From 8578913a5694f354d4d3678dbdefd5560c1d7d3f Mon Sep 17 00:00:00 2001
From: yangwei999 <348134071@qq.com>
Date: Wed, 7 May 2025 16:47:27 +0800
Subject: [PATCH 1/4] compatible for vtopia and qicai

---
 cve-vulner-manager/models/modeldb.go   | 13 ++++++++-----
 cve-vulner-manager/models/uploadcve.go |  4 ++++
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/cve-vulner-manager/models/modeldb.go b/cve-vulner-manager/models/modeldb.go
index b92d869..cba14ba 100644
--- a/cve-vulner-manager/models/modeldb.go
+++ b/cve-vulner-manager/models/modeldb.go
@@ -16,6 +16,9 @@ const (
 	OrganizationIdOpenLooKeng = 4
 
 	IssueStatusRejected = 4
+
+	CveOriginUpstreamSourceVtopia = 0
+	CveOriginUpstreamSourceQiCai  = 2
 )
 
 type AuthTokenInfo struct {
@@ -63,7 +66,7 @@ type VulnCenter struct {
 	CveNum      string `orm:"size(256);column(cve_num);index" description:"cve编号"`
 	Description string `orm:"type(text);column(cve_desc)" description:"cve描述"`
 	CveLevel    string `orm:"size(32);column(cve_level)" description:"nvd 致命(Critical);严重(High);中等(Medium);一般(Low);其他"`
-	Status      int8   `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化；2：已创建issue; 3: 数据创建失败; 4:不符合创建issue条件数据(cve年份不符合要求);
+	Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化；2：已创建issue; 3: 数据创建失败; 4:不符合创建issue条件数据(cve年份不符合要求);
 									5:issue已经创建过，不符合要求，不处理;6:字段为空(评分,描述等);7:issue已被删除不再创建;8:分支和版本信息不想符合"`
 	CveVersion     string    `orm:"size(512);column(cve_version)" description:"cve归属版本,版本合并"`
 	RepairTime     string    `orm:"size(32);column(repair_time)" description:"cve修复时间"`
@@ -353,7 +356,7 @@ type OriginUpstream struct {
 	Version       string `orm:"size(64);column(version);index" description:"包对应的版本号"`
 	AttackLink    string `orm:"size(512);column(attack_link);null" description:"攻击链路推理"`
 	IsExit        int8   `orm:"default(1);column(is_exit)" description:"1: 当前包对应在src-openEuler有对应仓库; 0: 无;2:临时值"`
-	Credibility   int    `orm:"default(0);column(credibility_level)" description:"0:包名、版本号都是漏洞库原始数据;
+	Credibility int `orm:"default(0);column(credibility_level)" description:"0:包名、版本号都是漏洞库原始数据;
 																			1:包名通过别名匹配、版本号为漏洞库原始数据;
 																			2:包名版本号都通过漏洞描述获取;
 																			3:包名通过漏洞描述获取并通过别名匹配、版本号为漏洞描述获取;
@@ -1007,13 +1010,13 @@ type OriginUpstreamRecord struct {
 	FirstPerTime  string `orm:"size(32);column(first_per_time)" description:"cve首次披露时间"`
 	FirstGetTime  string `orm:"size(32);column(first_get_time)" description:"cve受影响后首次感知时间"`
 	VulStatus     string `orm:"size(64);column(vul_status);null" description:"漏洞状态，REJECT, DISPUTED"`
-	Status        int8   `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化；
+	Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化；
 							2：数据已处理；3：错误数据；4：版本信息错误；5：cve年份不符合要求;6:低可信度数据已发邮件"`
 	AffectedScope string `orm:"size(512);column(affected_scope);null" description:"影响范围推理"`
 	Version       string `orm:"size(64);column(version);index" description:"包对应的版本号"`
 	AttackLink    string `orm:"size(512);column(attack_link);null" description:"攻击链路推理"`
 	IsExit        int8   `orm:"default(1);column(is_exit)" description:"1: 当前包对应在src-openEuler有对应仓库; 0: 无;2:临时值"`
-	Credibility   int    `orm:"default(0);column(credibility_level)" description:"0:包名、版本号都是漏洞库原始数据;
+	Credibility int `orm:"default(0);column(credibility_level)" description:"0:包名、版本号都是漏洞库原始数据;
 																			1:包名通过别名匹配、版本号为漏洞库原始数据;
 																			2:包名版本号都通过漏洞描述获取;
 																			3:包名通过漏洞描述获取并通过别名匹配、版本号为漏洞描述获取;
@@ -1022,7 +1025,7 @@ type OriginUpstreamRecord struct {
 																			6:版本号未匹配、包名通过以上任意方式匹配、可信度最低"`
 	OrgData    string `orm:"type(text);column(org_data);null" description:"原始数据"`
 	CreateTime string `orm:"size(32);column(create_time)"`
-	SysStatus  int8   `orm:"default(0);column(sys_status)" description:"0:cve新增;1:数据已变化；
+	SysStatus int8 `orm:"default(0);column(sys_status)" description:"0:cve新增;1:数据已变化；
 						2：数据已处理；3：错误数据；4：版本信息错误；5：cve年份不符合要求;6:低可信度数据已发邮件"`
 	ErrDesc      string `orm:"null;type(text);column(err_desc);null" description:"数据同步失败的错误描述"`
 	Source       int    `orm:"default(0);column(source)" description:"漏洞来源，0: Vtopia; 1: Majun"`
diff --git a/cve-vulner-manager/models/uploadcve.go b/cve-vulner-manager/models/uploadcve.go
index 8bd070b..df10bfc 100644
--- a/cve-vulner-manager/models/uploadcve.go
+++ b/cve-vulner-manager/models/uploadcve.go
@@ -485,6 +485,10 @@ func CreateOriginCve(CveData common.CveOriginData, ou *OriginUpstream, od *Origi
 			}
 			o.Commit()
 		} else {
+			if ouse.Source == CveOriginUpstreamSourceVtopia && ou.Source == CveOriginUpstreamSourceQiCai {
+				return 0, errors.New("source not match")
+			}
+
 			logs.Info("update datas: ", ou)
 			ou.CveId = ouse.CveId
 			ou.Ids = ouse.Ids
-- 
Gitee


From 616606167cfa13227acde5fcb2c6377fdc1615a3 Mon Sep 17 00:00:00 2001
From: yangwei999 <348134071@qq.com>
Date: Wed, 28 May 2025 09:58:41 +0800
Subject: [PATCH 2/4] fix ci

---
 cve-vulner-manager/models/modeldb.go | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/cve-vulner-manager/models/modeldb.go b/cve-vulner-manager/models/modeldb.go
index cba14ba..1ff88b6 100644
--- a/cve-vulner-manager/models/modeldb.go
+++ b/cve-vulner-manager/models/modeldb.go
@@ -66,8 +66,9 @@ type VulnCenter struct {
 	CveNum      string `orm:"size(256);column(cve_num);index" description:"cve编号"`
 	Description string `orm:"type(text);column(cve_desc)" description:"cve描述"`
 	CveLevel    string `orm:"size(32);column(cve_level)" description:"nvd 致命(Critical);严重(High);中等(Medium);一般(Low);其他"`
-	Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化；2：已创建issue; 3: 数据创建失败; 4:不符合创建issue条件数据(cve年份不符合要求);
-									5:issue已经创建过，不符合要求，不处理;6:字段为空(评分,描述等);7:issue已被删除不再创建;8:分支和版本信息不想符合"`
+	Status      int8   `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化；2：已创建issue; 3: 数据创建失败; 
+4:不符合创建issue条件数据(cve年份不符合要求);5:issue已经创建过，不符合要求，不处理;6:字段为空(评分,描述等);7:issue已被删除不再创建;
+8:分支和版本信息不想符合"`
 	CveVersion     string    `orm:"size(512);column(cve_version)" description:"cve归属版本,版本合并"`
 	RepairTime     string    `orm:"size(32);column(repair_time)" description:"cve修复时间"`
 	FirstPerTime   string    `orm:"size(32);column(first_per_time)" description:"cve首次披露时间"`
@@ -356,7 +357,7 @@ type OriginUpstream struct {
 	Version       string `orm:"size(64);column(version);index" description:"包对应的版本号"`
 	AttackLink    string `orm:"size(512);column(attack_link);null" description:"攻击链路推理"`
 	IsExit        int8   `orm:"default(1);column(is_exit)" description:"1: 当前包对应在src-openEuler有对应仓库; 0: 无;2:临时值"`
-	Credibility int `orm:"default(0);column(credibility_level)" description:"0:包名、版本号都是漏洞库原始数据;
+	Credibility   int    `orm:"default(0);column(credibility_level)" description:"0:包名、版本号都是漏洞库原始数据;
 																			1:包名通过别名匹配、版本号为漏洞库原始数据;
 																			2:包名版本号都通过漏洞描述获取;
 																			3:包名通过漏洞描述获取并通过别名匹配、版本号为漏洞描述获取;
@@ -1010,13 +1011,13 @@ type OriginUpstreamRecord struct {
 	FirstPerTime  string `orm:"size(32);column(first_per_time)" description:"cve首次披露时间"`
 	FirstGetTime  string `orm:"size(32);column(first_get_time)" description:"cve受影响后首次感知时间"`
 	VulStatus     string `orm:"size(64);column(vul_status);null" description:"漏洞状态，REJECT, DISPUTED"`
-	Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化；
+	Status        int8   `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化；
 							2：数据已处理；3：错误数据；4：版本信息错误；5：cve年份不符合要求;6:低可信度数据已发邮件"`
 	AffectedScope string `orm:"size(512);column(affected_scope);null" description:"影响范围推理"`
 	Version       string `orm:"size(64);column(version);index" description:"包对应的版本号"`
 	AttackLink    string `orm:"size(512);column(attack_link);null" description:"攻击链路推理"`
 	IsExit        int8   `orm:"default(1);column(is_exit)" description:"1: 当前包对应在src-openEuler有对应仓库; 0: 无;2:临时值"`
-	Credibility int `orm:"default(0);column(credibility_level)" description:"0:包名、版本号都是漏洞库原始数据;
+	Credibility   int    `orm:"default(0);column(credibility_level)" description:"0:包名、版本号都是漏洞库原始数据;
 																			1:包名通过别名匹配、版本号为漏洞库原始数据;
 																			2:包名版本号都通过漏洞描述获取;
 																			3:包名通过漏洞描述获取并通过别名匹配、版本号为漏洞描述获取;
@@ -1025,7 +1026,7 @@ type OriginUpstreamRecord struct {
 																			6:版本号未匹配、包名通过以上任意方式匹配、可信度最低"`
 	OrgData    string `orm:"type(text);column(org_data);null" description:"原始数据"`
 	CreateTime string `orm:"size(32);column(create_time)"`
-	SysStatus int8 `orm:"default(0);column(sys_status)" description:"0:cve新增;1:数据已变化；
+	SysStatus  int8   `orm:"default(0);column(sys_status)" description:"0:cve新增;1:数据已变化；
 						2：数据已处理；3：错误数据；4：版本信息错误；5：cve年份不符合要求;6:低可信度数据已发邮件"`
 	ErrDesc      string `orm:"null;type(text);column(err_desc);null" description:"数据同步失败的错误描述"`
 	Source       int    `orm:"default(0);column(source)" description:"漏洞来源，0: Vtopia; 1: Majun"`
-- 
Gitee


From d613f80961f6dac20b0ca7cdb7eeb20e364a6c58 Mon Sep 17 00:00:00 2001
From: yangwei999 <348134071@qq.com>
Date: Wed, 28 May 2025 15:42:46 +0800
Subject: [PATCH 3/4] fix text

---
 cve-vulner-manager/models/modeldb.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cve-vulner-manager/models/modeldb.go b/cve-vulner-manager/models/modeldb.go
index 1ff88b6..6ae172c 100644
--- a/cve-vulner-manager/models/modeldb.go
+++ b/cve-vulner-manager/models/modeldb.go
@@ -68,7 +68,7 @@ type VulnCenter struct {
 	CveLevel    string `orm:"size(32);column(cve_level)" description:"nvd 致命(Critical);严重(High);中等(Medium);一般(Low);其他"`
 	Status      int8   `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化；2：已创建issue; 3: 数据创建失败; 
 4:不符合创建issue条件数据(cve年份不符合要求);5:issue已经创建过，不符合要求，不处理;6:字段为空(评分,描述等);7:issue已被删除不再创建;
-8:分支和版本信息不想符合"`
+8:分支和版本信息不符合"`
 	CveVersion     string    `orm:"size(512);column(cve_version)" description:"cve归属版本,版本合并"`
 	RepairTime     string    `orm:"size(32);column(repair_time)" description:"cve修复时间"`
 	FirstPerTime   string    `orm:"size(32);column(first_per_time)" description:"cve首次披露时间"`
-- 
Gitee


From 856231a991013fbcd63226bbb06bcc453d0bda3e Mon Sep 17 00:00:00 2001
From: yangwei999 <348134071@qq.com>
Date: Wed, 28 May 2025 15:47:00 +0800
Subject: [PATCH 4/4] rename 7cai

---
 cve-vulner-manager/models/modeldb.go   | 2 +-
 cve-vulner-manager/models/uploadcve.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/cve-vulner-manager/models/modeldb.go b/cve-vulner-manager/models/modeldb.go
index 6ae172c..d92bc4d 100644
--- a/cve-vulner-manager/models/modeldb.go
+++ b/cve-vulner-manager/models/modeldb.go
@@ -18,7 +18,7 @@ const (
 	IssueStatusRejected = 4
 
 	CveOriginUpstreamSourceVtopia = 0
-	CveOriginUpstreamSourceQiCai  = 2
+	CveOriginUpstreamSource7cai   = 2
 )
 
 type AuthTokenInfo struct {
diff --git a/cve-vulner-manager/models/uploadcve.go b/cve-vulner-manager/models/uploadcve.go
index df10bfc..d7d2167 100644
--- a/cve-vulner-manager/models/uploadcve.go
+++ b/cve-vulner-manager/models/uploadcve.go
@@ -485,7 +485,7 @@ func CreateOriginCve(CveData common.CveOriginData, ou *OriginUpstream, od *Origi
 			}
 			o.Commit()
 		} else {
-			if ouse.Source == CveOriginUpstreamSourceVtopia && ou.Source == CveOriginUpstreamSourceQiCai {
+			if ouse.Source == CveOriginUpstreamSourceVtopia && ou.Source == CveOriginUpstreamSource7cai {
 				return 0, errors.New("source not match")
 			}
 
-- 
Gitee