57 lines
1.5 KiB
Ruby
57 lines
1.5 KiB
Ruby
|
require '/data_importer/lib/github_api/github_api.rb'
|
||
|
|
|
||
|
|
class SecurityAdvisory
|
||
|
|
SecurityAdvisoryQuery = GithubApi::Client.parse <<-'GRAPHQL'
|
||
|
|
query($ghsa_id: String!) {
|
||
|
|
securityAdvisory(ghsaId: $ghsa_id) {
|
||
|
|
ghsaId
|
||
|
|
summary
|
||
|
|
severity
|
||
|
|
description
|
||
|
|
cvss {
|
||
|
|
vectorString
|
||
|
|
}
|
||
|
|
origin
|
||
|
|
permalink
|
||
|
|
notificationsPermalink
|
||
|
|
updatedAt
|
||
|
|
publishedAt
|
||
|
|
cwes(first: 100) {
|
||
|
|
edges {
|
||
|
|
node {
|
||
|
|
cweId
|
||
|
|
description
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
references {
|
||
|
|
url
|
||
|
|
}
|
||
|
|
vulnerabilities(first: 100) {
|
||
|
|
edges {
|
||
|
|
node {
|
||
|
|
package {
|
||
|
|
name
|
||
|
|
ecosystem
|
||
|
|
}
|
||
|
|
severity
|
||
|
|
updatedAt
|
||
|
|
vulnerableVersionRange
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
GRAPHQL
|
||
|
|
|
||
|
|
def self.find(ghsa_id)
|
||
|
|
response = GithubApi::Client.query(SecurityAdvisoryQuery, variables: { ghsa_id: ghsa_id })
|
||
|
|
if response.errors.any?
|
||
|
|
raise QueryExecutionError.new(response.errors[:data].join(", "))
|
||
|
|
else
|
||
|
|
response.data.security_advisory
|
||
|
|
end
|
||
|
|
end
|
||
|
|
end
|
||
|
|
|
||
|
|
class QueryExecutionError < StandardError; end
|