begin adding some cpe lookup stuff so we can just include that in our output

tools/mozilla/security_advisory_scraper/mozilla_security_advisory_scraper.rb

@@ -129,7 +129,28 @@ class MozillaSecurityAdvisoryScraper
     File.write("./data/#{advisory_hash[:advisory_id]}.json", pretty_json)
   end
 
-  def product_name_version_to_cpe(product_name, product_version)
+  def cve_cpes_from_nvd(cve_id)
+    body = get("https://services.nvd.nist.gov/rest/json/cpematch/2.0?cveId=#{cve_id}")
+    json = JSON.parse(body)
+    cpes = json.dig('matchStrings').map {|match_strings| match_strings.dig('matches')}
+  end
+
+  def product_name_to_cpe
+    # todo: record cpe translation
+    {
+      'Thunderbird': 'cpe:2.3:a:mozilla:thunderbird',
+      'Firefox': 'cpe:2.3:a:mozilla:firefox',
+      'Firefox ESR': 'cpe:2.3:a:mozilla:firefox_esr',
+      'NSS': 'cpe:2.3:a:mozilla:nss',
+      'Mozilla VPN': 'cpe:2.3:a:mozilla:mozilla_vpn',
+      'Firefox for Android': '',
+      'Firefox for iOS': '',
+      'Mozilla VPN Android': '',
+      'Mozilla VPN iOS': '',
+      'Mozilla VPN Windows': '',
+      'Thunderbird ESR': '',
+      'SeaMonkey': ''
+    }
   end
 
 end