ruby-advisory-db Write a Lint rule check for "2 different files: same ghsa: value, only 1 cve: value; Same advisory"

Write a Lint rule check for "2 different files: same ghsa: value, only 1 cve: value; Same advisory"

Open jasnow opened this issue 2 years ago • 1 comments

Write a Lint rule check for "2 different files: same ghsa: value, only 1 cve: value" (currently not flagged) 1 file is named "CVE-*" (has cve: and ghsa: values) and 1 file is named "GHSA-" (no cve: value, but has ghsa: value).

Jun 29 '23 12:06 jasnow

Minimum test case:

Run grep -v "^cve:" gems/bootstrap/*14040* > gems/bootstrap/GHSA-3wqf-4x89-9g79.yml
Run "rake" and it will be green but you have two copies of the same advisory.

FYI: Verified today that PR #585 does not catch this condition.

Jul 11 '23 17:07 jasnow

ruby-advisory-db ruby-advisory-db copied to clipboard

Write a Lint rule check for "2 different files: same ghsa: value, only 1 cve: value; Same advisory"

ruby-advisory-db
ruby-advisory-db copied to clipboard