-
Notifications
You must be signed in to change notification settings - Fork 8
/
mandatoryTest_6_1_27_10.js
91 lines (80 loc) · 2.72 KB
/
mandatoryTest_6_1_27_10.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
/**
* @typedef {object} VulnerabilityProductStatus
* @property {unknown} known_affected
*/
/**
* @typedef {object} Vulnerability
* @property {VulnerabilityProductStatus} [product_status]
* @property {unknown} remediations
*/
/**
* @param {any} doc
*/
export default function mandatoryTest_6_1_27_10(doc) {
/** @type {Array<{ message: string; instancePath: string }>} */
const errors = []
let isValid = true
/** @type {unknown} */
const vulnerabilities = doc.vulnerabilities
if (doc.document?.category !== 'csaf_vex' || !Array.isArray(vulnerabilities))
return { errors, isValid }
vulnerabilities.forEach(
(
/**
* @type {Vulnerability | null} vulnerability
*/
vulnerability,
vulnerabilityIndex
) => {
const productStatus = vulnerability?.product_status
if (
!vulnerability ||
!productStatus ||
!Array.isArray(productStatus.known_affected)
)
return
productStatus.known_affected.forEach((productId, productIdIndex) => {
/**
* @typedef {object} Remediation
* @property {unknown} category
* @property {unknown} group_ids
* @property {unknown} product_ids
*/
/** @type {(Remediation | null | undefined)[]} */
const remediations = Array.isArray(vulnerability.remediations)
? vulnerability.remediations
: []
const hasMatchingRemediation = remediations.some((remediation) => {
if (!remediation) return false
const remediationHasMatchingProduct =
Array.isArray(remediation.product_ids) &&
remediation.product_ids.includes(productId)
if (remediationHasMatchingProduct) return true
const productGroups = doc.product_tree?.product_groups
const remediationHasMatchingProductGroup =
Array.isArray(remediation.group_ids) &&
Array.isArray(productGroups) &&
remediation.group_ids.some((groupId) => {
/** @type {{ product_ids: unknown } | undefined} */
const group = productGroups.find((g) => g.group_id === groupId)
return (
group &&
Array.isArray(group.product_ids) &&
group.product_ids.includes(productId)
)
})
if (remediationHasMatchingProductGroup) return true
return false
})
if (!hasMatchingRemediation) {
isValid = false
errors.push({
instancePath: `/vulnerabilities/${vulnerabilityIndex}/product_status/known_affected/${productIdIndex}`,
message: 'no suitable action statement found',
})
}
})
}
)
return { errors, isValid }
}