Skip to content

Add Affected versions list when no range is available #5047

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add Affected versions list when no range is available #5047

wants to merge 3 commits into from

Conversation

merlin-sievers
Copy link

In cases where no range of affected versions is available (usually denoted as "-" due to the missing start and end point of the version range), a list of affected versions, which is usually available, is printed instead (still only when supplying the --affected-versions option).

This is useful when trying to automatically find the next recent version that is not affected while no affected version range is available.

@merlin-sievers merlin-sievers force-pushed the merlin-sievers/affected-versions-list branch from e9b43ca to 0a5b1fe Compare April 23, 2025 12:24
@joydeep049
Copy link
Contributor

Seems like a fairly straightforward fix. Did you test this on your local @merlin-sievers ?

@merlin-sievers
Copy link
Author

Yes, WorksOnMyMachine™ @joydeep049

@joydeep049
Copy link
Contributor

Then we can consider merging this @terriko @mastersans

@joydeep049
Copy link
Contributor

Hi @merlin-sievers
You need to run linters on your code. Please refer to the relevant documentation.

terriko
terriko requested changes Apr 28, 2025
View reviewed changes
Copy link
Contributor

@terriko terriko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this! It sounds useful.

Looks like our linters are complaining about some whitespace stuff:

 cve_bin_tool/cve_scanner.py:146:67: E231 missing whitespace after ','
cve_bin_tool/cve_scanner.py:146:70: E231 missing whitespace after ','
cve_bin_tool/cve_scanner.py:146:73: E231 missing whitespace after ','

I did a quick "suggestion" that should fix those ones, but you probably should just run black on the changed files in case it's got anything else it's being picky about. There's more on our linters here if you've never used these before: https://github.com/intel/cve-bin-tool/blob/main/CONTRIBUTING.md#running-linters

cve_bin_tool/cve_scanner.py
"""
self.cursor.execute(query, [cve_number])
affected_versions = list(set(map(lambda x: x[0], self.cursor.fetchall())))
self.all_cve_version_info[cve_number] = VersionInfo('','','','', affected_versions)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
self.all_cve_version_info[cve_number] = VersionInfo('','','','', affected_versions)
self.all_cve_version_info[cve_number] = VersionInfo('', '', '', '', affected_versions)

@merlin-sievers
Copy link
Author

Oh, sorry I missed the linters.
black introduces a few fixes, but codespell is still unhappy about some spellings that are not related to my changes but are in the same files.
I could also fix those, if you'd like, but maybe that's something for another pull request...?

@joydeep049
Copy link
Contributor

joydeep049 commented Apr 30, 2025
edited
Loading

There's an error related to commit message in your PR. It does not follow the conventional commit structure.
For more details check out https://github.com/intel/cve-bin-tool/blob/main/CONTRIBUTING.md#commit-message-tips

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@terriko terriko terriko requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@merlin-sievers @joydeep049 @terriko