From 42b645d5be4fac7a1bfed1ad2f735a89dd342c22 Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Thu, 7 Sep 2023 12:40:55 +0300 Subject: [PATCH] Timeline fixes (#18) - renamed time_line to timeline - added serializers for timeline dates --- .../kotlin/com/saveourtool/osv4k/OsvSchema.kt | 92 ++++++++++++++++-- .../kotlin/com/saveourtool/osv4k/CosvTest.kt | 93 ++++++++++++++++++- .../com/saveourtool/osv4k/DebianTest.kt | 1 + .../saveourtool/osv4k/CosvTestUsingJackson.kt | 20 ++++ 4 files changed, 194 insertions(+), 12 deletions(-) create mode 100644 src/jvmTest/java/com/saveourtool/osv4k/CosvTestUsingJackson.kt diff --git a/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt b/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt index 013fb67..0f4791b 100644 --- a/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt +++ b/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt @@ -5,6 +5,7 @@ package com.saveourtool.osv4k import com.saveourtool.osv4k.jackson.* import com.saveourtool.osv4k.utils.LocalDateTimeRfc3339Serializer import kotlinx.datetime.LocalDateTime +import kotlinx.serialization.EncodeDefault import kotlinx.serialization.SerialName import kotlinx.serialization.Serializable import kotlinx.serialization.json.JsonObject @@ -27,7 +28,7 @@ typealias RawOsvSchema = OsvSchema( + @EncodeDefault @SerialName("schema_version") @get:JsonProperty( value = "schema_version", @@ -234,9 +236,8 @@ data class OsvSchema( access = JsonPropertyAccess.AUTO ) val cweNames: List? = null, - @SerialName("time_line") @get:JsonProperty( - value = "time_line", + value = "timeline", namespace = "", required = false, index = -1, @@ -244,14 +245,14 @@ data class OsvSchema( access = JsonPropertyAccess.AUTO ) @JsonProperty( - value = "time_line", + value = "timeline", namespace = "", required = false, index = -1, defaultValue = "", access = JsonPropertyAccess.AUTO ) - val timeLine: List? = null, + val timeline: List? = null, @JsonProperty( value = "summary", namespace = "", @@ -991,20 +992,61 @@ enum class ReferenceType { * @property value */ @Serializable -data class TimeLineEntry( - val type: TimeLineEntryType, +data class TimelineEntry( + @JsonProperty( + value = "type", + namespace = "", + required = false, + index = -1, + defaultValue = "", + access = JsonPropertyAccess.AUTO + ) + val type: TimelineEntryType, + @Serializable(with = LocalDateTimeRfc3339Serializer::class) + @JsonSerialize( + using = LocalDateTimeRfc3339JacksonSerializer::class, + contentUsing = JsonSerializerNone::class, + keyUsing = JsonSerializerNone::class, + nullsUsing = JsonSerializerNone::class, + `as` = JavaVoid::class, + keyAs = JavaVoid::class, + contentAs = JavaVoid::class, + typing = JsonSerializeTyping.DEFAULT_TYPING, + converter = ConverterNone::class, + contentConverter = ConverterNone::class, + include = JsonSerializeInclusion.DEFAULT_INCLUSION, + ) + @JsonDeserialize( + using = LocalDateTimeRfc3339JacksonDeserializer::class, + contentUsing = JsonDeserializerNone::class, + keyUsing = KeyDeserializerNone::class, + builder = JavaVoid::class, + converter = ConverterNone::class, + contentConverter = ConverterNone::class, + `as` = JavaVoid::class, + keyAs = JavaVoid::class, + contentAs = JavaVoid::class, + ) + @JsonProperty( + value = "value", + namespace = "", + required = false, + index = -1, + defaultValue = "", + access = JsonPropertyAccess.AUTO + ) val value: LocalDateTime, ) /** - * Type of [TimeLineEntry] + * Type of [TimelineEntry] */ @Suppress( "ENUM_VALUE", "EnumNaming", "WRONG_DECLARATIONS_ORDER", ) -enum class TimeLineEntryType { +enum class TimelineEntryType { introduced, found, fixed, @@ -1123,9 +1165,41 @@ data class PatchDetail( */ @Serializable data class Contributor( + @JsonProperty( + value = "org", + namespace = "", + required = false, + index = -1, + defaultValue = "", + access = JsonPropertyAccess.AUTO + ) val org: String? = null, + @JsonProperty( + value = "name", + namespace = "", + required = false, + index = -1, + defaultValue = "", + access = JsonPropertyAccess.AUTO + ) val name: String? = null, + @JsonProperty( + value = "email", + namespace = "", + required = false, + index = -1, + defaultValue = "", + access = JsonPropertyAccess.AUTO + ) val email: String? = null, + @JsonProperty( + value = "contributions", + namespace = "", + required = false, + index = -1, + defaultValue = "", + access = JsonPropertyAccess.AUTO + ) val contributions: String? = null, ) diff --git a/src/commonTest/kotlin/com/saveourtool/osv4k/CosvTest.kt b/src/commonTest/kotlin/com/saveourtool/osv4k/CosvTest.kt index 5faab73..1cb1666 100644 --- a/src/commonTest/kotlin/com/saveourtool/osv4k/CosvTest.kt +++ b/src/commonTest/kotlin/com/saveourtool/osv4k/CosvTest.kt @@ -8,16 +8,50 @@ import kotlin.test.Test class CosvTest { @Test fun cosvWithSeverity() { + doEncodeDecodeAndCompare(cosvExample) + } + + companion object { // language=JSON - doEncodeDecodeAndCompare( - """ + val cosvExample = """ { + "schema_version": "1.0.0", "id": "DSA-3029-1", "modified": "2014-09-20T08:18:07Z", "published": "2014-09-20T00:00:01Z", + "withdrawn": "2015-09-20T00:00:02Z", "aliases": [ "CVE-2014-3616" ], + "related": [ + "TEST-2023-1" + ], + "cwe_ids": [ + "CWE-1", + "CWE-2" + ], + "cwe_names": [ + "Stub 1", + "Stub 2" + ], + "timeline": [ + { + "type": "introduced", + "value": "2014-09-20T11:11:11Z" + }, + { + "type": "found", + "value": "2014-09-20T12:22:22Z" + }, + { + "type": "fixed", + "value": "2014-09-20T13:33:33Z" + }, + { + "type": "disclosed", + "value": "2014-09-20T14:44:44Z" + } + ], "summary": "nginx - security update", "details": "\nAntoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that it was\npossible to reuse cached SSL sessions in unrelated contexts, allowing\nvirtual host confusion attacks in some configurations by an attacker in\na privileged network position.\n\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.2.1-2.2+wheezy3.\n\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.6.2-1.\n\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.6.2-1.\n\n\nWe recommend that you upgrade your nginx packages.\n\n\n", "severity": [ @@ -36,6 +70,7 @@ class CosvTest { "ranges": [ { "type": "ECOSYSTEM", + "repo": "https://github.com/company/repo", "events": [ { "introduced": "0" @@ -45,6 +80,25 @@ class CosvTest { } ] } + ], + "versions": [ + "1.1", + "1.2" + ], + "patches_detail": [ + { + "patch_url": "https://github.com/company/repo/pull/1", + "issue_url": "https://github.com/company/repo/issue/2", + "main_language": "Java", + "author": "user1", + "committer": "user1", + "branches": [ + "bugfix/fix-1#1" + ], + "tags": [ + "1.2.1" + ] + } ] } ], @@ -54,9 +108,42 @@ class CosvTest { "url": "https://www.debian.org/security/2014/dsa-3029" } ], + "credits": [ + { + "name": "user1", + "contact": [ + "https://x.com/user1", + "https://saveourtool.com/profile/user1", + "https://github.com/user1" + ], + "type": "COORDINATOR" + }, + { + "name": "user2", + "contact": [ + "https://x.com/user2", + "https://saveourtool.com/profile/user2", + "https://github.com/user2" + ], + "type": "REPORTER" + } + ], + "contributors": [ + { + "org": "H company", + "name": "user1", + "email": "user1@mail.com", + "contributions": "Just a good guy" + }, + { + "org": "G company", + "name": "user2", + "email": "user2@mail.com", + "contributions": "A much better guy" + } + ], "confirm_type": "manual_confirmed" } """.trimIndent() - ) } } diff --git a/src/commonTest/kotlin/com/saveourtool/osv4k/DebianTest.kt b/src/commonTest/kotlin/com/saveourtool/osv4k/DebianTest.kt index dae8ed0..9dc61ed 100644 --- a/src/commonTest/kotlin/com/saveourtool/osv4k/DebianTest.kt +++ b/src/commonTest/kotlin/com/saveourtool/osv4k/DebianTest.kt @@ -16,6 +16,7 @@ class DebianTest { doEncodeDecodeAndCompare( """ { + "schema_version": "1.0.0", "id": "DSA-3029-1", "modified": "2014-09-20T08:18:07Z", "published": "2014-09-20T00:00:01Z", diff --git a/src/jvmTest/java/com/saveourtool/osv4k/CosvTestUsingJackson.kt b/src/jvmTest/java/com/saveourtool/osv4k/CosvTestUsingJackson.kt new file mode 100644 index 0000000..befe418 --- /dev/null +++ b/src/jvmTest/java/com/saveourtool/osv4k/CosvTestUsingJackson.kt @@ -0,0 +1,20 @@ +@file:Suppress("LONG_LINE", "TOO_LONG_FUNCTION") + +package com.saveourtool.osv4k + +import kotlin.test.Test + +/** + * Test for COSV using Jackson + */ +class CosvTestUsingJackson { + /** + * A simple test + */ + @Test + fun simpleTest() { + OsvSchemaJacksonJavaTestUtil.doEncodeDecodeAndCompare( + CosvTest.cosvExample + ) + } +}