From b727ed5abf72d582817b92769e429743d2fd3036 Mon Sep 17 00:00:00 2001 From: Jakub Frejlach Date: Fri, 22 Sep 2023 16:09:07 +0200 Subject: [PATCH] Fix affect sorting with no CVE ID attached --- griffon/output.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/griffon/output.py b/griffon/output.py index 5a7c8f9..b3b65b1 100644 --- a/griffon/output.py +++ b/griffon/output.py @@ -916,8 +916,9 @@ def text_output_component_flaws(ctx, output, format, no_wrap=False): ordered_components = sorted(output["results"], key=lambda d: d["name"]) for item in ordered_components: component_name = item["name"] - # sorting should work when there is no title or cve-id key - ordered_affects = sorted(item["affects"], key=lambda d: d["flaw_cve_id"]) + ordered_affects = sorted( + item["affects"], key=lambda d: (d["flaw_cve_id"] is None, d["flaw_cve_id"]) + ) for affect in ordered_affects: flaw_cve_id = "Vulnerability" if affect["flaw_cve_id"]: