Skip to content

Modified github_advisory_sync.rb's new_data variable to add 'patched_versions' and related:'s url… #570

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 10, 2023
Merged

Modified github_advisory_sync.rb's new_data variable to add 'patched_versions' and related:'s url… #570

merged 3 commits into from
Apr 10, 2023

Conversation

jasnow
Copy link
Contributor

@jasnow jasnow commented Apr 10, 2023

Modified github_advisory_sync.rb's new_data variable to add the "patched_versions" and "related:'"/"url:" sections.

The new (unreleased 1-line shell) post processor does the rest to get GHSA files ready for ruby-advisory-db repo. Long term this shell will be turned into Ruby code.

@jasnow
Copy link
Contributor Author

jasnow commented Apr 10, 2023

@reedloden - FYI

@jasnow jasnow mentioned this pull request Apr 10, 2023
Closed
postmodern
postmodern requested changes Apr 10, 2023
View reviewed changes
Copy link
Member

@postmodern postmodern left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use nested Hashes instead of using \n in Hash keys (I'm pretty sure YAML will escape those). Also the Hashes can probably be merged into one new_data.merge(...) Hash.

lib/github_advisory_sync.rb Outdated
file.write new_data.to_yaml
file.write new_data.merge(
{ "patched_versions" => vulnerabilities },
{ "related:\nurl:" => advisory["references"] }
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that should be {"related" => {"url" => ...}}.

Copy link
Contributor Author

@jasnow jasnow Apr 10, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

lib/github_advisory_sync.rb Outdated
file.write new_data.to_yaml
file.write new_data.merge(
{ "patched_versions" => vulnerabilities },
{ "related:\nurl:" => advisory["references"] }
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also these two hashes could probably be combined.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

@postmodern
Copy link
Member

postmodern commented Apr 10, 2023
edited
Loading

@jasnow FYI you seem to keep running git commit -amended which actually does git commit -am ended. You want to run git commit --amend and git push origin master -f.

@postmodern postmodern merged commit cbf3d75 into rubysec:master Apr 10, 2023
@jasnow
Copy link
Contributor Author

jasnow commented Apr 10, 2023

Thanks for the clarification

@jasnow jasnow mentioned this pull request Jun 18, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@postmodern postmodern postmodern requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jasnow @postmodern