From b24f54dc3ba1f49f16b154bf7b08bff0db935dd1 Mon Sep 17 00:00:00 2001
From: Tatiana Bradley <tatianabradley@google.com>
Date: Thu, 9 Nov 2023 11:19:35 -0500
Subject: [PATCH] internal/{osv,report}: publish related field to OSV from YAML

Change-Id: I2fdf5aa43154557b2ac20a0fe22f931dc09cab4b
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/541119
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Damien Neil <dneil@google.com>
---
 internal/osv/osv.go         | 2 ++
 internal/report/osv.go      | 1 +
 internal/report/osv_test.go | 2 ++
 3 files changed, 5 insertions(+)

diff --git a/internal/osv/osv.go b/internal/osv/osv.go
index ff717809..13e569e8 100644
--- a/internal/osv/osv.go
+++ b/internal/osv/osv.go
@@ -206,6 +206,8 @@ type Entry struct {
 	// Aliases is a list of IDs for the same vulnerability in other
 	// databases.
 	Aliases []string `json:"aliases,omitempty"`
+	// Related is a list of IDs closely related to this vulnerability.
+	Related []string `json:"related,omitempty"`
 	// Summary contains a a one-line, English textual summary of the
 	// vulnerability.
 	Summary string `json:"summary,omitempty"`
diff --git a/internal/report/osv.go b/internal/report/osv.go
index 38bcbe62..a9f7e8e8 100644
--- a/internal/report/osv.go
+++ b/internal/report/osv.go
@@ -58,6 +58,7 @@ func (r *Report) ToOSV(lastModified time.Time) osv.Entry {
 		Published:        osv.Time{Time: r.Published},
 		Modified:         osv.Time{Time: lastModified},
 		Withdrawn:        withdrawn,
+		Related:          r.Related,
 		Summary:          toParagraphs(r.Summary),
 		Details:          toParagraphs(details),
 		Credits:          credits,
diff --git a/internal/report/osv_test.go b/internal/report/osv_test.go
index ae2df07b..c79e30dd 100644
--- a/internal/report/osv_test.go
+++ b/internal/report/osv_test.go
@@ -67,6 +67,7 @@ func TestToOSV(t *testing.T) {
 		Description: "It's a real bad one, \nI'll tell you that.\n\n More info.\n",
 		CVEs:        []string{"CVE-0000-0000"},
 		GHSAs:       []string{"GHSA-abcd-efgh"},
+		Related:     []string{"CVE-0000-0002"},
 		Credits:     []string{"gopherbot"},
 		References: []*Reference{
 			{Type: osv.ReferenceTypeAdvisory, URL: "advisory"},
@@ -87,6 +88,7 @@ func TestToOSV(t *testing.T) {
 			{Type: "WEB", URL: "web"},
 		},
 		Aliases: []string{"CVE-0000-0000", "GHSA-abcd-efgh"},
+		Related: []string{"CVE-0000-0002"},
 		Affected: []osv.Affected{
 			{
 				Module: osv.Module{