From 63b51c4dd1538ec53d1cd1bb5a960f90d3680b17 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Thu, 26 Dec 2024 09:56:33 +0800 Subject: [PATCH 1/9] fix sync notice --- cve-vulner-manager/taskhandler/issuestatistics.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cve-vulner-manager/taskhandler/issuestatistics.go b/cve-vulner-manager/taskhandler/issuestatistics.go index a6f29de..66a82f0 100644 --- a/cve-vulner-manager/taskhandler/issuestatistics.go +++ b/cve-vulner-manager/taskhandler/issuestatistics.go @@ -326,7 +326,7 @@ func ProcSecLinkTemplate(beforeDate, prcnum int, owner, accessToken string) erro } // Determine whether cve has been processed exist, saData := GetCveSecurityNotice(temp.CveNum, temp.Repo, true) - if exist && saData.Result.IsFixed() && len(saData.Result.AffectedProduct) > 2 { + if exist && saData.Result.AffectedProduct != "" { // Update sa release time UpdateSAReleaseTime(saData.Result.AffectedProduct, saData.Result.CreateTime, temp.TemplateId) secLink := secLinkConfig + "/zh/security/safety-bulletin/detail/?id=" + saData.Result.AffectedProduct -- Gitee From daf90bdef7b3b0b28d5756663a313f8fe77e1734 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Fri, 3 Jan 2025 11:10:30 +0800 Subject: [PATCH 2/9] check openeuler score and vector when release unaffected --- cve-vulner-manager/models/issue.go | 17 +++++++++++++ cve-vulner-manager/taskhandler/excel.go | 33 +++++++++++++++++++++++++ 2 files changed, 50 insertions(+) diff --git a/cve-vulner-manager/models/issue.go b/cve-vulner-manager/models/issue.go index c9f0a1a..922d4fb 100644 --- a/cve-vulner-manager/models/issue.go +++ b/cve-vulner-manager/models/issue.go @@ -789,3 +789,20 @@ func (t *IssueTemplate) IsIssueComplete() bool { const StatusCompleted = 3 return t.Status == StatusCompleted } + +func (t *IssueTemplate) HasAffected() bool { + split := strings.Split(t.AnalysisVersion, ",") + for _, v := range split { + item := strings.Split(v, ":") + if len(item) != 2 || item[1] == "" { + continue + } + + _, ok := common.AnalysisUnaffected[item[1]] + if !ok { + return true + } + } + + return false +} diff --git a/cve-vulner-manager/taskhandler/excel.go b/cve-vulner-manager/taskhandler/excel.go index 830c936..56c1b2a 100644 --- a/cve-vulner-manager/taskhandler/excel.go +++ b/cve-vulner-manager/taskhandler/excel.go @@ -1188,6 +1188,18 @@ func UnaffectIssueProc(affectBranch string, cvrfFileList map[string][]string, continue } + // 新数据,检查openeuler评分和向量 + if v.IsIssueWithAnalysisVersion() && v.HasAffected() { + commentFunc := func(content string) { + AddCommentToIssue(content, v.IssueNum, owner, v.Repo, accessToken) + } + + if !CheckOpenEulerScoreAndVector(&v, commentFunc) { + logs.Error("CheckOpenEulerScoreAndVector of [%s %s] failed", v.Repo, v.IssueNum) + continue + } + } + var status string var released bool issueExist, _ := GetCveSecurityNotice(v.CveNum, v.Repo, true) @@ -1407,6 +1419,27 @@ func getRepoIssueAllPR(affectBranch, token, owner, repo string, startTime, return } +func CheckOpenEulerScoreAndVector(issue *models.IssueTemplate, comment func(content string)) bool { + if issue.OpenEulerScore == 0 || issue.OpenEulerVector == "" { + cc := fmt.Sprintf("@%v CVSS评分和矢量值不能为空", issue.Assignee) + comment(cc) + + return false + } + + score, _ := models.QueryIssueScore(issue.CveId) + if score.ScoreType == "V3" { + if util.CalculateCVSSV3BaseScore(issue.OpenEulerVector) != issue.OpenEulerScore { + cc := fmt.Sprintf("@%v CVSS评分和矢量值不一致,请修改至矢量值和CVSS评分一致!", issue.Assignee) + comment(cc) + + return false + } + } + + return true +} + func InitReleaseDate() { releaseDate = make(map[string]int64) releaseDateConfig := beego.AppConfig.DefaultString("excel::release_date_of_version", "") -- Gitee From aa2ff98bf2cfba88fa129bc65cd2bb3c9f6369c5 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Fri, 3 Jan 2025 14:51:54 +0800 Subject: [PATCH 3/9] add release date for 2403sp1 --- cve-vulner-manager/conf/product_app.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cve-vulner-manager/conf/product_app.conf b/cve-vulner-manager/conf/product_app.conf index f5e401e..c59ffe3 100644 --- a/cve-vulner-manager/conf/product_app.conf +++ b/cve-vulner-manager/conf/product_app.conf @@ -226,7 +226,7 @@ snsuffix = 1002 # openEuler-20.03-LTS-SP1@http://119.3.219.20:88/mkb/obs_update_info/openEuler-20.03-LTS-SP1.csv # public sa format: openEuler-20.03-LTS@https;openEuler-20.03-LTS-SP1@https v_pack_20_03_url = "openEuler-20.03-LTS-SP4@https;openEuler-22.03-LTS-SP1@https;openEuler-22.03-LTS-SP3@https;openEuler-22.03-LTS-SP4@https;openEuler-24.03-LTS@https" -release_date_of_version = "openEuler-20.03-LTS-SP4:2023-12-12;openEuler-22.03-LTS-SP3:2024-01-01;openEuler-24.03-LTS:2024-05-30;openEuler-22.03-LTS-SP4:2024-06-29" +release_date_of_version = "openEuler-20.03-LTS-SP4:2023-12-12;openEuler-22.03-LTS-SP3:2024-01-01;openEuler-24.03-LTS:2024-05-30;openEuler-22.03-LTS-SP4:2024-06-29;openEuler-24.03-LTS-SP1:2024-12-22" # Time difference in different time zones sa_timestamp_zone = 28810 unaffect_year = 2018 -- Gitee From ccaff4c45ae62581c5fdffd26c8da083c5f7971c Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Mon, 6 Jan 2025 15:20:30 +0800 Subject: [PATCH 4/9] move cvrf file with api --- cve-vulner-manager/cve-ddd/app/bulletin.go | 48 ++++++++++++ .../cve-ddd/app/refactor_hotpatch.go | 36 +++++---- cve-vulner-manager/cve-ddd/controller/cve.go | 8 ++ cve-vulner-manager/cve-ddd/domain/obs/obs.go | 6 +- .../cve-ddd/infrastructure/obsimpl/impl.go | 75 +++++++++---------- cve-vulner-manager/routers/new_router.go | 1 + 6 files changed, 113 insertions(+), 61 deletions(-) diff --git a/cve-vulner-manager/cve-ddd/app/bulletin.go b/cve-vulner-manager/cve-ddd/app/bulletin.go index ef2f2c8..11c1f00 100644 --- a/cve-vulner-manager/cve-ddd/app/bulletin.go +++ b/cve-vulner-manager/cve-ddd/app/bulletin.go @@ -2,8 +2,10 @@ package app import ( "encoding/json" + "errors" "fmt" "net/http" + "path/filepath" "strings" "sync" "time" @@ -37,6 +39,7 @@ const ( type BulletinService interface { GenerateBulletins([]string, string) (string, error) + Move() error } func NewBulletinService( @@ -312,3 +315,48 @@ func (b *bulletinService) initReleaseDate() { b.releaseDate.Store(key, value.AddDate(0, 0, 1)) } } + +func (b *bulletinService) Move() error { + fromDir := beego.AppConfig.String("obs::upload_cvrf_dir") + toDir := beego.AppConfig.String("obs::download_cvrf_dir") + + // 查询当天产生的目录 + prefix := fromDir + time.Now().Format("2006-01-02") + latestDir, err := b.obs.GetLatestDirWithPrefix(prefix) + if err != nil { + return err + } + + if latestDir == "" { + return errors.New("can not find today's dir") + } + + files, err := b.obs.ListObjects(latestDir) + if err != nil { + return err + } + + for _, f := range files { + content, err := b.obs.Download(f) + if err != nil { + b.log.Errorf("move file: download %s failed: %s", f, err.Error()) + continue + } + + var uploadPath string + fileName := filepath.Base(f) + if fileName == fileIndex || fileName == fileUpdateFixed { + uploadPath = toDir + fileName + } else { + uploadPath = fmt.Sprintf("%s%d/%s", toDir, time.Now().Year(), fileName) + } + + if err = b.obs.Upload(uploadPath, content); err != nil { + b.log.Errorf("move file: upload %s failed: %s", uploadPath, err.Error()) + } else { + b.log.Infof("move file: upload success: %s", uploadPath) + } + } + + return nil +} diff --git a/cve-vulner-manager/cve-ddd/app/refactor_hotpatch.go b/cve-vulner-manager/cve-ddd/app/refactor_hotpatch.go index 83da28a..f2512f9 100644 --- a/cve-vulner-manager/cve-ddd/app/refactor_hotpatch.go +++ b/cve-vulner-manager/cve-ddd/app/refactor_hotpatch.go @@ -18,8 +18,6 @@ import ( ) const ( - fileHotPatch = "update_hot_patch.txt" - hotPatchUpdateInfoDir = "updateinfo-hotpatch" hotPatchEarlyUpdateInfoDir = "hotpatch-early-updateinfo" ) @@ -66,11 +64,6 @@ func (h *refactorHotPatchService) GenerateBulletins(uploadDir, date string) erro var cvesForUpdateInfo domain.Cves var uploadFileName []string - indexContent, err := h.getIndexContent(uploadDir) - if err != nil { - return fmt.Errorf("get %s failed: %w", fileIndex, err) - } - maxHotPatchId, err := h.hotPatch.MaxHotPatchID() if err != nil { return fmt.Errorf("parse max id failed: %w", err) @@ -143,7 +136,7 @@ func (h *refactorHotPatchService) GenerateBulletins(uploadDir, date string) erro return fmt.Errorf("no new hot patch issues") } - h.uploadIndexAndHotPatch(uploadDir, indexContent, uploadFileName) + h.uploadIndexAndFixed(uploadDir, uploadFileName) return h.uploadUpdateInfo(cvesForUpdateInfo) } @@ -157,19 +150,30 @@ func (h *refactorHotPatchService) getIndexContent(uploadDir string) (string, err return string(content), err } -func (h *refactorHotPatchService) uploadIndexAndHotPatch(uploadDir, indexContent string, hotPatchFiles []string) { - updateHotPatchContent := strings.TrimSpace(strings.Join(hotPatchFiles, EOF)) - newIndexContent := strings.TrimSpace(indexContent) + EOF + updateHotPatchContent - +func (h *refactorHotPatchService) uploadIndexAndFixed(uploadDir string, hotPatchFiles []string) { indexPath := uploadDir + fileIndex - updateFixedPath := uploadDir + fileHotPatch + indexContent, err := h.obs.Download(indexPath) + if err != nil { + logrus.Errorf("download %s failed: %s", fileIndex, err.Error()) + return + } - if err := h.obs.Upload(indexPath, []byte(newIndexContent)); err != nil { + updateHotPatchContent := strings.TrimSpace(strings.Join(hotPatchFiles, EOF)) + newIndexContent := strings.TrimSpace(string(indexContent)) + EOF + updateHotPatchContent + if err = h.obs.Upload(indexPath, []byte(newIndexContent)); err != nil { h.log.Errorf("upload %s failed: %v", fileIndex, err) } - if err := h.obs.Upload(updateFixedPath, []byte(updateHotPatchContent)); err != nil { - h.log.Errorf("upload %s failed: %v", fileHotPatch, err) + updateFixedPath := uploadDir + fileUpdateFixed + fixedContent, err := h.obs.Download(updateFixedPath) + if err != nil { + logrus.Errorf("download %s failed: %s", fileUpdateFixed, err.Error()) + return + } + + newFixedContent := strings.TrimSpace(string(fixedContent)) + EOF + updateHotPatchContent + if err = h.obs.Upload(updateFixedPath, []byte(newFixedContent)); err != nil { + h.log.Errorf("upload %s failed: %v", fileUpdateFixed, err) } } diff --git a/cve-vulner-manager/cve-ddd/controller/cve.go b/cve-vulner-manager/cve-ddd/controller/cve.go index f48a68a..2392c78 100644 --- a/cve-vulner-manager/cve-ddd/controller/cve.go +++ b/cve-vulner-manager/cve-ddd/controller/cve.go @@ -107,3 +107,11 @@ func (c *CveController) Generate() { c.success(nil) } + +func (c *CveController) Move() { + if err := c.BulletinService.Move(); err != nil { + c.fail(err.Error()) + } else { + c.success(nil) + } +} diff --git a/cve-vulner-manager/cve-ddd/domain/obs/obs.go b/cve-vulner-manager/cve-ddd/domain/obs/obs.go index e3c6c96..f6c34e5 100644 --- a/cve-vulner-manager/cve-ddd/domain/obs/obs.go +++ b/cve-vulner-manager/cve-ddd/domain/obs/obs.go @@ -1,10 +1,8 @@ package obs type OBS interface { - UploadToDynamicDir(fileName string, data []byte) error - DownloadFromDynamicDir(fileName string) ([]byte, error) - UploadUpdateInfo(fileName string, data []byte) error - Upload(path string, data []byte) error Download(path string) ([]byte, error) + GetLatestDirWithPrefix(prefix string) (string, error) + ListObjects(prefix string) ([]string, error) } diff --git a/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/impl.go b/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/impl.go index 856306d..c384204 100644 --- a/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/impl.go +++ b/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/impl.go @@ -2,11 +2,7 @@ package obsimpl import ( "bytes" - "fmt" "io" - "io/ioutil" - "strings" - "time" "github.com/astaxie/beego" "github.com/huaweicloud/huaweicloud-sdk-go-obs/obs" @@ -52,10 +48,10 @@ type obsImpl struct { cli *obs.ObsClient } -func (impl obsImpl) UploadToDynamicDir(fileName string, data []byte) error { +func (impl obsImpl) Upload(path string, data []byte) error { input := &obs.PutObjectInput{} input.Bucket = impl.cfg.Bucket - input.Key = impl.getDynamicDir() + fileName + input.Key = path input.Body = bytes.NewReader(data) _, err := impl.cli.PutObject(input) @@ -63,60 +59,57 @@ func (impl obsImpl) UploadToDynamicDir(fileName string, data []byte) error { return err } -func (impl obsImpl) DownloadFromDynamicDir(fileName string) ([]byte, error) { +func (impl obsImpl) Download(path string) ([]byte, error) { input := &obs.GetObjectInput{} input.Bucket = impl.cfg.Bucket - input.Key = impl.getDynamicDir() + fileName + input.Key = path output, err := impl.cli.GetObject(input) if err != nil { return nil, err } defer output.Body.Close() - return ioutil.ReadAll(output.Body) + return io.ReadAll(output.Body) } -func (impl obsImpl) UploadUpdateInfo(fileName string, data []byte) error { - input := &obs.PutObjectInput{} - input.Bucket = impl.cfg.Bucket - nowStr := time.Now().Format("2006-01-02") - input.Key = fmt.Sprintf("%s%s-%s/%s", impl.cfg.UpdateInfoDir, nowStr, "hotpatch", fileName) - input.Body = bytes.NewReader(data) - - _, err := impl.cli.PutObject(input) +func (impl obsImpl) GetLatestDirWithPrefix(prefix string) (string, error) { + input := obs.ListObjectsInput{ + Bucket: impl.cfg.Bucket, + ListObjsInput: obs.ListObjsInput{ + Prefix: prefix, + Delimiter: "/", + }, + } - return err -} + out, err := impl.cli.ListObjects(&input) + if err != nil { + return "", err + } -func (impl obsImpl) getDynamicDir() string { - todayStr := time.Now().Format("2006-01-02") - if strings.Contains(dynamicDir, todayStr) { - return dynamicDir + if len(out.CommonPrefixes) == 0 { + return "", nil } - return fmt.Sprintf("%s%s-%s/", impl.cfg.UpdateInfoDir, todayStr, "hotpatch") + return out.CommonPrefixes[len(out.CommonPrefixes)-1], nil } -func (impl obsImpl) Upload(path string, data []byte) error { - input := &obs.PutObjectInput{} - input.Bucket = impl.cfg.Bucket - input.Key = path - input.Body = bytes.NewReader(data) - - _, err := impl.cli.PutObject(input) - - return err -} +func (impl obsImpl) ListObjects(prefix string) ([]string, error) { + input := obs.ListObjectsInput{ + Bucket: impl.cfg.Bucket, + ListObjsInput: obs.ListObjsInput{ + Prefix: prefix, + }, + } -func (impl obsImpl) Download(path string) ([]byte, error) { - input := &obs.GetObjectInput{} - input.Bucket = impl.cfg.Bucket - input.Key = path - output, err := impl.cli.GetObject(input) + out, err := impl.cli.ListObjects(&input) if err != nil { return nil, err } - defer output.Body.Close() - return io.ReadAll(output.Body) + var list []string + for _, v := range out.Contents { + list = append(list, v.Key) + } + + return list, nil } diff --git a/cve-vulner-manager/routers/new_router.go b/cve-vulner-manager/routers/new_router.go index ff6cace..5bcfc06 100644 --- a/cve-vulner-manager/routers/new_router.go +++ b/cve-vulner-manager/routers/new_router.go @@ -84,4 +84,5 @@ func initNewRouter() { beego.Router("/security/bulletin/collect", NewCveController, "post:CollectCveData") beego.Router("/security/bulletin/generate", NewCveController, "post:Generate") + beego.Router("/security/bulletin/move", NewCveController, "post:Move") } -- Gitee From 397f6ba9a3b46213497cfca005d8f8f99769b4f0 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Mon, 6 Jan 2025 19:56:04 +0800 Subject: [PATCH 5/9] ignore error about 0 score and empty desc --- cve-vulner-manager/task/issuetask.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cve-vulner-manager/task/issuetask.go b/cve-vulner-manager/task/issuetask.go index 2fc1021..dd50b35 100644 --- a/cve-vulner-manager/task/issuetask.go +++ b/cve-vulner-manager/task/issuetask.go @@ -582,8 +582,7 @@ func ProcUpdateIssue(issueValue models.VulnCenter, accessToken, owner string) er logs.Info("ProcUpdateIssue, Successfully updated the issue template, "+ "CveNum: ", issueValue.CveNum, ", templetID: ", templetID) // Judgment of necessary fields - if (it.NVDScore <= 0 && it.OwnedComponent != "kernel") || len(issueValue.Description) < 2 || len(issueValue.CveNum) < 2 || - len(issueValue.PackName) < 2 || len(issueValue.CveVersion) < 1 { + if len(issueValue.CveNum) < 2 || len(issueValue.PackName) < 2 || len(issueValue.CveVersion) < 1 { logs.Error("ProcUpdateIssue, Field is empty: NVDScore: ", it.NVDScore, ",Description: ", issueValue.Description, ",CveNum:", issueValue.CveNum, ",PackName: ", issueValue.PackName, ",CveVersion: ", issueValue.CveVersion) -- Gitee From eb683834bfa14193e9b434c1a38b0266ea87a0e7 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Thu, 9 Jan 2025 10:20:27 +0800 Subject: [PATCH 6/9] optimize init rpm data --- .../cve-ddd/infrastructure/latestrpmimpl/impl.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cve-vulner-manager/cve-ddd/infrastructure/latestrpmimpl/impl.go b/cve-vulner-manager/cve-ddd/infrastructure/latestrpmimpl/impl.go index 17aee98..21b8fdc 100644 --- a/cve-vulner-manager/cve-ddd/infrastructure/latestrpmimpl/impl.go +++ b/cve-vulner-manager/cve-ddd/infrastructure/latestrpmimpl/impl.go @@ -12,6 +12,7 @@ import ( "github.com/astaxie/beego" "github.com/opensourceways/robot-gitee-lib/client" + "github.com/sirupsen/logrus" ) type PkgRPM struct { @@ -52,12 +53,14 @@ func (l *latestRpm) InitData(branches []string) error { path := fmt.Sprintf("%s%s.csv", l.rpm.PathPrefix, branch) content, err := l.cli.GetPathContent(l.rpm.Org, l.rpm.Repo, path, l.rpm.Branch) if err != nil { - return err + logrus.Errorf("new-cold-patch-cve-collect init Data of %s failed: %s", path, err.Error()) + continue } decodeContent, err := base64.StdEncoding.DecodeString(content.Content) if err != nil { - return err + logrus.Errorf("new-cold-patch-cve-collect decode Data of %s failed: %s", path, err.Error()) + continue } l.buildTime[branch] = l.parseFile(decodeContent) -- Gitee From 535b0a2bfb721b7d52a1286f33a0b40c37f4a0b9 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Fri, 10 Jan 2025 10:37:24 +0800 Subject: [PATCH 7/9] fix early updateinfo --- .../infrastructure/updateinfoimpl/generate_updateinfoxml.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cve-vulner-manager/cve-ddd/infrastructure/updateinfoimpl/generate_updateinfoxml.go b/cve-vulner-manager/cve-ddd/infrastructure/updateinfoimpl/generate_updateinfoxml.go index ba4e1ae..8b843bc 100644 --- a/cve-vulner-manager/cve-ddd/infrastructure/updateinfoimpl/generate_updateinfoxml.go +++ b/cve-vulner-manager/cve-ddd/infrastructure/updateinfoimpl/generate_updateinfoxml.go @@ -152,6 +152,10 @@ func (impl updateInfoImpl) updateXml(sb *domain.SecurityBulletin, branch, date s } for _, productPackage := range pl { + if productPackage.CPE != branch { + continue + } + var pe Package pe.Filename = productPackage.FullName packVersionList := strings.Split(productPackage.FullName, "-") -- Gitee From 9cbf2c1183feabbe849b205f975de21a66a691c5 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Mon, 13 Jan 2025 10:27:53 +0800 Subject: [PATCH 8/9] remove 2203sp1 --- cve-vulner-manager/conf/product_app.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cve-vulner-manager/conf/product_app.conf b/cve-vulner-manager/conf/product_app.conf index c59ffe3..801e5ae 100644 --- a/cve-vulner-manager/conf/product_app.conf +++ b/cve-vulner-manager/conf/product_app.conf @@ -180,7 +180,7 @@ cve_number_t = 2018 # Create an issue's repo whitelist;1: open; 2: close issue_whitelist = 2 # List of affected branches: openEuler-20.03-LTS,openEuler-20.03-LTS-SP1 -affected_branchs = "openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,master,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-Next" +affected_branchs = "openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,master,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-Next" abandoned_branchs = "openEuler-20.03-LTS,openEuler-21.03,openEuler-21.09,openEuler-20.09" # Close the highest privilege of issue:1:open;2:close close_issue_privilege = 2 -- Gitee From 2776bf264def5438d1a8e5d0a28c931dcdd48210 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Tue, 14 Jan 2025 14:56:40 +0800 Subject: [PATCH 9/9] fix ci --- cve-vulner-manager/cve-ddd/controller/cve.go | 1 + cve-vulner-manager/models/issue.go | 4 +++- cve-vulner-manager/task/issuetask.go | 2 +- cve-vulner-manager/taskhandler/excel.go | 2 ++ 4 files changed, 7 insertions(+), 2 deletions(-) diff --git a/cve-vulner-manager/cve-ddd/controller/cve.go b/cve-vulner-manager/cve-ddd/controller/cve.go index 2392c78..c3e6668 100644 --- a/cve-vulner-manager/cve-ddd/controller/cve.go +++ b/cve-vulner-manager/cve-ddd/controller/cve.go @@ -108,6 +108,7 @@ func (c *CveController) Generate() { c.success(nil) } +// Move notice file from upload dir to release dir func (c *CveController) Move() { if err := c.BulletinService.Move(); err != nil { c.fail(err.Error()) diff --git a/cve-vulner-manager/models/issue.go b/cve-vulner-manager/models/issue.go index 922d4fb..b42e3d9 100644 --- a/cve-vulner-manager/models/issue.go +++ b/cve-vulner-manager/models/issue.go @@ -790,11 +790,13 @@ func (t *IssueTemplate) IsIssueComplete() bool { return t.Status == StatusCompleted } +// HasAffected checks if the issue has affected versions based on the AnalysisVersion field. func (t *IssueTemplate) HasAffected() bool { + const ExpectedItemLength = 2 split := strings.Split(t.AnalysisVersion, ",") for _, v := range split { item := strings.Split(v, ":") - if len(item) != 2 || item[1] == "" { + if len(item) != ExpectedItemLength || item[1] == "" { continue } diff --git a/cve-vulner-manager/task/issuetask.go b/cve-vulner-manager/task/issuetask.go index dd50b35..1c94deb 100644 --- a/cve-vulner-manager/task/issuetask.go +++ b/cve-vulner-manager/task/issuetask.go @@ -582,7 +582,7 @@ func ProcUpdateIssue(issueValue models.VulnCenter, accessToken, owner string) er logs.Info("ProcUpdateIssue, Successfully updated the issue template, "+ "CveNum: ", issueValue.CveNum, ", templetID: ", templetID) // Judgment of necessary fields - if len(issueValue.CveNum) < 2 || len(issueValue.PackName) < 2 || len(issueValue.CveVersion) < 1 { + if issueValue.CveNum == "" || issueValue.PackName == "" || issueValue.CveVersion == "" { logs.Error("ProcUpdateIssue, Field is empty: NVDScore: ", it.NVDScore, ",Description: ", issueValue.Description, ",CveNum:", issueValue.CveNum, ",PackName: ", issueValue.PackName, ",CveVersion: ", issueValue.CveVersion) diff --git a/cve-vulner-manager/taskhandler/excel.go b/cve-vulner-manager/taskhandler/excel.go index 56c1b2a..5f17dce 100644 --- a/cve-vulner-manager/taskhandler/excel.go +++ b/cve-vulner-manager/taskhandler/excel.go @@ -1419,6 +1419,8 @@ func getRepoIssueAllPR(affectBranch, token, owner, repo string, startTime, return } +// CheckOpenEulerScoreAndVector checks if the OpenEulerScore and OpenEulerVector fields of the issue are set. +// If either field is not set, it sends a comment to the issue and returns false. func CheckOpenEulerScoreAndVector(issue *models.IssueTemplate, comment func(content string)) bool { if issue.OpenEulerScore == 0 || issue.OpenEulerVector == "" { cc := fmt.Sprintf("@%v CVSS评分和矢量值不能为空", issue.Assignee) -- Gitee