From 64e97da030341b990cd76364cb61c0c10481926f Mon Sep 17 00:00:00 2001 From: knqyf263 Date: Wed, 28 Apr 2021 11:16:27 +0900 Subject: [PATCH 1/2] Add module --- osv/json.go | 2 ++ osv/json_test.go | 7 ++++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/osv/json.go b/osv/json.go index 9938b532..1d8c32b3 100644 --- a/osv/json.go +++ b/osv/json.go @@ -120,6 +120,7 @@ type Reference struct { // entry type Entry struct { ID string + Module string Published time.Time Modified time.Time Withdrawn *time.Time `json:",omitempty"` @@ -144,6 +145,7 @@ func Generate(id string, url string, r report.Report) []Entry { } entry := Entry{ ID: id, + Module: r.Module, Published: r.Published, Modified: lastModified, Withdrawn: r.Withdrawn, diff --git a/osv/json_test.go b/osv/json_test.go index 545c8dff..d06fc70f 100644 --- a/osv/json_test.go +++ b/osv/json_test.go @@ -56,7 +56,8 @@ func TestGenerate(t *testing.T) { want := []Entry{ { - ID: "GO-1991-0001", + ID: "GO-1991-0001", + Module: "example.com/vulnerable/v2", Package: Package{ Name: "example.com/vulnerable/v2", Ecosystem: "go", @@ -96,8 +97,8 @@ func TestGenerate(t *testing.T) { }, }, { - - ID: "GO-1991-0001", + ID: "GO-1991-0001", + Module: "vanity.host/vulnerable", Package: Package{ Name: "vanity.host/vulnerable/package", Ecosystem: "go", From 24d0eb96b7191d012e66e13d42b6b17623afa7d6 Mon Sep 17 00:00:00 2001 From: knqyf263 Date: Sun, 30 May 2021 10:15:53 +0300 Subject: [PATCH 2/2] fix: add module to additional package --- osv/json.go | 1 + 1 file changed, 1 insertion(+) diff --git a/osv/json.go b/osv/json.go index 910548ed..a6ae57ae 100644 --- a/osv/json.go +++ b/osv/json.go @@ -184,6 +184,7 @@ func Generate(id string, url string, r report.Report) []Entry { if additional.Package != "" { additionalImportPath = additional.Package } + entryCopy.Module = additional.Module entryCopy.Package.Name = additionalImportPath entryCopy.EcosystemSpecific.Symbols = additional.Symbols entryCopy.Affects = generateAffects(additional.Versions)