Convert to CVE model

Signed-off-by: Prabhu Subramanian <[email protected]>
AppThreat · Mar 17, 2024 · 96932e4 · 96932e4
1 parent 2e58175
commit 96932e4
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 5 deletions.
diff --git a/vdb/cli.py b/vdb/cli.py
@@ -14,7 +14,6 @@
 from vdb.lib import config, db6 as db_lib, search
 from vdb.lib.aqua import AquaSource
 from vdb.lib.gha import GitHubSource
-from vdb.lib.npm import NpmSource
 from vdb.lib.osv import OSVSource
 
 console = Console()
@@ -95,7 +94,7 @@ def print_results(results):
         table.add_row(res.get("cve_id"), res.get("type"),
                       res.get("namespace", ""), res.get("name"),
                       Syntax(orjson.dumps(
-                          res.get("source_data", {}),
+                          res.get("source_data").model_dump(mode="json", exclude_none=True),
                           option=orjson.OPT_INDENT_2 | orjson.OPT_APPEND_NEWLINE).decode("utf-8", errors="ignore"), "json", word_wrap=True))
     console.print(table)
 

diff --git a/vdb/lib/search.py b/vdb/lib/search.py
@@ -1,6 +1,7 @@
 import orjson
 
 from vdb.lib import db6, utils
+from vdb.lib.cve_model import CVE
 
 
 def _filter_hits(raw_hits: list, compare_ver: str) -> list:
@@ -33,7 +34,7 @@ def _data_list(db_conn, filtered_list, search_str):
                 "name": res[3],
                 "matching_vers": ahit["vers"],
                 "matched_by": search_str,
-                "source_data": orjson.loads(res[4]) if res[4] else None,
+                "source_data": CVE.model_validate(orjson.loads(res[4]), strict=False) if res[4] else None,
                 "override_data": orjson.loads(res[5]) if res[5] else None
             })
     return data_list
@@ -48,11 +49,11 @@ def search_by_cpe_like(cpe: str, with_data=False) -> list | None:
     else:
         return None
     raw_hits = exec_query(index_conn,
-                          f"SELECT cve_id, type, namespace, name, vers FROM cve_index where namespace = ? AND name = ?;",
+                          "SELECT cve_id, type, namespace, name, vers FROM cve_index where namespace = ? AND name = ?;",
                           (vendor, package))
     if not raw_hits:
         raw_hits = exec_query(index_conn,
-                              f"SELECT cve_id, type, namespace, name, vers FROM cve_index where type = ? AND name = ?;",
+                              "SELECT cve_id, type, namespace, name, vers FROM cve_index where type = ? AND name = ?;",
                               (vendor, package))
     filtered_list = _filter_hits(raw_hits, version)
     if with_data: