report,cmd/gendb: use lowercase JSON keys and fix public URL
Change-Id: Iaf276b94700bf66abe24e14aad04904571b3e6a4
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/323949
Trust: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
diff --git a/cmd/gendb/main.go b/cmd/gendb/main.go
index 176130d..9bb283f 100644
--- a/cmd/gendb/main.go
+++ b/cmd/gendb/main.go
@@ -24,14 +24,14 @@
os.Exit(1)
}
-// TODO: obviously not for the real world
-const dbURL = "https://go.googlesource.com/vulndb/+/refs/heads/main/reports/"
+// TODO(rolandshoemaker): once we have the HTML representation ready this should
+// be the prefix for that.
+const dbURL = "https://go.googlesource.com/vulndb/+/refs/heads/master/reports/"
func matchesCurrent(path string, new []osv.Entry) bool {
var current []osv.Entry
content, err := ioutil.ReadFile(path + ".json")
if err != nil {
- fmt.Println("bad", err)
return false
}
if err = json.Unmarshal(content, ¤t); err != nil {
@@ -70,7 +70,10 @@
name := strings.TrimSuffix(filepath.Base(f.Name()), filepath.Ext(f.Name()))
- for _, e := range osv.Generate(name, fmt.Sprintf("%s%s.toml", dbURL, name), vuln) {
+ // TODO(rolandshoemaker): once the HTML representation is ready this should be
+ // the link to the HTML page.
+ linkName := fmt.Sprintf("%s%s.yaml", dbURL, name)
+ for _, e := range osv.Generate(name, linkName, vuln) {
jsonVulns[e.Package.Name] = append(jsonVulns[e.Package.Name], e)
}
}
diff --git a/osv/json.go b/osv/json.go
index 1ee0867..660cda7 100644
--- a/osv/json.go
+++ b/osv/json.go
@@ -3,7 +3,8 @@
// license that can be found in the LICENSE file.
// Package osv implements the <name-pending> shared vulnerability
-// format, with the Go specific extensions.
+// format, with the Go specific extensions, as defined by
+// https://tinyurl.com/vuln-json.
//
// As this package is intended for use with the Go vulnerability
// database, only the subset of features which are used by that
@@ -67,7 +68,7 @@
}
type Affects struct {
- Ranges []AffectsRange `json:",omitempty"`
+ Ranges []AffectsRange `json:"ranges,omitempty"`
}
func generateAffects(versions []report.VersionRange) Affects {
@@ -105,9 +106,9 @@
}
type GoSpecific struct {
- Symbols []string `json:",omitempty"`
- GOOS []string `json:",omitempty"`
- GOARCH []string `json:",omitempty"`
+ Symbols []string `json:"symbols,omitempty"`
+ GOOS []string `json:"goos,omitempty"`
+ GOARCH []string `json:"goarch,omitempty"`
URL string `json:"url"`
}