From 94d1e0de280fe8a1021c7ce2127ee6f9ac007a6c Mon Sep 17 00:00:00 2001 From: Jon Penwood Date: Wed, 18 Oct 2023 11:30:38 -0500 Subject: [PATCH 1/4] fix: Removed need to entity subtype --- components/block.js | 13 +++++++++++-- package.json | 4 ++-- templates/block.hbs | 4 ++-- 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/components/block.js b/components/block.js index 9812a0b..b838834 100644 --- a/components/block.js +++ b/components/block.js @@ -1,6 +1,15 @@ polarity.export = PolarityComponent.extend({ details: Ember.computed.alias('block.data.details'), - timezone: Ember.computed('Intl', function() { + timezone: Ember.computed('Intl', function () { return Intl.DateTimeFormat().resolvedOptions().timeZone; - }) + }), + isKbEntity: false, + isCveEntity: false, + init() { + if (this.get('block.entity.type') === 'custom') { + if (this.get('block.entity.types').includes('custom.kb')) this.set('isKbEntity', true); + if (this.get('block.entity.types').includes('custom.cve')) this.set('isCveEntity', true); + } + this._super(...arguments); + } }); diff --git a/package.json b/package.json index 084e683..9cf6c32 100644 --- a/package.json +++ b/package.json @@ -1,10 +1,10 @@ { "name": "VulDB", - "version": "3.0.6", + "version": "3.0.7", "main": "./integration.js", "private": true, "dependencies": { "async": "^3.2.4", - "postman-request": "^2.88.1-postman.32" + "postman-request": "^2.88.1-postman.33" } } diff --git a/templates/block.hbs b/templates/block.hbs index 85114c5..8a475cc 100644 --- a/templates/block.hbs +++ b/templates/block.hbs @@ -1,9 +1,9 @@ -{{#if (eq block.entity.subtype "custom.kb")}} +{{#if isKbEntity}} {{/if}} -{{#if (eq block.entity.subtype "custom.cve")}} +{{#if isCveEntity}} From 9290057bbe0cc53fae586c73840baa8e04832ad0 Mon Sep 17 00:00:00 2001 From: Jon Penwood Date: Wed, 18 Oct 2023 15:56:46 -0500 Subject: [PATCH 2/4] fix: Updating package-lock version --- package-lock.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package-lock.json b/package-lock.json index 547dac9..314fe13 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "VulDB", - "version": "3.0.6", + "version": "3.0.7", "lockfileVersion": 1, "requires": true, "dependencies": { From b72dd72ff8a11411d3acf6387a2625b59ecf9b0c Mon Sep 17 00:00:00 2001 From: Ed Date: Fri, 1 Dec 2023 20:40:39 -0500 Subject: [PATCH 3/4] Remove custom summar components, use built-in cve type, improve cve search efficiency --- components/block.js | 15 ++++++--------- components/summary.js | 3 --- config/config.js | 19 ++++--------------- config/config.json | 18 +++++++++--------- integration.js | 16 +++++++++++----- templates/summary.hbs | 6 ------ 6 files changed, 30 insertions(+), 47 deletions(-) delete mode 100644 components/summary.js delete mode 100644 templates/summary.hbs diff --git a/components/block.js b/components/block.js index b838834..cccd7fd 100644 --- a/components/block.js +++ b/components/block.js @@ -3,13 +3,10 @@ polarity.export = PolarityComponent.extend({ timezone: Ember.computed('Intl', function () { return Intl.DateTimeFormat().resolvedOptions().timeZone; }), - isKbEntity: false, - isCveEntity: false, - init() { - if (this.get('block.entity.type') === 'custom') { - if (this.get('block.entity.types').includes('custom.kb')) this.set('isKbEntity', true); - if (this.get('block.entity.types').includes('custom.cve')) this.set('isCveEntity', true); - } - this._super(...arguments); - } + isKbEntity: Ember.computed('block.entity.types.[]', function () { + return this.get('block.entity.types').includes('custom.kb'); + }), + isCveEntity: Ember.computed('block.entity.types.[]', function () { + return this.get('block.entity.types').includes('cve'); + }) }); diff --git a/components/summary.js b/components/summary.js deleted file mode 100644 index a7de17c..0000000 --- a/components/summary.js +++ /dev/null @@ -1,3 +0,0 @@ -polarity.export = PolarityComponent.extend({ - details: Ember.computed.alias('block.data.details') -}); diff --git a/config/config.js b/config/config.js index d4d3960..9627379 100644 --- a/config/config.js +++ b/config/config.js @@ -23,14 +23,11 @@ module.exports = { * @optional */ description: 'The Community Driven Vulnerability Database', + entityTypes: ['cve'], customTypes: [ { key: 'kb', regex: /KB\s?[0-9]{7}/ - }, - { - key: 'cve', - regex: /CVE-\d{4}-\d{4,7}/ } ], defaultColor: 'light-pink', @@ -51,14 +48,6 @@ module.exports = { file: './templates/block.hbs' } }, - summary: { - component: { - file: './components/summary.js' - }, - template: { - file: './templates/summary.hbs' - } - }, request: { // Provide the path to your certFile. Leave an empty string to ignore this option. // Relative paths are relative to the integration's root directory @@ -74,7 +63,7 @@ module.exports = { ca: '', // An HTTP proxy to be used. Supports proxy Auth with Basic Auth, identical to support for // the url parameter (by embedding the auth info in the uri) - proxy: "" + proxy: '' }, logging: { level: 'info' //trace, debug, info, warn, error, fatal @@ -102,8 +91,8 @@ module.exports = { description: 'Valid VulDB API Key.', default: '', type: 'password', - userCanEdit: true, - adminOnly: false + userCanEdit: false, + adminOnly: true } ] }; diff --git a/config/config.json b/config/config.json index 3f64e20..b7c47e6 100644 --- a/config/config.json +++ b/config/config.json @@ -3,18 +3,19 @@ "name": "VulDB", "acronym": "VULDB", "description": "The Community Driven Vulnerability Database", + "entityTypes": [ + "cve" + ], "customTypes": [ { "key": "kb", "regex": "KB\\s?[0-9]{7}" - }, - { - "key": "cve", - "regex": "CVE-\\d{4}-\\d{4,7}" } ], "defaultColor": "light-pink", - "styles": ["./styles/styles.less"], + "styles": [ + "./styles/styles.less" + ], "block": { "component": { "file": "./components/block.js" @@ -57,9 +58,8 @@ "description": "Valid VulDB API Key.", "default": "", "type": "password", - "userCanEdit": true, - "adminOnly": false + "userCanEdit": false, + "adminOnly": true } - ], - "entityTypes": [] + ] } \ No newline at end of file diff --git a/integration.js b/integration.js index 83c370c..81761be 100644 --- a/integration.js +++ b/integration.js @@ -60,16 +60,21 @@ function doLookup(entities, options, cb) { method: 'POST', uri: `${options.url}/?api`, form: { - apikey: options.apiKey, - search: entity.value + apikey: options.apiKey }, json: true }; + if (entity.types.includes('cve')) { + requestOptions.form.advancedsearch = `cve:${entity.value}`; + } else { + requestOptions.form.search = entity.value; + } + Logger.trace({ uri: requestOptions }, 'Request URI'); - tasks.push(function(done) { - requestWithDefaults(requestOptions, function(httpError, res, body) { + tasks.push(function (done) { + requestWithDefaults(requestOptions, function (httpError, res, body) { if (httpError) { return done({ detail: 'HTTP Request Error', @@ -148,6 +153,7 @@ function doLookup(entities, options, cb) { results.forEach((result) => { if ( result.body === null || + !result.body.result || (result.body && Array.isArray(result.body.result) && result.body.result.length === 0) ) { // body.result is an array of result items. If it is empty or does not exist then there are no results @@ -160,7 +166,7 @@ function doLookup(entities, options, cb) { lookupResults.push({ entity: result.entity, data: { - summary: [], + summary: [`Results: ${result.body.result.length}`], details: result.body } }); diff --git a/templates/summary.hbs b/templates/summary.hbs deleted file mode 100644 index 4896f1e..0000000 --- a/templates/summary.hbs +++ /dev/null @@ -1,6 +0,0 @@ -{{#if (gt details.result.length 0)}} - - {{block.acronym}} - Results: {{details.result.length}} - -{{/if}} From 9a9aae3ea6e05ef6d9555dc15bc221b2533a07a5 Mon Sep 17 00:00:00 2001 From: Ed Date: Fri, 1 Dec 2023 20:40:51 -0500 Subject: [PATCH 4/4] Bump dependencies --- package-lock.json | 8 ++++---- package.json | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 314fe13..88328d1 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "VulDB", - "version": "3.0.7", + "version": "3.0.8", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -58,9 +58,9 @@ "integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==" }, "async": { - "version": "3.2.4", - "resolved": "https://registry.npmjs.org/async/-/async-3.2.4.tgz", - "integrity": "sha512-iAB+JbDEGXhyIUavoDl9WP/Jj106Kz9DEn1DPgYw5ruDn0e3Wgi3sKFm55sASdGBNOQB8F59d9qQ7deqrHA8wQ==" + "version": "3.2.5", + "resolved": "https://registry.npmjs.org/async/-/async-3.2.5.tgz", + "integrity": "sha512-baNZyqaaLhyLVKm/DlvdW051MSgO6b8eVfIezl9E5PqWxFgzLm/wQntEW4zOytVburDEr0JlALEpdOFwvErLsg==" }, "asynckit": { "version": "0.4.0", diff --git a/package.json b/package.json index 9cf6c32..8475f67 100644 --- a/package.json +++ b/package.json @@ -1,10 +1,10 @@ { "name": "VulDB", - "version": "3.0.7", + "version": "3.0.8", "main": "./integration.js", "private": true, "dependencies": { - "async": "^3.2.4", + "async": "^3.2.5", "postman-request": "^2.88.1-postman.33" } }