internal/{osv,report}: publish related field to OSV from YAML

Change-Id: I2fdf5aa43154557b2ac20a0fe22f931dc09cab4b Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/541119 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Damien Neil <[email protected]>
golang · Nov 9, 2023 · b24f54d · b24f54d
1 parent f6eff24
commit b24f54d
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 0 deletions.
diff --git a/internal/osv/osv.go b/internal/osv/osv.go
@@ -206,6 +206,8 @@ type Entry struct {
 	// Aliases is a list of IDs for the same vulnerability in other
 	// databases.
 	Aliases []string `json:"aliases,omitempty"`
+	// Related is a list of IDs closely related to this vulnerability.
+	Related []string `json:"related,omitempty"`
 	// Summary contains a a one-line, English textual summary of the
 	// vulnerability.
 	Summary string `json:"summary,omitempty"`

diff --git a/internal/report/osv.go b/internal/report/osv.go
@@ -58,6 +58,7 @@ func (r *Report) ToOSV(lastModified time.Time) osv.Entry {
 		Published:        osv.Time{Time: r.Published},
 		Modified:         osv.Time{Time: lastModified},
 		Withdrawn:        withdrawn,
+		Related:          r.Related,
 		Summary:          toParagraphs(r.Summary),
 		Details:          toParagraphs(details),
 		Credits:          credits,

diff --git a/internal/report/osv_test.go b/internal/report/osv_test.go
@@ -67,6 +67,7 @@ func TestToOSV(t *testing.T) {
 		Description: "It's a real bad one, \nI'll tell you that.\n\n More info.\n",
 		CVEs:        []string{"CVE-0000-0000"},
 		GHSAs:       []string{"GHSA-abcd-efgh"},
+		Related:     []string{"CVE-0000-0002"},
 		Credits:     []string{"gopherbot"},
 		References: []*Reference{
 			{Type: osv.ReferenceTypeAdvisory, URL: "advisory"},
@@ -87,6 +88,7 @@ func TestToOSV(t *testing.T) {
 			{Type: "WEB", URL: "web"},
 		},
 		Aliases: []string{"CVE-0000-0000", "GHSA-abcd-efgh"},
+		Related: []string{"CVE-0000-0002"},
 		Affected: []osv.Affected{
 			{
 				Module: osv.Module{