Skip to content

Commit

Permalink
Add OSV mapping of limit and database_specific (#52)
Browse files Browse the repository at this point in the history 
* added limit and database_specific range mapping

* refactor database_specific parsing
  • Loading branch information
@sahibamittal
sahibamittal authored Mar 21, 2024
1 parent e9f943d commit f94f8b2
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 10 deletions.
14 changes: 12 additions & 2 deletions src/main/java/io/github/nscuro/versatile/VersUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,8 @@ public static Vers versFromGhsaRange(final String ecosystem, final String rangeE
* @throws VersException When the produced {@link Vers} is invalid
* @throws InvalidVersionException When any version in the range is invalid according to the inferred {@link VersioningScheme}
*/
public static Vers versFromOsvRange(final String type, final String ecosystem, final List<Map.Entry<String, String>> events) {
public static Vers versFromOsvRange(final String type, final String ecosystem,
final List<Map.Entry<String, String>> events, final Map<String, Object> databaseSpecific) {
if (!"ecosystem".equalsIgnoreCase(type) && !"semver".equalsIgnoreCase(type)) {
throw new IllegalArgumentException("Range type \"%s\" is not supported".formatted(type));
}
Expand All @@ -97,7 +98,7 @@ public static Vers versFromOsvRange(final String type, final String ecosystem, f

final Comparator comparator = switch (event.getKey()) {
case "introduced" -> Comparator.GREATER_THAN_OR_EQUAL;
case "fixed" -> Comparator.LESS_THAN;
case "fixed", "limit" -> Comparator.LESS_THAN;
case "last_affected" -> Comparator.LESS_THAN_OR_EQUAL;
default -> throw new IllegalArgumentException("Invalid event \"%s\" at position %d"
.formatted(event.getKey(), i));
Expand All @@ -116,6 +117,15 @@ public static Vers versFromOsvRange(final String type, final String ecosystem, f
versBuilder.withConstraint(comparator, event.getValue());
}

if (databaseSpecific != null && databaseSpecific.get("last_known_affected_version_range") instanceof String) {
String lastKnownAffectedRange = (String) databaseSpecific.get("last_known_affected_version_range");
if (lastKnownAffectedRange.startsWith("<=")) {
versBuilder.withConstraint(Comparator.LESS_THAN_OR_EQUAL, lastKnownAffectedRange.replaceFirst("<=", "").trim());
} else if (lastKnownAffectedRange.startsWith("<")) {
versBuilder.withConstraint(Comparator.LESS_THAN, lastKnownAffectedRange.replaceFirst("<", "").trim());
}
}

return versBuilder.build();
}

Expand Down
30 changes: 22 additions & 8 deletions src/test/java/io/github/nscuro/versatile/VersUtilsTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,37 +88,51 @@ private static Stream<Arguments> testVersFromOsvRangeArguments() {
return Stream.of(
arguments(
List.of(Map.entry("introduced", "1.2.3")),
null,
"vers:generic/>=1.2.3"
),
arguments(
List.of(Map.entry("introduced", "1.2.3"), Map.entry("fixed", "3.2.1")),
null,
"vers:generic/>=1.2.3|<3.2.1"
),
arguments(
List.of(Map.entry("introduced", "1.2.3"), Map.entry("last_affected", "3.2.1")),
null,
"vers:generic/>=1.2.3|<=3.2.1"
),
arguments(
List.of(Map.entry("last_affected", "3.2.1"), Map.entry("introduced", "1.2.3")),
Map.of("foo", "bar"),
"vers:generic/>=1.2.3|<=3.2.1"
),
arguments(
List.of(Map.entry("introduced", "1.2.3"), Map.entry("limit", "3.2.1")),
Map.of("last_known_affected_version_range", Map.of("foo", "bar")),
"vers:generic/>=1.2.3|<3.2.1"
),
arguments(
List.of(Map.entry("introduced", "4.5.6")),
Map.of("last_known_affected_version_range", "<7.8.9"),
"vers:generic/>=4.5.6|<7.8.9"
)
);
}

@ParameterizedTest
@MethodSource("testVersFromOsvRangeArguments")
void testVersFromOsvRange(final List<Map.Entry<String, String>> events, final String expectedVers) {
assertThat(versFromOsvRange("ecosystem", "other", events)).hasToString(expectedVers);
void testVersFromOsvRange(final List<Map.Entry<String, String>> events, final Map<String, Object> databaseSpecific, final String expectedVers) {
assertThat(versFromOsvRange("ecosystem", "other", events, databaseSpecific)).hasToString(expectedVers);
}

@Test
void testVersFromOsvRangeWithInvalidRangeType() {
final List<Map.Entry<String, String>> events = List.of(Map.entry("introduced", "0"));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> versFromOsvRange(null, "other", events));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> versFromOsvRange("", "other", events));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> versFromOsvRange("git", "other", events));
assertThatNoException().isThrownBy(() -> versFromOsvRange("ecosystem", "other", events));
assertThatNoException().isThrownBy(() -> versFromOsvRange("semver", "other", events));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> versFromOsvRange(null, "other", events, null));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> versFromOsvRange("", "other", events, null));
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> versFromOsvRange("git", "other", events, null));
assertThatNoException().isThrownBy(() -> versFromOsvRange("ecosystem", "other", events, null));
assertThatNoException().isThrownBy(() -> versFromOsvRange("semver", "other", events, null));
}

@ParameterizedTest
Expand Down Expand Up @@ -266,7 +280,7 @@ void testVersFromOsvRangeWithAllRanges(final String ecosystem) throws Exception
}

try {
final Vers vers = versFromOsvRange(range.get("type").asText(), ecosystem, events);
final Vers vers = versFromOsvRange(range.get("type").asText(), ecosystem, events, null);
arrayNode.add(objectMapper.createObjectNode()
.put("name", affected.get("package").get("name").asText())
.putPOJO("events", events)
Expand Down

0 comments on commit f94f8b2

Please sign in to comment.