Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change: Fix broken event name #1071

Merged
merged 1 commit into from
Dec 6, 2024
Merged

Change: Fix broken event name #1071

merged 1 commit into from
Dec 6, 2024

Conversation

n-thumann
Copy link
Member

@n-thumann n-thumann commented Dec 6, 2024
edited
Loading

What

This PR fixes a now incorrect event name. It not only changes this string expected from the NVD, but also the Enum value on our side.

Why

As announced in https://www.nist.gov/itl/nvd / https://groups.google.com/a/list.nist.gov/g/nvd-news/c/pTfvMzIWGxg, the CVE Received event has been renamed to New CVE Received.
Without this change the parsing fails:

pontos git:(main) poetry run pontos-nvd-cve-changes --cve-id CVE-2024-43530 -s 0
Traceback (most recent call last):
[...]
  File "/home/nthumann/Greenbone/pontos/pontos/models/__init__.py", line 152, in from_dict
    raise ModelError(
pontos.models.ModelError: Error while creating CVEChange model. Could not set value for property 'event_name' from 'New CVE Received'.

With this change this is now fixed:

pontos git:(fix_new_cve_received_event_name) poetry run pontos-nvd-cve-changes --cve-id CVE-2024-43530 -s 0
CVEChange(cve_id='CVE-2024-43530', event_name=<EventName.NEW_CVE_RECEIVED: 'New CVE Received'>, cve_change_id=...)

I also decided to adjust the Enum value accordingly. It is very likely not an issue, because IIRC only vt-cve-library is using the CVE Change History and no one is using the CVE_RECEIVED value anyways (see here).

References

Checklist

  • Tests

@n-thumann n-thumann requested a review from a team as a code owner December 6, 2024 12:01
@greenbonebot greenbonebot enabled auto-merge (rebase) December 6, 2024 12:01
@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 6, 2024

Conventional Commits Report

Type Number
Changed 1

🚀 Conventional commits found.

@codecov Codecov
Copy link

codecov bot commented Dec 6, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 89.91%. Comparing base (97232c4) to head (d1dacc6).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1071   +/-   ##
=======================================
  Coverage   89.91%   89.91%           
=======================================
  Files         108      108           
  Lines        7176     7176           
  Branches      811      811           
=======================================
  Hits         6452     6452           
  Misses        521      521           
  Partials      203      203

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@n-thumann n-thumann force-pushed the fix_new_cve_received_event_name branch from d2d00a4 to d1dacc6 Compare December 6, 2024 12:03
@n-thumann n-thumann added the make release To trigger GitHub release action. label Dec 6, 2024
y0urself
y0urself approved these changes Dec 6, 2024
View reviewed changes
Copy link
Member

@y0urself y0urself left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@greenbonebot greenbonebot merged commit 93c790c into main Dec 6, 2024
21 checks passed
@greenbonebot greenbonebot deleted the fix_new_cve_received_event_name branch December 6, 2024 12:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@y0urself y0urself y0urself approved these changes

Assignees
No one assigned
Labels
make release To trigger GitHub release action.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@n-thumann @y0urself @greenbonebot