58 lines
No EOL
1.5 KiB
Ruby
58 lines
No EOL
1.5 KiB
Ruby
require '/data_importer/lib/github_api/github_api.rb'
|
|
module GithubApi
|
|
class SecurityAdvisory
|
|
SecurityAdvisoryQuery = GithubApi::Client.parse <<-'GRAPHQL'
|
|
query($ghsa_id: String!) {
|
|
securityAdvisory(ghsaId: $ghsa_id) {
|
|
ghsaId
|
|
summary
|
|
severity
|
|
description
|
|
cvss {
|
|
vectorString
|
|
}
|
|
origin
|
|
permalink
|
|
notificationsPermalink
|
|
updatedAt
|
|
publishedAt
|
|
cwes(first: 100) {
|
|
edges {
|
|
node {
|
|
cweId
|
|
description
|
|
}
|
|
}
|
|
}
|
|
references {
|
|
url
|
|
}
|
|
vulnerabilities(first: 100) {
|
|
edges {
|
|
node {
|
|
package {
|
|
name
|
|
ecosystem
|
|
}
|
|
severity
|
|
updatedAt
|
|
vulnerableVersionRange
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
GRAPHQL
|
|
|
|
def self.find(ghsa_id)
|
|
response = GithubApi::Client.query(SecurityAdvisoryQuery, variables: { ghsa_id: ghsa_id })
|
|
if response.errors.any?
|
|
raise QueryExecutionError.new(response.errors[:data].join(", "))
|
|
else
|
|
response.data.security_advisory
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
class QueryExecutionError < StandardError; end |