Skip to content

Commit

Permalink
feat(spec1-5): add support for firstIssued and lastUpdated in vul…
Browse files Browse the repository at this point in the history
…n analysis

Signed-off-by: nscuro <[email protected]>
  • Loading branch information
nscuro committed Dec 7, 2023
1 parent 25b250a commit d597bb9
Show file tree
Hide file tree
Showing 5 changed files with 12 additions and 2 deletions.
2 changes: 2 additions & 0 deletions cyclonedx.go
Original file line number Diff line number Diff line change
Expand Up @@ -621,6 +621,8 @@ type VulnerabilityAnalysis struct {
Justification ImpactAnalysisJustification `json:"justification,omitempty" xml:"justification,omitempty"`
Response *[]ImpactAnalysisResponse `json:"response,omitempty" xml:"responses>response,omitempty"`
Detail string `json:"detail,omitempty" xml:"detail,omitempty"`
FirstIssued string `json:"firstIssued,omitempty" xml:"firstIssued,omitempty"`
LastUpdated string `json:"lastUpdated,omitempty" xml:"lastUpdated,omitempty"`
}

type VulnerabilityRating struct {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,9 @@
"will_not_fix",
"update"
],
"detail": "An optional explanation of why the application is not affected by the vulnerable component."
"detail": "An optional explanation of why the application is not affected by the vulnerable component.",
"firstIssued": "2022-01-01T00:00:00.000Z",
"lastUpdated": "2022-02-01T00:00:00.000Z"
},
"affects": [
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,8 @@
<response>update</response>
</responses>
<detail>An optional explanation of why the application is not affected by the vulnerable component.</detail>
<firstIssued>2022-01-01T00:00:00.000Z</firstIssued>
<lastUpdated>2022-02-01T00:00:00.000Z</lastUpdated>
</analysis>
<affects>
<target>
Expand Down
4 changes: 3 additions & 1 deletion testdata/valid-vulnerability.json
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,9 @@
"state": "not_affected",
"justification": "code_not_reachable",
"response": ["will_not_fix", "update"],
"detail": "An optional explanation of why the application is not affected by the vulnerable component."
"detail": "An optional explanation of why the application is not affected by the vulnerable component.",
"firstIssued": "2022-01-01T00:00:00.000Z",
"lastUpdated": "2022-02-01T00:00:00.000Z"
},
"affects": [
{
Expand Down
2 changes: 2 additions & 0 deletions testdata/valid-vulnerability.xml
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,8 @@
<response>update</response>
</responses>
<detail>An optional explanation of why the application is not affected by the vulnerable component.</detail>
<firstIssued>2022-01-01T00:00:00.000Z</firstIssued>
<lastUpdated>2022-02-01T00:00:00.000Z</lastUpdated>
</analysis>
<affects>
<target>
Expand Down

0 comments on commit d597bb9

Please sign in to comment.