vue | 22 ++++++++++--------- extensions/publisher-cves/src/stores/vulns.ts | 18 +++++++++------ 2 files changed, 23 insertions(+), 17 deletions(-) diff --git a/extensions/publisher-cves/src/components/VulnerabilityChecker.vue b/extensions/publisher-cves/src/components/VulnerabilityChecker.vue index 288072b9..6594ad9b 100644 --- a/extensions/publisher-cves/src/components/VulnerabilityChecker.vue +++ b/extensions/publisher-cves/src/components/VulnerabilityChecker.vue @@ -2,7 +2,7 @@ import { useVulnsStore } from "../stores/vulns"; import { usePackagesStore } from "../stores/packages"; import { useContentStore } from "../stores/content"; -import type { Vulnerability } from "../stores/vulns"; +import type { Vulnerability, VulnerabilityRange } from "../stores/vulns"; import type { Package } from "../stores/packages"; import { computed } from "vue"; @@ -68,19 +68,21 @@ function getFixedVersion(vuln: Vulnerability): string | null { return null; } - // Look through all ranges + let result: string | null = null; + + const getFixedEventValue = (range: VulnerabilityRange): string | null => { + return range.events.find((e) => Boolean(e.fixed))?.fixed || null; + }; + for (const range of vuln.ranges) { - // Look for events with a "fixed" property - if (range.events && Array.isArray(range.events)) { - for (const event of range.events) { - if (event.fixed) { - return event.fixed; - } - } + if (range.type === "ECOSYSTEM" && range.events) { + return getFixedEventValue(range); + } else { + result = getFixedEventValue(range); } } - return null; + return result; } // Go back to content list diff --git a/extensions/publisher-cves/src/stores/vulns.ts b/extensions/publisher-cves/src/stores/vulns.ts index e49e6d3c..4d88de3a 100644 --- a/extensions/publisher-cves/src/stores/vulns.ts +++ b/extensions/publisher-cves/src/stores/vulns.ts @@ -1,16 +1,20 @@ import { defineStore } from "pinia"; import { ref } from "vue"; +export interface VulnerabilityEvent { + introduced?: string; + fixed?: string; +} + +export interface VulnerabilityRange { + type: string; + events: VulnerabilityEvent[]; +} + export interface Vulnerability { id: string; versions: Record; - ranges: Array<{ - type: string; - events: Array<{ - introduced?: string; - fixed?: string; - }>; - }>; + ranges: VulnerabilityRange[]; summary: string; details: string; modified: string; From 00b5d13cafe9ef3d468b43664e056172d11e28ca Mon Sep 17 00:00:00 2001 From: Jordan Jensen Date: Fri, 20 Jun 2025 16:43:54 -0700 Subject: [PATCH 2/2] Update manifest checksums --- extensions/publisher-cves/manifest.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/extensions/publisher-cves/manifest.json b/extensions/publisher-cves/manifest.json index 64853893..4656bacd 100644 --- a/extensions/publisher-cves/manifest.json +++ b/extensions/publisher-cves/manifest.json @@ -20,14 +20,14 @@ }, "packages": {}, "files": { + "dist/assets/index-B41wDw7-.js": { + "checksum": "6f226fcbe63e27f856c8755bfa5f2cdc" + }, "dist/assets/index-CteWUkOR.css": { "checksum": "e26ddbd6163e429121aaac82256c8f53" }, - "dist/assets/index-vlEy0F6m.js": { - "checksum": "da2cb1d917ec752760f9186b7d02d185" - }, "dist/index.html": { - "checksum": "0fed520b0a89f55e25e1bbce548aa482" + "checksum": "69a4a2125195046f07166dbdd55fcf8b" }, "main.py": { "checksum": "f8385dbd8a8cd24204f1eb6209f8bb30"