From 98f605b04b49167139f3dace3832d38d0850e60c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eric=20Meadows-J=C3=B6nsson?= Date: Tue, 19 May 2026 18:56:16 +0200 Subject: [PATCH 1/8] Add aliases, published_at, modified_at, references to SecurityAdvisory --- proto/hex_pb_package.proto | 23 +- src/hex_pb_package.erl | 483 +++++++++++++++++++++++++++++++------ 2 files changed, 426 insertions(+), 80 deletions(-) diff --git a/proto/hex_pb_package.proto b/proto/hex_pb_package.proto index e99869d..10cfe8a 100644 --- a/proto/hex_pb_package.proto +++ b/proto/hex_pb_package.proto @@ -27,7 +27,8 @@ message Release { optional bytes outer_checksum = 5; // Indexes into Package.advisories for advisories affecting this release repeated uint32 advisory_indexes = 6; - // Release published timestamp + // Release published timestamp. Optional for backwards compatibility — + // clients treat absence as "no information". optional Timestamp published_at = 7; } @@ -57,6 +58,19 @@ message SecurityAdvisory { optional float cvss_score = 5; // OSV API URL for the advisory required string api_url = 6; + // Other identifiers for the same vulnerability (e.g. a CVE id when the + // primary id is a GHSA, or vice versa). Used by clients to deduplicate + // advisories that describe the same vulnerability from different sources. + repeated string aliases = 7; + // First publication timestamp from the advisory source. Optional for + // backwards compatibility — clients treat absence as "no information". + optional Timestamp published_at = 8; + // Last modification timestamp from the advisory source. Optional for + // backwards compatibility. + optional Timestamp modified_at = 9; + // External references describing the advisory (links to vendor fix PRs, + // CVE write-ups, blog posts, etc.). + repeated AdvisoryReference references = 10; } enum AdvisorySeverity { @@ -67,6 +81,13 @@ enum AdvisorySeverity { SEVERITY_CRITICAL = 4; } +message AdvisoryReference { + // OSV reference type, e.g. "WEB", "ADVISORY", "FIX", "REPORT" + required string type = 1; + // Reference URL + required string url = 2; +} + message Dependency { // Package name of dependency required string package = 1; diff --git a/src/hex_pb_package.erl b/src/hex_pb_package.erl index b12d6ae..92e5b9f 100644 --- a/src/hex_pb_package.erl +++ b/src/hex_pb_package.erl @@ -84,7 +84,16 @@ html_url => unicode:chardata(), % = 3, required severity => 'SEVERITY_NONE' | 'SEVERITY_LOW' | 'SEVERITY_MEDIUM' | 'SEVERITY_HIGH' | 'SEVERITY_CRITICAL' | integer(), % = 4, optional, enum AdvisorySeverity cvss_score => float() | integer() | infinity | '-infinity' | nan, % = 5, optional - api_url => unicode:chardata() % = 6, required + api_url => unicode:chardata(), % = 6, required + aliases => [unicode:chardata()], % = 7, repeated + published_at => 'Timestamp'(), % = 8, optional + modified_at => 'Timestamp'(), % = 9, optional + references => ['AdvisoryReference'()] % = 10, repeated + }. + +-type 'AdvisoryReference'() :: + #{type => unicode:chardata(), % = 1, required + url => unicode:chardata() % = 2, required }. -type 'Dependency'() :: @@ -100,9 +109,9 @@ nanos => integer() % = 2, required, 32 bits }. --export_type(['Package'/0, 'Release'/0, 'RetirementStatus'/0, 'SecurityAdvisory'/0, 'Dependency'/0, 'Timestamp'/0]). --type '$msg_name'() :: 'Package' | 'Release' | 'RetirementStatus' | 'SecurityAdvisory' | 'Dependency' | 'Timestamp'. --type '$msg'() :: 'Package'() | 'Release'() | 'RetirementStatus'() | 'SecurityAdvisory'() | 'Dependency'() | 'Timestamp'(). +-export_type(['Package'/0, 'Release'/0, 'RetirementStatus'/0, 'SecurityAdvisory'/0, 'AdvisoryReference'/0, 'Dependency'/0, 'Timestamp'/0]). +-type '$msg_name'() :: 'Package' | 'Release' | 'RetirementStatus' | 'SecurityAdvisory' | 'AdvisoryReference' | 'Dependency' | 'Timestamp'. +-type '$msg'() :: 'Package'() | 'Release'() | 'RetirementStatus'() | 'SecurityAdvisory'() | 'AdvisoryReference'() | 'Dependency'() | 'Timestamp'(). -export_type(['$msg_name'/0, '$msg'/0]). -spec encode_msg('$msg'(), '$msg_name'()) -> binary(). @@ -117,6 +126,7 @@ encode_msg(Msg, MsgName, Opts) -> 'Release' -> encode_msg_Release(id(Msg, TrUserData), TrUserData); 'RetirementStatus' -> encode_msg_RetirementStatus(id(Msg, TrUserData), TrUserData); 'SecurityAdvisory' -> encode_msg_SecurityAdvisory(id(Msg, TrUserData), TrUserData); + 'AdvisoryReference' -> encode_msg_AdvisoryReference(id(Msg, TrUserData), TrUserData); 'Dependency' -> encode_msg_Dependency(id(Msg, TrUserData), TrUserData); 'Timestamp' -> encode_msg_Timestamp(id(Msg, TrUserData), TrUserData) end. @@ -205,7 +215,38 @@ encode_msg_SecurityAdvisory(#{id := F1, summary := F2, html_url := F3, api_url : #{cvss_score := F5} -> begin TrF5 = id(F5, TrUserData), e_type_float(TrF5, <>, TrUserData) end; _ -> B4 end, - begin TrF6 = id(F6, TrUserData), e_type_string(TrF6, <>, TrUserData) end. + B6 = begin TrF6 = id(F6, TrUserData), e_type_string(TrF6, <>, TrUserData) end, + B7 = case M of + #{aliases := F7} -> + TrF7 = id(F7, TrUserData), + if TrF7 == [] -> B6; + true -> e_field_SecurityAdvisory_aliases(TrF7, B6, TrUserData) + end; + _ -> B6 + end, + B8 = case M of + #{published_at := F8} -> begin TrF8 = id(F8, TrUserData), e_mfield_SecurityAdvisory_published_at(TrF8, <>, TrUserData) end; + _ -> B7 + end, + B9 = case M of + #{modified_at := F9} -> begin TrF9 = id(F9, TrUserData), e_mfield_SecurityAdvisory_modified_at(TrF9, <>, TrUserData) end; + _ -> B8 + end, + case M of + #{references := F10} -> + TrF10 = id(F10, TrUserData), + if TrF10 == [] -> B9; + true -> e_field_SecurityAdvisory_references(TrF10, B9, TrUserData) + end; + _ -> B9 + end. + +encode_msg_AdvisoryReference(Msg, TrUserData) -> encode_msg_AdvisoryReference(Msg, <<>>, TrUserData). + + +encode_msg_AdvisoryReference(#{type := F1, url := F2}, Bin, TrUserData) -> + B1 = begin TrF1 = id(F1, TrUserData), e_type_string(TrF1, <>, TrUserData) end, + begin TrF2 = id(F2, TrUserData), e_type_string(TrF2, <>, TrUserData) end. encode_msg_Dependency(Msg, TrUserData) -> encode_msg_Dependency(Msg, <<>>, TrUserData). @@ -282,6 +323,33 @@ e_mfield_Release_published_at(Msg, Bin, TrUserData) -> Bin2 = e_varint(byte_size(SubBin), Bin), <>. +e_field_SecurityAdvisory_aliases([Elem | Rest], Bin, TrUserData) -> + Bin2 = <>, + Bin3 = e_type_string(id(Elem, TrUserData), Bin2, TrUserData), + e_field_SecurityAdvisory_aliases(Rest, Bin3, TrUserData); +e_field_SecurityAdvisory_aliases([], Bin, _TrUserData) -> Bin. + +e_mfield_SecurityAdvisory_published_at(Msg, Bin, TrUserData) -> + SubBin = encode_msg_Timestamp(Msg, <<>>, TrUserData), + Bin2 = e_varint(byte_size(SubBin), Bin), + <>. + +e_mfield_SecurityAdvisory_modified_at(Msg, Bin, TrUserData) -> + SubBin = encode_msg_Timestamp(Msg, <<>>, TrUserData), + Bin2 = e_varint(byte_size(SubBin), Bin), + <>. + +e_mfield_SecurityAdvisory_references(Msg, Bin, TrUserData) -> + SubBin = encode_msg_AdvisoryReference(Msg, <<>>, TrUserData), + Bin2 = e_varint(byte_size(SubBin), Bin), + <>. + +e_field_SecurityAdvisory_references([Elem | Rest], Bin, TrUserData) -> + Bin2 = <>, + Bin3 = e_mfield_SecurityAdvisory_references(id(Elem, TrUserData), Bin2, TrUserData), + e_field_SecurityAdvisory_references(Rest, Bin3, TrUserData); +e_field_SecurityAdvisory_references([], Bin, _TrUserData) -> Bin. + e_enum_RetirementReason('RETIRED_OTHER', Bin, _TrUserData) -> <>; e_enum_RetirementReason('RETIRED_INVALID', Bin, _TrUserData) -> <>; e_enum_RetirementReason('RETIRED_SECURITY', Bin, _TrUserData) -> <>; @@ -422,6 +490,7 @@ decode_msg_2_doit('Package', Bin, TrUserData) -> id(decode_msg_Package(Bin, TrUs decode_msg_2_doit('Release', Bin, TrUserData) -> id(decode_msg_Release(Bin, TrUserData), TrUserData); decode_msg_2_doit('RetirementStatus', Bin, TrUserData) -> id(decode_msg_RetirementStatus(Bin, TrUserData), TrUserData); decode_msg_2_doit('SecurityAdvisory', Bin, TrUserData) -> id(decode_msg_SecurityAdvisory(Bin, TrUserData), TrUserData); +decode_msg_2_doit('AdvisoryReference', Bin, TrUserData) -> id(decode_msg_AdvisoryReference(Bin, TrUserData), TrUserData); decode_msg_2_doit('Dependency', Bin, TrUserData) -> id(decode_msg_Dependency(Bin, TrUserData), TrUserData); decode_msg_2_doit('Timestamp', Bin, TrUserData) -> id(decode_msg_Timestamp(Bin, TrUserData), TrUserData). @@ -725,103 +794,271 @@ skip_32_RetirementStatus(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserDat skip_64_RetirementStatus(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> dfp_read_field_def_RetirementStatus(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData). decode_msg_SecurityAdvisory(Bin, TrUserData) -> - dfp_read_field_def_SecurityAdvisory(Bin, 0, 0, 0, id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), TrUserData). - -dfp_read_field_def_SecurityAdvisory(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_SecurityAdvisory_id(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_SecurityAdvisory_summary(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<26, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_SecurityAdvisory_html_url(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_SecurityAdvisory_severity(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<45, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_SecurityAdvisory_cvss_score(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<50, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_SecurityAdvisory_api_url(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, _) -> - S1 = #{id => F@_1, summary => F@_2, html_url => F@_3, api_url => F@_6}, + dfp_read_field_def_SecurityAdvisory(Bin, + 0, + 0, + 0, + id('$undef', TrUserData), + id('$undef', TrUserData), + id('$undef', TrUserData), + id('$undef', TrUserData), + id('$undef', TrUserData), + id('$undef', TrUserData), + id([], TrUserData), + id('$undef', TrUserData), + id('$undef', TrUserData), + id([], TrUserData), + TrUserData). + +dfp_read_field_def_SecurityAdvisory(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + d_field_SecurityAdvisory_id(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + d_field_SecurityAdvisory_summary(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<26, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + d_field_SecurityAdvisory_html_url(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + d_field_SecurityAdvisory_severity(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<45, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + d_field_SecurityAdvisory_cvss_score(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<50, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + d_field_SecurityAdvisory_api_url(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<58, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + d_field_SecurityAdvisory_aliases(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<66, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + d_field_SecurityAdvisory_published_at(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<74, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + d_field_SecurityAdvisory_modified_at(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<82, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + d_field_SecurityAdvisory_references(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, R1, F@_8, F@_9, R2, TrUserData) -> + S1 = #{id => F@_1, summary => F@_2, html_url => F@_3, api_url => F@_6, aliases => lists_reverse(R1, TrUserData)}, S2 = if F@_4 == '$undef' -> S1; true -> S1#{severity => F@_4} end, - if F@_5 == '$undef' -> S2; - true -> S2#{cvss_score => F@_5} + S3 = if F@_5 == '$undef' -> S2; + true -> S2#{cvss_score => F@_5} + end, + S4 = if F@_8 == '$undef' -> S3; + true -> S3#{published_at => F@_8} + end, + S5 = if F@_9 == '$undef' -> S4; + true -> S4#{modified_at => F@_9} + end, + if R2 == '$undef' -> S5; + true -> S5#{references => lists_reverse(R2, TrUserData)} end; -dfp_read_field_def_SecurityAdvisory(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> dg_read_field_def_SecurityAdvisory(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). +dfp_read_field_def_SecurityAdvisory(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + dg_read_field_def_SecurityAdvisory(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). -dg_read_field_def_SecurityAdvisory(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 32 - 7 -> - dg_read_field_def_SecurityAdvisory(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -dg_read_field_def_SecurityAdvisory(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> +dg_read_field_def_SecurityAdvisory(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 32 - 7 -> + dg_read_field_def_SecurityAdvisory(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +dg_read_field_def_SecurityAdvisory(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> Key = X bsl N + Acc, case Key of - 10 -> d_field_SecurityAdvisory_id(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); - 18 -> d_field_SecurityAdvisory_summary(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); - 26 -> d_field_SecurityAdvisory_html_url(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); - 32 -> d_field_SecurityAdvisory_severity(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); - 45 -> d_field_SecurityAdvisory_cvss_score(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); - 50 -> d_field_SecurityAdvisory_api_url(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 10 -> d_field_SecurityAdvisory_id(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 18 -> d_field_SecurityAdvisory_summary(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 26 -> d_field_SecurityAdvisory_html_url(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 32 -> d_field_SecurityAdvisory_severity(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 45 -> d_field_SecurityAdvisory_cvss_score(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 50 -> d_field_SecurityAdvisory_api_url(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 58 -> d_field_SecurityAdvisory_aliases(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 66 -> d_field_SecurityAdvisory_published_at(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 74 -> d_field_SecurityAdvisory_modified_at(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 82 -> d_field_SecurityAdvisory_references(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); _ -> case Key band 7 of - 0 -> skip_varint_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); - 1 -> skip_64_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); - 2 -> skip_length_delimited_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); - 3 -> skip_group_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); - 5 -> skip_32_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) + 0 -> skip_varint_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 1 -> skip_64_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 2 -> skip_length_delimited_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 3 -> skip_group_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 5 -> skip_32_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) end end; -dg_read_field_def_SecurityAdvisory(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, _) -> - S1 = #{id => F@_1, summary => F@_2, html_url => F@_3, api_url => F@_6}, +dg_read_field_def_SecurityAdvisory(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, R1, F@_8, F@_9, R2, TrUserData) -> + S1 = #{id => F@_1, summary => F@_2, html_url => F@_3, api_url => F@_6, aliases => lists_reverse(R1, TrUserData)}, S2 = if F@_4 == '$undef' -> S1; true -> S1#{severity => F@_4} end, - if F@_5 == '$undef' -> S2; - true -> S2#{cvss_score => F@_5} + S3 = if F@_5 == '$undef' -> S2; + true -> S2#{cvss_score => F@_5} + end, + S4 = if F@_8 == '$undef' -> S3; + true -> S3#{published_at => F@_8} + end, + S5 = if F@_9 == '$undef' -> S4; + true -> S4#{modified_at => F@_9} + end, + if R2 == '$undef' -> S5; + true -> S5#{references => lists_reverse(R2, TrUserData)} end. -d_field_SecurityAdvisory_id(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_SecurityAdvisory_id(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -d_field_SecurityAdvisory_id(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> +d_field_SecurityAdvisory_id(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_id(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +d_field_SecurityAdvisory_id(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, NewFValue, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, NewFValue, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). -d_field_SecurityAdvisory_summary(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_SecurityAdvisory_summary(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -d_field_SecurityAdvisory_summary(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, F@_3, F@_4, F@_5, F@_6, TrUserData) -> +d_field_SecurityAdvisory_summary(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_summary(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +d_field_SecurityAdvisory_summary(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, NewFValue, F@_3, F@_4, F@_5, F@_6, TrUserData). + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, NewFValue, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). -d_field_SecurityAdvisory_html_url(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_SecurityAdvisory_html_url(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -d_field_SecurityAdvisory_html_url(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, _, F@_4, F@_5, F@_6, TrUserData) -> +d_field_SecurityAdvisory_html_url(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_html_url(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +d_field_SecurityAdvisory_html_url(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, _, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, NewFValue, F@_4, F@_5, F@_6, TrUserData). + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, NewFValue, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). -d_field_SecurityAdvisory_severity(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_SecurityAdvisory_severity(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -d_field_SecurityAdvisory_severity(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, _, F@_5, F@_6, TrUserData) -> +d_field_SecurityAdvisory_severity(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_severity(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +d_field_SecurityAdvisory_severity(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, _, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> {NewFValue, RestF} = {id(d_enum_AdvisorySeverity(begin <> = <<(X bsl N + Acc):32/unsigned-native>>, id(Res, TrUserData) end), TrUserData), Rest}, - dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, NewFValue, F@_5, F@_6, TrUserData). - -d_field_SecurityAdvisory_cvss_score(<<0:16, 128, 127, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, TrUserData) -> dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(infinity, TrUserData), F@_6, TrUserData); -d_field_SecurityAdvisory_cvss_score(<<0:16, 128, 255, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, TrUserData) -> - dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id('-infinity', TrUserData), F@_6, TrUserData); -d_field_SecurityAdvisory_cvss_score(<<_:16, 1:1, _:7, _:1, 127:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, TrUserData) -> - dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(nan, TrUserData), F@_6, TrUserData); -d_field_SecurityAdvisory_cvss_score(<>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, TrUserData) -> - dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(Value, TrUserData), F@_6, TrUserData). - -d_field_SecurityAdvisory_api_url(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_SecurityAdvisory_api_url(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -d_field_SecurityAdvisory_api_url(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, _, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, NewFValue, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). + +d_field_SecurityAdvisory_cvss_score(<<0:16, 128, 127, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(infinity, TrUserData), F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +d_field_SecurityAdvisory_cvss_score(<<0:16, 128, 255, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id('-infinity', TrUserData), F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +d_field_SecurityAdvisory_cvss_score(<<_:16, 1:1, _:7, _:1, 127:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(nan, TrUserData), F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +d_field_SecurityAdvisory_cvss_score(<>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(Value, TrUserData), F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). + +d_field_SecurityAdvisory_api_url(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_api_url(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +d_field_SecurityAdvisory_api_url(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, _, F@_7, F@_8, F@_9, F@_10, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, NewFValue, TrUserData). + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, NewFValue, F@_7, F@_8, F@_9, F@_10, TrUserData). -skip_varint_SecurityAdvisory(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> skip_varint_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -skip_varint_SecurityAdvisory(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). +d_field_SecurityAdvisory_aliases(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_aliases(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +d_field_SecurityAdvisory_aliases(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, Prev, F@_8, F@_9, F@_10, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, cons(NewFValue, Prev, TrUserData), F@_8, F@_9, F@_10, TrUserData). -skip_length_delimited_SecurityAdvisory(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> - skip_length_delimited_SecurityAdvisory(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); -skip_length_delimited_SecurityAdvisory(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> +d_field_SecurityAdvisory_published_at(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_published_at(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +d_field_SecurityAdvisory_published_at(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, Prev, F@_9, F@_10, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, {id(decode_msg_Timestamp(Bs, TrUserData), TrUserData), Rest2} end, + dfp_read_field_def_SecurityAdvisory(RestF, + 0, + 0, + F, + F@_1, + F@_2, + F@_3, + F@_4, + F@_5, + F@_6, + F@_7, + if Prev == '$undef' -> NewFValue; + true -> merge_msg_Timestamp(Prev, NewFValue, TrUserData) + end, + F@_9, + F@_10, + TrUserData). + +d_field_SecurityAdvisory_modified_at(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_modified_at(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +d_field_SecurityAdvisory_modified_at(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, Prev, F@_10, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, {id(decode_msg_Timestamp(Bs, TrUserData), TrUserData), Rest2} end, + dfp_read_field_def_SecurityAdvisory(RestF, + 0, + 0, + F, + F@_1, + F@_2, + F@_3, + F@_4, + F@_5, + F@_6, + F@_7, + F@_8, + if Prev == '$undef' -> NewFValue; + true -> merge_msg_Timestamp(Prev, NewFValue, TrUserData) + end, + F@_10, + TrUserData). + +d_field_SecurityAdvisory_references(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_references(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +d_field_SecurityAdvisory_references(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, Prev, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, {id(decode_msg_AdvisoryReference(Bs, TrUserData), TrUserData), Rest2} end, + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, cons(NewFValue, Prev, TrUserData), TrUserData). + +skip_varint_SecurityAdvisory(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + skip_varint_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +skip_varint_SecurityAdvisory(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). + +skip_length_delimited_SecurityAdvisory(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> + skip_length_delimited_SecurityAdvisory(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); +skip_length_delimited_SecurityAdvisory(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> Length = X bsl N + Acc, <<_:Length/binary, Rest2/binary>> = Rest, - dfp_read_field_def_SecurityAdvisory(Rest2, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). + dfp_read_field_def_SecurityAdvisory(Rest2, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). -skip_group_SecurityAdvisory(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> +skip_group_SecurityAdvisory(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> {_, Rest} = read_group(Bin, FNum), - dfp_read_field_def_SecurityAdvisory(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). + dfp_read_field_def_SecurityAdvisory(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). + +skip_32_SecurityAdvisory(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). + +skip_64_SecurityAdvisory(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). -skip_32_SecurityAdvisory(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). +decode_msg_AdvisoryReference(Bin, TrUserData) -> dfp_read_field_def_AdvisoryReference(Bin, 0, 0, 0, id('$undef', TrUserData), id('$undef', TrUserData), TrUserData). -skip_64_SecurityAdvisory(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). +dfp_read_field_def_AdvisoryReference(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> d_field_AdvisoryReference_type(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData); +dfp_read_field_def_AdvisoryReference(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> d_field_AdvisoryReference_url(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData); +dfp_read_field_def_AdvisoryReference(<<>>, 0, 0, _, F@_1, F@_2, _) -> #{type => F@_1, url => F@_2}; +dfp_read_field_def_AdvisoryReference(Other, Z1, Z2, F, F@_1, F@_2, TrUserData) -> dg_read_field_def_AdvisoryReference(Other, Z1, Z2, F, F@_1, F@_2, TrUserData). + +dg_read_field_def_AdvisoryReference(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, TrUserData) when N < 32 - 7 -> dg_read_field_def_AdvisoryReference(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, TrUserData); +dg_read_field_def_AdvisoryReference(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, TrUserData) -> + Key = X bsl N + Acc, + case Key of + 10 -> d_field_AdvisoryReference_type(Rest, 0, 0, 0, F@_1, F@_2, TrUserData); + 18 -> d_field_AdvisoryReference_url(Rest, 0, 0, 0, F@_1, F@_2, TrUserData); + _ -> + case Key band 7 of + 0 -> skip_varint_AdvisoryReference(Rest, 0, 0, Key bsr 3, F@_1, F@_2, TrUserData); + 1 -> skip_64_AdvisoryReference(Rest, 0, 0, Key bsr 3, F@_1, F@_2, TrUserData); + 2 -> skip_length_delimited_AdvisoryReference(Rest, 0, 0, Key bsr 3, F@_1, F@_2, TrUserData); + 3 -> skip_group_AdvisoryReference(Rest, 0, 0, Key bsr 3, F@_1, F@_2, TrUserData); + 5 -> skip_32_AdvisoryReference(Rest, 0, 0, Key bsr 3, F@_1, F@_2, TrUserData) + end + end; +dg_read_field_def_AdvisoryReference(<<>>, 0, 0, _, F@_1, F@_2, _) -> #{type => F@_1, url => F@_2}. + +d_field_AdvisoryReference_type(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, TrUserData) when N < 57 -> d_field_AdvisoryReference_type(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, TrUserData); +d_field_AdvisoryReference_type(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, + dfp_read_field_def_AdvisoryReference(RestF, 0, 0, F, NewFValue, F@_2, TrUserData). + +d_field_AdvisoryReference_url(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, TrUserData) when N < 57 -> d_field_AdvisoryReference_url(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, TrUserData); +d_field_AdvisoryReference_url(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, + dfp_read_field_def_AdvisoryReference(RestF, 0, 0, F, F@_1, NewFValue, TrUserData). + +skip_varint_AdvisoryReference(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> skip_varint_AdvisoryReference(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData); +skip_varint_AdvisoryReference(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> dfp_read_field_def_AdvisoryReference(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData). + +skip_length_delimited_AdvisoryReference(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, TrUserData) when N < 57 -> skip_length_delimited_AdvisoryReference(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, TrUserData); +skip_length_delimited_AdvisoryReference(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, TrUserData) -> + Length = X bsl N + Acc, + <<_:Length/binary, Rest2/binary>> = Rest, + dfp_read_field_def_AdvisoryReference(Rest2, 0, 0, F, F@_1, F@_2, TrUserData). + +skip_group_AdvisoryReference(Bin, _, Z2, FNum, F@_1, F@_2, TrUserData) -> + {_, Rest} = read_group(Bin, FNum), + dfp_read_field_def_AdvisoryReference(Rest, 0, Z2, FNum, F@_1, F@_2, TrUserData). + +skip_32_AdvisoryReference(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> dfp_read_field_def_AdvisoryReference(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData). + +skip_64_AdvisoryReference(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> dfp_read_field_def_AdvisoryReference(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData). decode_msg_Dependency(Bin, TrUserData) -> dfp_read_field_def_Dependency(Bin, 0, 0, 0, id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), TrUserData). @@ -1047,6 +1284,7 @@ merge_msgs(Prev, New, MsgName, Opts) -> 'Release' -> merge_msg_Release(Prev, New, TrUserData); 'RetirementStatus' -> merge_msg_RetirementStatus(Prev, New, TrUserData); 'SecurityAdvisory' -> merge_msg_SecurityAdvisory(Prev, New, TrUserData); + 'AdvisoryReference' -> merge_msg_AdvisoryReference(Prev, New, TrUserData); 'Dependency' -> merge_msg_Dependency(Prev, New, TrUserData); 'Timestamp' -> merge_msg_Timestamp(Prev, New, TrUserData) end. @@ -1110,19 +1348,46 @@ merge_msg_RetirementStatus(#{} = PMsg, #{reason := NFreason} = NMsg, _) -> end. -compile({nowarn_unused_function,merge_msg_SecurityAdvisory/3}). -merge_msg_SecurityAdvisory(#{} = PMsg, #{id := NFid, summary := NFsummary, html_url := NFhtml_url, api_url := NFapi_url} = NMsg, _) -> +merge_msg_SecurityAdvisory(#{} = PMsg, #{id := NFid, summary := NFsummary, html_url := NFhtml_url, api_url := NFapi_url} = NMsg, TrUserData) -> S1 = #{id => NFid, summary => NFsummary, html_url => NFhtml_url, api_url => NFapi_url}, S2 = case {PMsg, NMsg} of {_, #{severity := NFseverity}} -> S1#{severity => NFseverity}; {#{severity := PFseverity}, _} -> S1#{severity => PFseverity}; _ -> S1 end, + S3 = case {PMsg, NMsg} of + {_, #{cvss_score := NFcvss_score}} -> S2#{cvss_score => NFcvss_score}; + {#{cvss_score := PFcvss_score}, _} -> S2#{cvss_score => PFcvss_score}; + _ -> S2 + end, + S4 = case {PMsg, NMsg} of + {#{aliases := PFaliases}, #{aliases := NFaliases}} -> S3#{aliases => 'erlang_++'(PFaliases, NFaliases, TrUserData)}; + {_, #{aliases := NFaliases}} -> S3#{aliases => NFaliases}; + {#{aliases := PFaliases}, _} -> S3#{aliases => PFaliases}; + {_, _} -> S3 + end, + S5 = case {PMsg, NMsg} of + {#{published_at := PFpublished_at}, #{published_at := NFpublished_at}} -> S4#{published_at => merge_msg_Timestamp(PFpublished_at, NFpublished_at, TrUserData)}; + {_, #{published_at := NFpublished_at}} -> S4#{published_at => NFpublished_at}; + {#{published_at := PFpublished_at}, _} -> S4#{published_at => PFpublished_at}; + {_, _} -> S4 + end, + S6 = case {PMsg, NMsg} of + {#{modified_at := PFmodified_at}, #{modified_at := NFmodified_at}} -> S5#{modified_at => merge_msg_Timestamp(PFmodified_at, NFmodified_at, TrUserData)}; + {_, #{modified_at := NFmodified_at}} -> S5#{modified_at => NFmodified_at}; + {#{modified_at := PFmodified_at}, _} -> S5#{modified_at => PFmodified_at}; + {_, _} -> S5 + end, case {PMsg, NMsg} of - {_, #{cvss_score := NFcvss_score}} -> S2#{cvss_score => NFcvss_score}; - {#{cvss_score := PFcvss_score}, _} -> S2#{cvss_score => PFcvss_score}; - _ -> S2 + {#{references := PFreferences}, #{references := NFreferences}} -> S6#{references => 'erlang_++'(PFreferences, NFreferences, TrUserData)}; + {_, #{references := NFreferences}} -> S6#{references => NFreferences}; + {#{references := PFreferences}, _} -> S6#{references => PFreferences}; + {_, _} -> S6 end. +-compile({nowarn_unused_function,merge_msg_AdvisoryReference/3}). +merge_msg_AdvisoryReference(#{}, #{type := NFtype, url := NFurl}, _) -> #{type => NFtype, url => NFurl}. + -compile({nowarn_unused_function,merge_msg_Dependency/3}). merge_msg_Dependency(#{} = PMsg, #{package := NFpackage, requirement := NFrequirement} = NMsg, _) -> S1 = #{package => NFpackage, requirement => NFrequirement}, @@ -1155,6 +1420,7 @@ verify_msg(Msg, MsgName, Opts) -> 'Release' -> v_msg_Release(Msg, [MsgName], TrUserData); 'RetirementStatus' -> v_msg_RetirementStatus(Msg, [MsgName], TrUserData); 'SecurityAdvisory' -> v_msg_SecurityAdvisory(Msg, [MsgName], TrUserData); + 'AdvisoryReference' -> v_msg_AdvisoryReference(Msg, [MsgName], TrUserData); 'Dependency' -> v_msg_Dependency(Msg, [MsgName], TrUserData); 'Timestamp' -> v_msg_Timestamp(Msg, [MsgName], TrUserData); _ -> mk_type_error(not_a_known_message, Msg, []) @@ -1281,12 +1547,42 @@ v_msg_SecurityAdvisory(#{id := F1, summary := F2, html_url := F3, api_url := F6} _ -> ok end, v_type_string(F6, [api_url | Path], TrUserData), + case M of + #{aliases := F7} -> + if is_list(F7) -> + _ = [v_type_string(Elem, [aliases | Path], TrUserData) || Elem <- F7], + ok; + true -> mk_type_error({invalid_list_of, string}, F7, [aliases | Path]) + end; + _ -> ok + end, + case M of + #{published_at := F8} -> v_submsg_Timestamp(F8, [published_at | Path], TrUserData); + _ -> ok + end, + case M of + #{modified_at := F9} -> v_submsg_Timestamp(F9, [modified_at | Path], TrUserData); + _ -> ok + end, + case M of + #{references := F10} -> + if is_list(F10) -> + _ = [v_submsg_AdvisoryReference(Elem, [references | Path], TrUserData) || Elem <- F10], + ok; + true -> mk_type_error({invalid_list_of, {msg, 'AdvisoryReference'}}, F10, [references | Path]) + end; + _ -> ok + end, lists:foreach(fun (id) -> ok; (summary) -> ok; (html_url) -> ok; (severity) -> ok; (cvss_score) -> ok; (api_url) -> ok; + (aliases) -> ok; + (published_at) -> ok; + (modified_at) -> ok; + (references) -> ok; (OtherKey) -> mk_type_error({extraneous_key, OtherKey}, M, Path) end, maps:keys(M)), @@ -1294,6 +1590,22 @@ v_msg_SecurityAdvisory(#{id := F1, summary := F2, html_url := F3, api_url := F6} v_msg_SecurityAdvisory(M, Path, _TrUserData) when is_map(M) -> mk_type_error({missing_fields, [id, summary, html_url, api_url] -- maps:keys(M), 'SecurityAdvisory'}, M, Path); v_msg_SecurityAdvisory(X, Path, _TrUserData) -> mk_type_error({expected_msg, 'SecurityAdvisory'}, X, Path). +-compile({nowarn_unused_function,v_submsg_AdvisoryReference/3}). +v_submsg_AdvisoryReference(Msg, Path, TrUserData) -> v_msg_AdvisoryReference(Msg, Path, TrUserData). + +-compile({nowarn_unused_function,v_msg_AdvisoryReference/3}). +v_msg_AdvisoryReference(#{type := F1, url := F2} = M, Path, TrUserData) -> + v_type_string(F1, [type | Path], TrUserData), + v_type_string(F2, [url | Path], TrUserData), + lists:foreach(fun (type) -> ok; + (url) -> ok; + (OtherKey) -> mk_type_error({extraneous_key, OtherKey}, M, Path) + end, + maps:keys(M)), + ok; +v_msg_AdvisoryReference(M, Path, _TrUserData) when is_map(M) -> mk_type_error({missing_fields, [type, url] -- maps:keys(M), 'AdvisoryReference'}, M, Path); +v_msg_AdvisoryReference(X, Path, _TrUserData) -> mk_type_error({expected_msg, 'AdvisoryReference'}, X, Path). + -compile({nowarn_unused_function,v_submsg_Dependency/3}). v_submsg_Dependency(Msg, Path, TrUserData) -> v_msg_Dependency(Msg, Path, TrUserData). @@ -1463,7 +1775,12 @@ get_msg_defs() -> #{name => html_url, fnum => 3, rnum => 4, type => string, occurrence => required, opts => []}, #{name => severity, fnum => 4, rnum => 5, type => {enum, 'AdvisorySeverity'}, occurrence => optional, opts => []}, #{name => cvss_score, fnum => 5, rnum => 6, type => float, occurrence => optional, opts => []}, - #{name => api_url, fnum => 6, rnum => 7, type => string, occurrence => required, opts => []}]}, + #{name => api_url, fnum => 6, rnum => 7, type => string, occurrence => required, opts => []}, + #{name => aliases, fnum => 7, rnum => 8, type => string, occurrence => repeated, opts => []}, + #{name => published_at, fnum => 8, rnum => 9, type => {msg, 'Timestamp'}, occurrence => optional, opts => []}, + #{name => modified_at, fnum => 9, rnum => 10, type => {msg, 'Timestamp'}, occurrence => optional, opts => []}, + #{name => references, fnum => 10, rnum => 11, type => {msg, 'AdvisoryReference'}, occurrence => repeated, opts => []}]}, + {{msg, 'AdvisoryReference'}, [#{name => type, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => url, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}]}, {{msg, 'Dependency'}, [#{name => package, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => requirement, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}, @@ -1473,13 +1790,13 @@ get_msg_defs() -> {{msg, 'Timestamp'}, [#{name => seconds, fnum => 1, rnum => 2, type => int64, occurrence => required, opts => []}, #{name => nanos, fnum => 2, rnum => 3, type => int32, occurrence => required, opts => []}]}]. -get_msg_names() -> ['Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'Dependency', 'Timestamp']. +get_msg_names() -> ['Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'AdvisoryReference', 'Dependency', 'Timestamp']. get_group_names() -> []. -get_msg_or_group_names() -> ['Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'Dependency', 'Timestamp']. +get_msg_or_group_names() -> ['Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'AdvisoryReference', 'Dependency', 'Timestamp']. get_enum_names() -> ['RetirementReason', 'AdvisorySeverity']. @@ -1519,7 +1836,12 @@ find_msg_def('SecurityAdvisory') -> #{name => html_url, fnum => 3, rnum => 4, type => string, occurrence => required, opts => []}, #{name => severity, fnum => 4, rnum => 5, type => {enum, 'AdvisorySeverity'}, occurrence => optional, opts => []}, #{name => cvss_score, fnum => 5, rnum => 6, type => float, occurrence => optional, opts => []}, - #{name => api_url, fnum => 6, rnum => 7, type => string, occurrence => required, opts => []}]; + #{name => api_url, fnum => 6, rnum => 7, type => string, occurrence => required, opts => []}, + #{name => aliases, fnum => 7, rnum => 8, type => string, occurrence => repeated, opts => []}, + #{name => published_at, fnum => 8, rnum => 9, type => {msg, 'Timestamp'}, occurrence => optional, opts => []}, + #{name => modified_at, fnum => 9, rnum => 10, type => {msg, 'Timestamp'}, occurrence => optional, opts => []}, + #{name => references, fnum => 10, rnum => 11, type => {msg, 'AdvisoryReference'}, occurrence => repeated, opts => []}]; +find_msg_def('AdvisoryReference') -> [#{name => type, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => url, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}]; find_msg_def('Dependency') -> [#{name => package, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => requirement, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}, @@ -1617,6 +1939,7 @@ fqbin_to_msg_name(<<"Package">>) -> 'Package'; fqbin_to_msg_name(<<"Release">>) -> 'Release'; fqbin_to_msg_name(<<"RetirementStatus">>) -> 'RetirementStatus'; fqbin_to_msg_name(<<"SecurityAdvisory">>) -> 'SecurityAdvisory'; +fqbin_to_msg_name(<<"AdvisoryReference">>) -> 'AdvisoryReference'; fqbin_to_msg_name(<<"Dependency">>) -> 'Dependency'; fqbin_to_msg_name(<<"Timestamp">>) -> 'Timestamp'; fqbin_to_msg_name(E) -> error({gpb_error, {badmsg, E}}). @@ -1626,6 +1949,7 @@ msg_name_to_fqbin('Package') -> <<"Package">>; msg_name_to_fqbin('Release') -> <<"Release">>; msg_name_to_fqbin('RetirementStatus') -> <<"RetirementStatus">>; msg_name_to_fqbin('SecurityAdvisory') -> <<"SecurityAdvisory">>; +msg_name_to_fqbin('AdvisoryReference') -> <<"AdvisoryReference">>; msg_name_to_fqbin('Dependency') -> <<"Dependency">>; msg_name_to_fqbin('Timestamp') -> <<"Timestamp">>; msg_name_to_fqbin(E) -> error({gpb_error, {badmsg, E}}). @@ -1668,7 +1992,7 @@ get_all_source_basenames() -> ["hex_pb_package.proto"]. get_all_proto_names() -> ["hex_pb_package"]. -get_msg_containment("hex_pb_package") -> ['Dependency', 'Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'Timestamp']; +get_msg_containment("hex_pb_package") -> ['AdvisoryReference', 'Dependency', 'Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'Timestamp']; get_msg_containment(P) -> error({gpb_error, {badproto, P}}). @@ -1692,6 +2016,7 @@ get_proto_by_msg_name_as_fqbin(<<"Timestamp">>) -> "hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"RetirementStatus">>) -> "hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"Release">>) -> "hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"Package">>) -> "hex_pb_package"; +get_proto_by_msg_name_as_fqbin(<<"AdvisoryReference">>) -> "hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"SecurityAdvisory">>) -> "hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"Dependency">>) -> "hex_pb_package"; get_proto_by_msg_name_as_fqbin(E) -> error({gpb_error, {badmsg, E}}). From 80a5fa445a805b3343fd73b000cecf296d33fe0f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eric=20Meadows-J=C3=B6nsson?= Date: Tue, 19 May 2026 19:03:07 +0200 Subject: [PATCH 2/8] Add hex_advisory:group_for_display/1 for advisory dedup --- src/hex_advisory.erl | 178 ++++++++++++++++++++++++++++++++++++ test/hex_advisory_SUITE.erl | 126 +++++++++++++++++++++++++ 2 files changed, 304 insertions(+) create mode 100644 src/hex_advisory.erl create mode 100644 test/hex_advisory_SUITE.erl diff --git a/src/hex_advisory.erl b/src/hex_advisory.erl new file mode 100644 index 0000000..c7d465e --- /dev/null +++ b/src/hex_advisory.erl @@ -0,0 +1,178 @@ +%% @doc +%% Display-time deduplication of security advisories. +%% +%% Multiple advisory sources (EEF, GHSA, NVD, ...) can publish the same +%% vulnerability under different identifiers and cross-reference each other +%% via the `aliases' field. `group_for_display/1' groups such advisories, +%% picks a deterministic primary, and merges references and timestamps so +%% callers can render one entry per vulnerability. +-module(hex_advisory). +-export([group_for_display/1]). + +-type advisory() :: map(). +-type group() :: map(). + +-spec group_for_display([advisory()]) -> [group()]. +group_for_display(Advisories) -> + %% Preserve input order of first member per group. + {GroupOrder, GroupsByKey} = + lists:foldl( + fun(Adv, {Order, Map}) -> + Key = group_key(Adv), + case maps:is_key(Key, Map) of + true -> + Existing = maps:get(Key, Map), + {Order, Map#{Key := Existing ++ [Adv]}}; + false -> + {Order ++ [Key], Map#{Key => [Adv]}} + end + end, + {[], #{}}, + Advisories + ), + [merge_group(maps:get(Key, GroupsByKey)) || Key <- GroupOrder]. + +%%==================================================================== +%% Grouping +%%==================================================================== + +%% Key is the first CVE-prefixed identifier across {id, aliases}, else id. +group_key(#{id := Id} = Adv) -> + Ids = [Id | maps:get(aliases, Adv, [])], + case lists:dropwhile(fun(I) -> not is_cve(I) end, Ids) of + [Cve | _] -> Cve; + [] -> Id + end. + +is_cve(<<"CVE-", _/binary>>) -> true; +is_cve(_) -> false. + +%%==================================================================== +%% Merging +%%==================================================================== + +merge_group(Advisories) -> + Primary = pick_primary(Advisories), + Rest = [A || A <- Advisories, maps:get(id, A) =/= maps:get(id, Primary)], + Ordered = [Primary | Rest], + Primary#{ + aliases => display_aliases(Primary, Ordered), + published_at => min_timestamp(Ordered), + modified_at => max_timestamp(Ordered), + references => merge_references(Ordered) + }. + +pick_primary(Advisories) -> + [Primary | _] = lists:sort( + fun(A, B) -> source_key(A) =< source_key(B) end, + Advisories + ), + Primary. + +source_key(#{id := Id}) -> {source_priority(Id), Id}. + +source_priority(<<"EEF-", _/binary>>) -> 0; +source_priority(<<"GHSA-", _/binary>>) -> 1; +source_priority(<<"NVD-", _/binary>>) -> 2; +source_priority(_) -> 3. + +%%==================================================================== +%% Aliases +%%==================================================================== + +display_aliases(Primary, Advisories) -> + PrimaryId = maps:get(id, Primary), + AdvisoryIds = sets:from_list([maps:get(id, A) || A <- Advisories]), + AllIds = lists:flatmap(fun identifiers/1, Advisories), + Unique = uniq(AllIds), + [ + #{ + id => Id, + url => alias_url(Id, AdvisoryIds) + } + || Id <- Unique, Id =/= PrimaryId + ]. + +identifiers(Advisory) -> + [maps:get(id, Advisory) | maps:get(aliases, Advisory, [])]. + +alias_url(Id, AdvisoryIds) -> + case sets:is_element(Id, AdvisoryIds) of + true -> + Encoded = uri_string:quote(Id), + <<"https://osv.dev/vulnerability/", Encoded/binary>>; + false -> + undefined + end. + +%%==================================================================== +%% Timestamps +%%==================================================================== + +min_timestamp(Advisories) -> + aggregate_timestamp(Advisories, published_at, fun erlang:'<'/2). + +max_timestamp(Advisories) -> + aggregate_timestamp(Advisories, modified_at, fun erlang:'>'/2). + +aggregate_timestamp(Advisories, Field, Cmp) -> + Stamps = [T || A <- Advisories, (T = maps:get(Field, A, undefined)) =/= undefined], + case Stamps of + [] -> + undefined; + [First | Rest] -> + lists:foldl( + fun(T, Acc) -> + case Cmp(ts_tuple(T), ts_tuple(Acc)) of + true -> T; + false -> Acc + end + end, + First, + Rest + ) + end. + +ts_tuple(#{seconds := S, nanos := N}) -> {S, N}; +ts_tuple(#{seconds := S}) -> {S, 0}. + +%%==================================================================== +%% References +%%==================================================================== + +merge_references(Advisories) -> + AllRefs = lists:flatmap(fun(A) -> maps:get(references, A, []) end, Advisories), + {UrlOrder, ByUrl} = + lists:foldl( + fun(#{url := Url, type := Type}, {Order, Map}) -> + case maps:is_key(Url, Map) of + true -> + Existing = maps:get(Url, Map), + Map2 = Map#{Url := uniq(Existing ++ [Type])}, + {Order, Map2}; + false -> + {Order ++ [Url], Map#{Url => [Type]}} + end + end, + {[], #{}}, + AllRefs + ), + [#{url => Url, types => maps:get(Url, ByUrl)} || Url <- UrlOrder]. + +%%==================================================================== +%% Misc +%%==================================================================== + +uniq(List) -> + {_, Out} = + lists:foldl( + fun(X, {Seen, Acc}) -> + case sets:is_element(X, Seen) of + true -> {Seen, Acc}; + false -> {sets:add_element(X, Seen), Acc ++ [X]} + end + end, + {sets:new(), []}, + List + ), + Out. diff --git a/test/hex_advisory_SUITE.erl b/test/hex_advisory_SUITE.erl new file mode 100644 index 0000000..3ec30c8 --- /dev/null +++ b/test/hex_advisory_SUITE.erl @@ -0,0 +1,126 @@ +-module(hex_advisory_SUITE). + +-compile([export_all]). + +-include_lib("eunit/include/eunit.hrl"). +-include_lib("common_test/include/ct.hrl"). + +all() -> + [ + identity_when_no_aliases, + groups_advisories_sharing_cve_alias, + prefers_eef_over_ghsa_over_nvd, + breaks_same_source_ties_by_id_ascending, + attaches_osv_url_only_to_alias_ids_that_are_group_members, + merges_references_by_url_accumulating_types, + min_published_at_max_modified_at, + missing_timestamps_yield_undefined + ]. + +identity_when_no_aliases(_Config) -> + A = base_advisory(<<"GHSA-aaaa-1111-bbbb">>, <<"single">>, []), + [Result] = hex_advisory:group_for_display([A]), + ?assertEqual(<<"GHSA-aaaa-1111-bbbb">>, maps:get(id, Result)), + ?assertEqual([], maps:get(aliases, Result)), + ok. + +groups_advisories_sharing_cve_alias(_Config) -> + A = base_advisory(<<"GHSA-aaaa-1111-bbbb">>, <<"A">>, [<<"CVE-2026-0001">>]), + B = base_advisory(<<"GHSA-cccc-2222-dddd">>, <<"B">>, [<<"CVE-2026-0001">>]), + [Result] = hex_advisory:group_for_display([A, B]), + %% Same source priority (GHSA-), tie-break by id ascending → A wins + ?assertEqual(<<"GHSA-aaaa-1111-bbbb">>, maps:get(id, Result)), + AliasIds = [maps:get(id, Alias) || Alias <- maps:get(aliases, Result)], + ?assertEqual( + lists:sort([<<"CVE-2026-0001">>, <<"GHSA-cccc-2222-dddd">>]), + lists:sort(AliasIds) + ), + ok. + +prefers_eef_over_ghsa_over_nvd(_Config) -> + Eef = base_advisory(<<"EEF-CVE-2026-9">>, <<"E">>, [<<"CVE-2026-9">>]), + Ghsa = base_advisory(<<"GHSA-zzzz-9999-zzzz">>, <<"G">>, [<<"CVE-2026-9">>]), + Nvd = base_advisory(<<"NVD-CVE-2026-9">>, <<"N">>, [<<"CVE-2026-9">>]), + [Result] = hex_advisory:group_for_display([Nvd, Ghsa, Eef]), + ?assertEqual(<<"EEF-CVE-2026-9">>, maps:get(id, Result)), + ok. + +breaks_same_source_ties_by_id_ascending(_Config) -> + A = base_advisory(<<"OTHER-2026-0002">>, <<"A">>, [<<"CVE-2026-0002">>]), + B = base_advisory(<<"OTHER-2026-0001">>, <<"B">>, [<<"CVE-2026-0002">>]), + [Result] = hex_advisory:group_for_display([A, B]), + ?assertEqual(<<"OTHER-2026-0001">>, maps:get(id, Result)), + ok. + +attaches_osv_url_only_to_alias_ids_that_are_group_members(_Config) -> + A = base_advisory(<<"GHSA-aaaa-1111-bbbb">>, <<"A">>, [<<"CVE-2026-0001">>]), + B = base_advisory(<<"GHSA-cccc-2222-dddd">>, <<"B">>, [<<"CVE-2026-0001">>]), + [Result] = hex_advisory:group_for_display([A, B]), + ByName = maps:from_list([{maps:get(id, X), X} || X <- maps:get(aliases, Result)]), + %% GHSA-cccc-2222-dddd is itself an advisory in the group → has osv.dev url + Ghsa = maps:get(<<"GHSA-cccc-2222-dddd">>, ByName), + ?assertEqual( + <<"https://osv.dev/vulnerability/GHSA-cccc-2222-dddd">>, + maps:get(url, Ghsa) + ), + %% CVE-2026-0001 was only an alias string → no url + Cve = maps:get(<<"CVE-2026-0001">>, ByName), + ?assertEqual(undefined, maps:get(url, Cve)), + ok. + +merges_references_by_url_accumulating_types(_Config) -> + RefsA = [ + #{type => <<"WEB">>, url => <<"https://example.com/advisory">>}, + #{type => <<"ADVISORY">>, url => <<"https://shared.example.com/1">>} + ], + RefsB = [ + #{type => <<"FIX">>, url => <<"https://shared.example.com/1">>}, + #{type => <<"WEB">>, url => <<"https://other.example.com/2">>} + ], + A = (base_advisory(<<"GHSA-a">>, <<"A">>, [<<"CVE-2026-0001">>]))#{references => RefsA}, + B = (base_advisory(<<"GHSA-b">>, <<"B">>, [<<"CVE-2026-0001">>]))#{references => RefsB}, + [Result] = hex_advisory:group_for_display([A, B]), + ByUrl = maps:from_list( + [{maps:get(url, R), maps:get(types, R)} || R <- maps:get(references, Result)] + ), + ?assertEqual(3, maps:size(ByUrl)), + ?assertEqual([<<"WEB">>], maps:get(<<"https://example.com/advisory">>, ByUrl)), + Shared = maps:get(<<"https://shared.example.com/1">>, ByUrl), + ?assertEqual(lists:sort([<<"ADVISORY">>, <<"FIX">>]), lists:sort(Shared)), + ?assertEqual([<<"WEB">>], maps:get(<<"https://other.example.com/2">>, ByUrl)), + ok. + +min_published_at_max_modified_at(_Config) -> + A = (base_advisory(<<"GHSA-a">>, <<"A">>, [<<"CVE-2026-0001">>]))#{ + published_at => #{seconds => 100, nanos => 0}, + modified_at => #{seconds => 150, nanos => 0} + }, + B = (base_advisory(<<"GHSA-b">>, <<"B">>, [<<"CVE-2026-0001">>]))#{ + published_at => #{seconds => 90, nanos => 0}, + modified_at => #{seconds => 200, nanos => 0} + }, + [Result] = hex_advisory:group_for_display([A, B]), + ?assertEqual(#{seconds => 90, nanos => 0}, maps:get(published_at, Result)), + ?assertEqual(#{seconds => 200, nanos => 0}, maps:get(modified_at, Result)), + ok. + +missing_timestamps_yield_undefined(_Config) -> + A = base_advisory(<<"GHSA-a">>, <<"A">>, []), + [Result] = hex_advisory:group_for_display([A]), + ?assertEqual(undefined, maps:get(published_at, Result, undefined)), + ?assertEqual(undefined, maps:get(modified_at, Result, undefined)), + ok. + +%%==================================================================== +%% Helpers +%%==================================================================== + +base_advisory(Id, Summary, Aliases) -> + #{ + id => Id, + summary => Summary, + html_url => <<"https://osv.dev/vulnerability/", Id/binary>>, + api_url => <<"https://api.osv.dev/v1/vulns/", Id/binary>>, + aliases => Aliases, + references => [] + }. From ad544dfabebdf3c5620261586b4d182d5e75d4dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eric=20Meadows-J=C3=B6nsson?= Date: Tue, 19 May 2026 19:12:17 +0200 Subject: [PATCH 3/8] Exercise new SecurityAdvisory fields in registry round-trip --- test/hex_registry_SUITE.erl | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/test/hex_registry_SUITE.erl b/test/hex_registry_SUITE.erl index 0eafc68..58b4a68 100644 --- a/test/hex_registry_SUITE.erl +++ b/test/hex_registry_SUITE.erl @@ -103,7 +103,14 @@ package_test(_Config) -> html_url => <<"https://github.com/advisories/GHSA-abcd-1234-efgh">>, severity => 'SEVERITY_HIGH', cvss_score => 8.0, - api_url => <<"https://api.osv.dev/v1/vulns/GHSA-abcd-1234-efgh">> + api_url => <<"https://api.osv.dev/v1/vulns/GHSA-abcd-1234-efgh">>, + aliases => [<<"CVE-2026-0001">>, <<"NVD-CVE-2026-0001">>], + published_at => #{seconds => 1700000000, nanos => 0}, + modified_at => #{seconds => 1700100000, nanos => 0}, + references => [ + #{type => <<"WEB">>, url => <<"https://example.com/a">>}, + #{type => <<"FIX">>, url => <<"https://example.com/fix">>} + ] } ] }, From bcbaeaafc8a885ffe0a602e6938cce8e69e5e182 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eric=20Meadows-J=C3=B6nsson?= Date: Tue, 19 May 2026 19:14:15 +0200 Subject: [PATCH 4/8] Release 0.17.0 --- CHANGELOG.md | 5 +++++ src/hex_core.app.src | 2 +- src/hex_core.hrl | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f230fc6..0e72bac 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,10 @@ # CHANGELOG +## v0.17.0 (2026-05-19) + +* Add `aliases`, `published_at`, `modified_at`, and `references` fields to `SecurityAdvisory` proto +* Add `hex_advisory:group_for_display/1` for deduplicating advisories that share aliases + ## v0.16.0 (2026-05-13) * Validate tarball file paths and symlink targets when creating package and docs tarballs. diff --git a/src/hex_core.app.src b/src/hex_core.app.src index f685a1c..d5c160d 100644 --- a/src/hex_core.app.src +++ b/src/hex_core.app.src @@ -1,6 +1,6 @@ {application, hex_core, [ {description, "Reference implementation of Hex specifications"}, - {vsn, "0.16.0"}, + {vsn, "0.17.0"}, {registered, []}, {applications, [kernel, stdlib, inets, ssl, ssh]}, {licenses, ["Apache-2.0"]}, diff --git a/src/hex_core.hrl b/src/hex_core.hrl index cbeb6f7..4aeeaca 100644 --- a/src/hex_core.hrl +++ b/src/hex_core.hrl @@ -1 +1 @@ --define(HEX_CORE_VERSION, "0.16.0"). +-define(HEX_CORE_VERSION, "0.17.0"). From 18046b5e04609dc3decbf13bfeeffe9ed5621b42 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eric=20Meadows-J=C3=B6nsson?= Date: Tue, 19 May 2026 21:33:10 +0200 Subject: [PATCH 5/8] Polish advisory proto comments and tighten timestamp test --- proto/hex_pb_package.proto | 5 ++--- test/hex_advisory_SUITE.erl | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/proto/hex_pb_package.proto b/proto/hex_pb_package.proto index 10cfe8a..424cce8 100644 --- a/proto/hex_pb_package.proto +++ b/proto/hex_pb_package.proto @@ -59,14 +59,13 @@ message SecurityAdvisory { // OSV API URL for the advisory required string api_url = 6; // Other identifiers for the same vulnerability (e.g. a CVE id when the - // primary id is a GHSA, or vice versa). Used by clients to deduplicate - // advisories that describe the same vulnerability from different sources. + // primary id is a GHSA id, or vice versa). repeated string aliases = 7; // First publication timestamp from the advisory source. Optional for // backwards compatibility — clients treat absence as "no information". optional Timestamp published_at = 8; // Last modification timestamp from the advisory source. Optional for - // backwards compatibility. + // backwards compatibility — clients treat absence as "no information". optional Timestamp modified_at = 9; // External references describing the advisory (links to vendor fix PRs, // CVE write-ups, blog posts, etc.). diff --git a/test/hex_advisory_SUITE.erl b/test/hex_advisory_SUITE.erl index 3ec30c8..26e554e 100644 --- a/test/hex_advisory_SUITE.erl +++ b/test/hex_advisory_SUITE.erl @@ -107,8 +107,8 @@ min_published_at_max_modified_at(_Config) -> missing_timestamps_yield_undefined(_Config) -> A = base_advisory(<<"GHSA-a">>, <<"A">>, []), [Result] = hex_advisory:group_for_display([A]), - ?assertEqual(undefined, maps:get(published_at, Result, undefined)), - ?assertEqual(undefined, maps:get(modified_at, Result, undefined)), + ?assertEqual(undefined, maps:get(published_at, Result)), + ?assertEqual(undefined, maps:get(modified_at, Result)), ok. %%==================================================================== From d8f5f87fd73fb41882c23ce01ca44b077b5e0327 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eric=20Meadows-J=C3=B6nsson?= Date: Tue, 19 May 2026 22:39:45 +0200 Subject: [PATCH 6/8] Drop unused timestamp and references fields from SecurityAdvisory --- proto/hex_pb_package.proto | 16 -- src/hex_advisory.erl | 72 +----- src/hex_pb_package.erl | 463 +++++++----------------------------- test/hex_advisory_SUITE.erl | 51 +--- test/hex_registry_SUITE.erl | 8 +- 5 files changed, 99 insertions(+), 511 deletions(-) diff --git a/proto/hex_pb_package.proto b/proto/hex_pb_package.proto index 424cce8..3e4da51 100644 --- a/proto/hex_pb_package.proto +++ b/proto/hex_pb_package.proto @@ -61,15 +61,6 @@ message SecurityAdvisory { // Other identifiers for the same vulnerability (e.g. a CVE id when the // primary id is a GHSA id, or vice versa). repeated string aliases = 7; - // First publication timestamp from the advisory source. Optional for - // backwards compatibility — clients treat absence as "no information". - optional Timestamp published_at = 8; - // Last modification timestamp from the advisory source. Optional for - // backwards compatibility — clients treat absence as "no information". - optional Timestamp modified_at = 9; - // External references describing the advisory (links to vendor fix PRs, - // CVE write-ups, blog posts, etc.). - repeated AdvisoryReference references = 10; } enum AdvisorySeverity { @@ -80,13 +71,6 @@ enum AdvisorySeverity { SEVERITY_CRITICAL = 4; } -message AdvisoryReference { - // OSV reference type, e.g. "WEB", "ADVISORY", "FIX", "REPORT" - required string type = 1; - // Reference URL - required string url = 2; -} - message Dependency { // Package name of dependency required string package = 1; diff --git a/src/hex_advisory.erl b/src/hex_advisory.erl index c7d465e..e322312 100644 --- a/src/hex_advisory.erl +++ b/src/hex_advisory.erl @@ -3,9 +3,9 @@ %% %% Multiple advisory sources (EEF, GHSA, NVD, ...) can publish the same %% vulnerability under different identifiers and cross-reference each other -%% via the `aliases' field. `group_for_display/1' groups such advisories, -%% picks a deterministic primary, and merges references and timestamps so -%% callers can render one entry per vulnerability. +%% via the `aliases' field. `group_for_display/1' groups such advisories +%% and picks a deterministic primary so callers can render one entry per +%% vulnerability. -module(hex_advisory). -export([group_for_display/1]). @@ -54,13 +54,7 @@ is_cve(_) -> false. merge_group(Advisories) -> Primary = pick_primary(Advisories), Rest = [A || A <- Advisories, maps:get(id, A) =/= maps:get(id, Primary)], - Ordered = [Primary | Rest], - Primary#{ - aliases => display_aliases(Primary, Ordered), - published_at => min_timestamp(Ordered), - modified_at => max_timestamp(Ordered), - references => merge_references(Ordered) - }. + Primary#{aliases => display_aliases(Primary, [Primary | Rest])}. pick_primary(Advisories) -> [Primary | _] = lists:sort( @@ -105,64 +99,6 @@ alias_url(Id, AdvisoryIds) -> undefined end. -%%==================================================================== -%% Timestamps -%%==================================================================== - -min_timestamp(Advisories) -> - aggregate_timestamp(Advisories, published_at, fun erlang:'<'/2). - -max_timestamp(Advisories) -> - aggregate_timestamp(Advisories, modified_at, fun erlang:'>'/2). - -aggregate_timestamp(Advisories, Field, Cmp) -> - Stamps = [T || A <- Advisories, (T = maps:get(Field, A, undefined)) =/= undefined], - case Stamps of - [] -> - undefined; - [First | Rest] -> - lists:foldl( - fun(T, Acc) -> - case Cmp(ts_tuple(T), ts_tuple(Acc)) of - true -> T; - false -> Acc - end - end, - First, - Rest - ) - end. - -ts_tuple(#{seconds := S, nanos := N}) -> {S, N}; -ts_tuple(#{seconds := S}) -> {S, 0}. - -%%==================================================================== -%% References -%%==================================================================== - -merge_references(Advisories) -> - AllRefs = lists:flatmap(fun(A) -> maps:get(references, A, []) end, Advisories), - {UrlOrder, ByUrl} = - lists:foldl( - fun(#{url := Url, type := Type}, {Order, Map}) -> - case maps:is_key(Url, Map) of - true -> - Existing = maps:get(Url, Map), - Map2 = Map#{Url := uniq(Existing ++ [Type])}, - {Order, Map2}; - false -> - {Order ++ [Url], Map#{Url => [Type]}} - end - end, - {[], #{}}, - AllRefs - ), - [#{url => Url, types => maps:get(Url, ByUrl)} || Url <- UrlOrder]. - -%%==================================================================== -%% Misc -%%==================================================================== - uniq(List) -> {_, Out} = lists:foldl( diff --git a/src/hex_pb_package.erl b/src/hex_pb_package.erl index 92e5b9f..e1006cf 100644 --- a/src/hex_pb_package.erl +++ b/src/hex_pb_package.erl @@ -85,15 +85,7 @@ severity => 'SEVERITY_NONE' | 'SEVERITY_LOW' | 'SEVERITY_MEDIUM' | 'SEVERITY_HIGH' | 'SEVERITY_CRITICAL' | integer(), % = 4, optional, enum AdvisorySeverity cvss_score => float() | integer() | infinity | '-infinity' | nan, % = 5, optional api_url => unicode:chardata(), % = 6, required - aliases => [unicode:chardata()], % = 7, repeated - published_at => 'Timestamp'(), % = 8, optional - modified_at => 'Timestamp'(), % = 9, optional - references => ['AdvisoryReference'()] % = 10, repeated - }. - --type 'AdvisoryReference'() :: - #{type => unicode:chardata(), % = 1, required - url => unicode:chardata() % = 2, required + aliases => [unicode:chardata()] % = 7, repeated }. -type 'Dependency'() :: @@ -109,9 +101,9 @@ nanos => integer() % = 2, required, 32 bits }. --export_type(['Package'/0, 'Release'/0, 'RetirementStatus'/0, 'SecurityAdvisory'/0, 'AdvisoryReference'/0, 'Dependency'/0, 'Timestamp'/0]). --type '$msg_name'() :: 'Package' | 'Release' | 'RetirementStatus' | 'SecurityAdvisory' | 'AdvisoryReference' | 'Dependency' | 'Timestamp'. --type '$msg'() :: 'Package'() | 'Release'() | 'RetirementStatus'() | 'SecurityAdvisory'() | 'AdvisoryReference'() | 'Dependency'() | 'Timestamp'(). +-export_type(['Package'/0, 'Release'/0, 'RetirementStatus'/0, 'SecurityAdvisory'/0, 'Dependency'/0, 'Timestamp'/0]). +-type '$msg_name'() :: 'Package' | 'Release' | 'RetirementStatus' | 'SecurityAdvisory' | 'Dependency' | 'Timestamp'. +-type '$msg'() :: 'Package'() | 'Release'() | 'RetirementStatus'() | 'SecurityAdvisory'() | 'Dependency'() | 'Timestamp'(). -export_type(['$msg_name'/0, '$msg'/0]). -spec encode_msg('$msg'(), '$msg_name'()) -> binary(). @@ -126,7 +118,6 @@ encode_msg(Msg, MsgName, Opts) -> 'Release' -> encode_msg_Release(id(Msg, TrUserData), TrUserData); 'RetirementStatus' -> encode_msg_RetirementStatus(id(Msg, TrUserData), TrUserData); 'SecurityAdvisory' -> encode_msg_SecurityAdvisory(id(Msg, TrUserData), TrUserData); - 'AdvisoryReference' -> encode_msg_AdvisoryReference(id(Msg, TrUserData), TrUserData); 'Dependency' -> encode_msg_Dependency(id(Msg, TrUserData), TrUserData); 'Timestamp' -> encode_msg_Timestamp(id(Msg, TrUserData), TrUserData) end. @@ -216,38 +207,15 @@ encode_msg_SecurityAdvisory(#{id := F1, summary := F2, html_url := F3, api_url : _ -> B4 end, B6 = begin TrF6 = id(F6, TrUserData), e_type_string(TrF6, <>, TrUserData) end, - B7 = case M of - #{aliases := F7} -> - TrF7 = id(F7, TrUserData), - if TrF7 == [] -> B6; - true -> e_field_SecurityAdvisory_aliases(TrF7, B6, TrUserData) - end; - _ -> B6 - end, - B8 = case M of - #{published_at := F8} -> begin TrF8 = id(F8, TrUserData), e_mfield_SecurityAdvisory_published_at(TrF8, <>, TrUserData) end; - _ -> B7 - end, - B9 = case M of - #{modified_at := F9} -> begin TrF9 = id(F9, TrUserData), e_mfield_SecurityAdvisory_modified_at(TrF9, <>, TrUserData) end; - _ -> B8 - end, case M of - #{references := F10} -> - TrF10 = id(F10, TrUserData), - if TrF10 == [] -> B9; - true -> e_field_SecurityAdvisory_references(TrF10, B9, TrUserData) + #{aliases := F7} -> + TrF7 = id(F7, TrUserData), + if TrF7 == [] -> B6; + true -> e_field_SecurityAdvisory_aliases(TrF7, B6, TrUserData) end; - _ -> B9 + _ -> B6 end. -encode_msg_AdvisoryReference(Msg, TrUserData) -> encode_msg_AdvisoryReference(Msg, <<>>, TrUserData). - - -encode_msg_AdvisoryReference(#{type := F1, url := F2}, Bin, TrUserData) -> - B1 = begin TrF1 = id(F1, TrUserData), e_type_string(TrF1, <>, TrUserData) end, - begin TrF2 = id(F2, TrUserData), e_type_string(TrF2, <>, TrUserData) end. - encode_msg_Dependency(Msg, TrUserData) -> encode_msg_Dependency(Msg, <<>>, TrUserData). @@ -329,27 +297,6 @@ e_field_SecurityAdvisory_aliases([Elem | Rest], Bin, TrUserData) -> e_field_SecurityAdvisory_aliases(Rest, Bin3, TrUserData); e_field_SecurityAdvisory_aliases([], Bin, _TrUserData) -> Bin. -e_mfield_SecurityAdvisory_published_at(Msg, Bin, TrUserData) -> - SubBin = encode_msg_Timestamp(Msg, <<>>, TrUserData), - Bin2 = e_varint(byte_size(SubBin), Bin), - <>. - -e_mfield_SecurityAdvisory_modified_at(Msg, Bin, TrUserData) -> - SubBin = encode_msg_Timestamp(Msg, <<>>, TrUserData), - Bin2 = e_varint(byte_size(SubBin), Bin), - <>. - -e_mfield_SecurityAdvisory_references(Msg, Bin, TrUserData) -> - SubBin = encode_msg_AdvisoryReference(Msg, <<>>, TrUserData), - Bin2 = e_varint(byte_size(SubBin), Bin), - <>. - -e_field_SecurityAdvisory_references([Elem | Rest], Bin, TrUserData) -> - Bin2 = <>, - Bin3 = e_mfield_SecurityAdvisory_references(id(Elem, TrUserData), Bin2, TrUserData), - e_field_SecurityAdvisory_references(Rest, Bin3, TrUserData); -e_field_SecurityAdvisory_references([], Bin, _TrUserData) -> Bin. - e_enum_RetirementReason('RETIRED_OTHER', Bin, _TrUserData) -> <>; e_enum_RetirementReason('RETIRED_INVALID', Bin, _TrUserData) -> <>; e_enum_RetirementReason('RETIRED_SECURITY', Bin, _TrUserData) -> <>; @@ -490,7 +437,6 @@ decode_msg_2_doit('Package', Bin, TrUserData) -> id(decode_msg_Package(Bin, TrUs decode_msg_2_doit('Release', Bin, TrUserData) -> id(decode_msg_Release(Bin, TrUserData), TrUserData); decode_msg_2_doit('RetirementStatus', Bin, TrUserData) -> id(decode_msg_RetirementStatus(Bin, TrUserData), TrUserData); decode_msg_2_doit('SecurityAdvisory', Bin, TrUserData) -> id(decode_msg_SecurityAdvisory(Bin, TrUserData), TrUserData); -decode_msg_2_doit('AdvisoryReference', Bin, TrUserData) -> id(decode_msg_AdvisoryReference(Bin, TrUserData), TrUserData); decode_msg_2_doit('Dependency', Bin, TrUserData) -> id(decode_msg_Dependency(Bin, TrUserData), TrUserData); decode_msg_2_doit('Timestamp', Bin, TrUserData) -> id(decode_msg_Timestamp(Bin, TrUserData), TrUserData). @@ -794,271 +740,116 @@ skip_32_RetirementStatus(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserDat skip_64_RetirementStatus(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> dfp_read_field_def_RetirementStatus(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData). decode_msg_SecurityAdvisory(Bin, TrUserData) -> - dfp_read_field_def_SecurityAdvisory(Bin, - 0, - 0, - 0, - id('$undef', TrUserData), - id('$undef', TrUserData), - id('$undef', TrUserData), - id('$undef', TrUserData), - id('$undef', TrUserData), - id('$undef', TrUserData), - id([], TrUserData), - id('$undef', TrUserData), - id('$undef', TrUserData), - id([], TrUserData), - TrUserData). - -dfp_read_field_def_SecurityAdvisory(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - d_field_SecurityAdvisory_id(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - d_field_SecurityAdvisory_summary(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<26, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - d_field_SecurityAdvisory_html_url(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - d_field_SecurityAdvisory_severity(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<45, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - d_field_SecurityAdvisory_cvss_score(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<50, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - d_field_SecurityAdvisory_api_url(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<58, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - d_field_SecurityAdvisory_aliases(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<66, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - d_field_SecurityAdvisory_published_at(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<74, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - d_field_SecurityAdvisory_modified_at(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<82, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - d_field_SecurityAdvisory_references(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -dfp_read_field_def_SecurityAdvisory(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, R1, F@_8, F@_9, R2, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Bin, 0, 0, 0, id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id([], TrUserData), TrUserData). + +dfp_read_field_def_SecurityAdvisory(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_SecurityAdvisory_id(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_SecurityAdvisory_summary(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<26, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_SecurityAdvisory_html_url(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_SecurityAdvisory_severity(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<45, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_SecurityAdvisory_cvss_score(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<50, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_SecurityAdvisory_api_url(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<58, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> d_field_SecurityAdvisory_aliases(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, R1, TrUserData) -> S1 = #{id => F@_1, summary => F@_2, html_url => F@_3, api_url => F@_6, aliases => lists_reverse(R1, TrUserData)}, S2 = if F@_4 == '$undef' -> S1; true -> S1#{severity => F@_4} end, - S3 = if F@_5 == '$undef' -> S2; - true -> S2#{cvss_score => F@_5} - end, - S4 = if F@_8 == '$undef' -> S3; - true -> S3#{published_at => F@_8} - end, - S5 = if F@_9 == '$undef' -> S4; - true -> S4#{modified_at => F@_9} - end, - if R2 == '$undef' -> S5; - true -> S5#{references => lists_reverse(R2, TrUserData)} + if F@_5 == '$undef' -> S2; + true -> S2#{cvss_score => F@_5} end; -dfp_read_field_def_SecurityAdvisory(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - dg_read_field_def_SecurityAdvisory(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). +dfp_read_field_def_SecurityAdvisory(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> dg_read_field_def_SecurityAdvisory(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -dg_read_field_def_SecurityAdvisory(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 32 - 7 -> - dg_read_field_def_SecurityAdvisory(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -dg_read_field_def_SecurityAdvisory(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> +dg_read_field_def_SecurityAdvisory(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 32 - 7 -> + dg_read_field_def_SecurityAdvisory(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +dg_read_field_def_SecurityAdvisory(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> Key = X bsl N + Acc, case Key of - 10 -> d_field_SecurityAdvisory_id(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 18 -> d_field_SecurityAdvisory_summary(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 26 -> d_field_SecurityAdvisory_html_url(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 32 -> d_field_SecurityAdvisory_severity(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 45 -> d_field_SecurityAdvisory_cvss_score(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 50 -> d_field_SecurityAdvisory_api_url(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 58 -> d_field_SecurityAdvisory_aliases(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 66 -> d_field_SecurityAdvisory_published_at(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 74 -> d_field_SecurityAdvisory_modified_at(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 82 -> d_field_SecurityAdvisory_references(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); + 10 -> d_field_SecurityAdvisory_id(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 18 -> d_field_SecurityAdvisory_summary(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 26 -> d_field_SecurityAdvisory_html_url(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 32 -> d_field_SecurityAdvisory_severity(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 45 -> d_field_SecurityAdvisory_cvss_score(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 50 -> d_field_SecurityAdvisory_api_url(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 58 -> d_field_SecurityAdvisory_aliases(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); _ -> case Key band 7 of - 0 -> skip_varint_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 1 -> skip_64_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 2 -> skip_length_delimited_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 3 -> skip_group_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); - 5 -> skip_32_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) + 0 -> skip_varint_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 1 -> skip_64_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 2 -> skip_length_delimited_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 3 -> skip_group_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); + 5 -> skip_32_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) end end; -dg_read_field_def_SecurityAdvisory(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, R1, F@_8, F@_9, R2, TrUserData) -> +dg_read_field_def_SecurityAdvisory(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, R1, TrUserData) -> S1 = #{id => F@_1, summary => F@_2, html_url => F@_3, api_url => F@_6, aliases => lists_reverse(R1, TrUserData)}, S2 = if F@_4 == '$undef' -> S1; true -> S1#{severity => F@_4} end, - S3 = if F@_5 == '$undef' -> S2; - true -> S2#{cvss_score => F@_5} - end, - S4 = if F@_8 == '$undef' -> S3; - true -> S3#{published_at => F@_8} - end, - S5 = if F@_9 == '$undef' -> S4; - true -> S4#{modified_at => F@_9} - end, - if R2 == '$undef' -> S5; - true -> S5#{references => lists_reverse(R2, TrUserData)} + if F@_5 == '$undef' -> S2; + true -> S2#{cvss_score => F@_5} end. -d_field_SecurityAdvisory_id(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> - d_field_SecurityAdvisory_id(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -d_field_SecurityAdvisory_id(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> +d_field_SecurityAdvisory_id(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> d_field_SecurityAdvisory_id(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_SecurityAdvisory_id(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, NewFValue, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, NewFValue, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -d_field_SecurityAdvisory_summary(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> - d_field_SecurityAdvisory_summary(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -d_field_SecurityAdvisory_summary(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> +d_field_SecurityAdvisory_summary(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_summary(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_SecurityAdvisory_summary(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, NewFValue, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, NewFValue, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -d_field_SecurityAdvisory_html_url(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> - d_field_SecurityAdvisory_html_url(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -d_field_SecurityAdvisory_html_url(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, _, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> +d_field_SecurityAdvisory_html_url(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_html_url(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_SecurityAdvisory_html_url(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, _, F@_4, F@_5, F@_6, F@_7, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, NewFValue, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, NewFValue, F@_4, F@_5, F@_6, F@_7, TrUserData). -d_field_SecurityAdvisory_severity(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> - d_field_SecurityAdvisory_severity(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -d_field_SecurityAdvisory_severity(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, _, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> +d_field_SecurityAdvisory_severity(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_severity(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_SecurityAdvisory_severity(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, _, F@_5, F@_6, F@_7, TrUserData) -> {NewFValue, RestF} = {id(d_enum_AdvisorySeverity(begin <> = <<(X bsl N + Acc):32/unsigned-native>>, id(Res, TrUserData) end), TrUserData), Rest}, - dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, NewFValue, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). - -d_field_SecurityAdvisory_cvss_score(<<0:16, 128, 127, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(infinity, TrUserData), F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -d_field_SecurityAdvisory_cvss_score(<<0:16, 128, 255, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id('-infinity', TrUserData), F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -d_field_SecurityAdvisory_cvss_score(<<_:16, 1:1, _:7, _:1, 127:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(nan, TrUserData), F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -d_field_SecurityAdvisory_cvss_score(<>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(Value, TrUserData), F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). - -d_field_SecurityAdvisory_api_url(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> - d_field_SecurityAdvisory_api_url(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -d_field_SecurityAdvisory_api_url(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, _, F@_7, F@_8, F@_9, F@_10, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, NewFValue, F@_5, F@_6, F@_7, TrUserData). + +d_field_SecurityAdvisory_cvss_score(<<0:16, 128, 127, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(infinity, TrUserData), F@_6, F@_7, TrUserData); +d_field_SecurityAdvisory_cvss_score(<<0:16, 128, 255, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id('-infinity', TrUserData), F@_6, F@_7, TrUserData); +d_field_SecurityAdvisory_cvss_score(<<_:16, 1:1, _:7, _:1, 127:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(nan, TrUserData), F@_6, F@_7, TrUserData); +d_field_SecurityAdvisory_cvss_score(<>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, F@_7, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(Value, TrUserData), F@_6, F@_7, TrUserData). + +d_field_SecurityAdvisory_api_url(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_api_url(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_SecurityAdvisory_api_url(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, _, F@_7, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, NewFValue, F@_7, F@_8, F@_9, F@_10, TrUserData). + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, NewFValue, F@_7, TrUserData). -d_field_SecurityAdvisory_aliases(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> - d_field_SecurityAdvisory_aliases(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -d_field_SecurityAdvisory_aliases(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, Prev, F@_8, F@_9, F@_10, TrUserData) -> +d_field_SecurityAdvisory_aliases(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + d_field_SecurityAdvisory_aliases(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +d_field_SecurityAdvisory_aliases(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, Prev, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, cons(NewFValue, Prev, TrUserData), F@_8, F@_9, F@_10, TrUserData). - -d_field_SecurityAdvisory_published_at(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> - d_field_SecurityAdvisory_published_at(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -d_field_SecurityAdvisory_published_at(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, Prev, F@_9, F@_10, TrUserData) -> - {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, {id(decode_msg_Timestamp(Bs, TrUserData), TrUserData), Rest2} end, - dfp_read_field_def_SecurityAdvisory(RestF, - 0, - 0, - F, - F@_1, - F@_2, - F@_3, - F@_4, - F@_5, - F@_6, - F@_7, - if Prev == '$undef' -> NewFValue; - true -> merge_msg_Timestamp(Prev, NewFValue, TrUserData) - end, - F@_9, - F@_10, - TrUserData). - -d_field_SecurityAdvisory_modified_at(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> - d_field_SecurityAdvisory_modified_at(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -d_field_SecurityAdvisory_modified_at(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, Prev, F@_10, TrUserData) -> - {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, {id(decode_msg_Timestamp(Bs, TrUserData), TrUserData), Rest2} end, - dfp_read_field_def_SecurityAdvisory(RestF, - 0, - 0, - F, - F@_1, - F@_2, - F@_3, - F@_4, - F@_5, - F@_6, - F@_7, - F@_8, - if Prev == '$undef' -> NewFValue; - true -> merge_msg_Timestamp(Prev, NewFValue, TrUserData) - end, - F@_10, - TrUserData). - -d_field_SecurityAdvisory_references(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> - d_field_SecurityAdvisory_references(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -d_field_SecurityAdvisory_references(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, Prev, TrUserData) -> - {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, {id(decode_msg_AdvisoryReference(Bs, TrUserData), TrUserData), Rest2} end, - dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, cons(NewFValue, Prev, TrUserData), TrUserData). - -skip_varint_SecurityAdvisory(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - skip_varint_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -skip_varint_SecurityAdvisory(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). - -skip_length_delimited_SecurityAdvisory(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) when N < 57 -> - skip_length_delimited_SecurityAdvisory(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData); -skip_length_delimited_SecurityAdvisory(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - Length = X bsl N + Acc, - <<_:Length/binary, Rest2/binary>> = Rest, - dfp_read_field_def_SecurityAdvisory(Rest2, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). - -skip_group_SecurityAdvisory(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - {_, Rest} = read_group(Bin, FNum), - dfp_read_field_def_SecurityAdvisory(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). - -skip_32_SecurityAdvisory(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). - -skip_64_SecurityAdvisory(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData) -> - dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, F@_8, F@_9, F@_10, TrUserData). + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, cons(NewFValue, Prev, TrUserData), TrUserData). -decode_msg_AdvisoryReference(Bin, TrUserData) -> dfp_read_field_def_AdvisoryReference(Bin, 0, 0, 0, id('$undef', TrUserData), id('$undef', TrUserData), TrUserData). +skip_varint_SecurityAdvisory(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> skip_varint_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +skip_varint_SecurityAdvisory(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -dfp_read_field_def_AdvisoryReference(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> d_field_AdvisoryReference_type(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData); -dfp_read_field_def_AdvisoryReference(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> d_field_AdvisoryReference_url(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData); -dfp_read_field_def_AdvisoryReference(<<>>, 0, 0, _, F@_1, F@_2, _) -> #{type => F@_1, url => F@_2}; -dfp_read_field_def_AdvisoryReference(Other, Z1, Z2, F, F@_1, F@_2, TrUserData) -> dg_read_field_def_AdvisoryReference(Other, Z1, Z2, F, F@_1, F@_2, TrUserData). - -dg_read_field_def_AdvisoryReference(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, TrUserData) when N < 32 - 7 -> dg_read_field_def_AdvisoryReference(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, TrUserData); -dg_read_field_def_AdvisoryReference(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, TrUserData) -> - Key = X bsl N + Acc, - case Key of - 10 -> d_field_AdvisoryReference_type(Rest, 0, 0, 0, F@_1, F@_2, TrUserData); - 18 -> d_field_AdvisoryReference_url(Rest, 0, 0, 0, F@_1, F@_2, TrUserData); - _ -> - case Key band 7 of - 0 -> skip_varint_AdvisoryReference(Rest, 0, 0, Key bsr 3, F@_1, F@_2, TrUserData); - 1 -> skip_64_AdvisoryReference(Rest, 0, 0, Key bsr 3, F@_1, F@_2, TrUserData); - 2 -> skip_length_delimited_AdvisoryReference(Rest, 0, 0, Key bsr 3, F@_1, F@_2, TrUserData); - 3 -> skip_group_AdvisoryReference(Rest, 0, 0, Key bsr 3, F@_1, F@_2, TrUserData); - 5 -> skip_32_AdvisoryReference(Rest, 0, 0, Key bsr 3, F@_1, F@_2, TrUserData) - end - end; -dg_read_field_def_AdvisoryReference(<<>>, 0, 0, _, F@_1, F@_2, _) -> #{type => F@_1, url => F@_2}. - -d_field_AdvisoryReference_type(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, TrUserData) when N < 57 -> d_field_AdvisoryReference_type(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, TrUserData); -d_field_AdvisoryReference_type(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, TrUserData) -> - {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_AdvisoryReference(RestF, 0, 0, F, NewFValue, F@_2, TrUserData). - -d_field_AdvisoryReference_url(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, TrUserData) when N < 57 -> d_field_AdvisoryReference_url(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, TrUserData); -d_field_AdvisoryReference_url(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, TrUserData) -> - {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_AdvisoryReference(RestF, 0, 0, F, F@_1, NewFValue, TrUserData). - -skip_varint_AdvisoryReference(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> skip_varint_AdvisoryReference(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData); -skip_varint_AdvisoryReference(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> dfp_read_field_def_AdvisoryReference(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData). - -skip_length_delimited_AdvisoryReference(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, TrUserData) when N < 57 -> skip_length_delimited_AdvisoryReference(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, TrUserData); -skip_length_delimited_AdvisoryReference(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, TrUserData) -> +skip_length_delimited_SecurityAdvisory(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) when N < 57 -> + skip_length_delimited_SecurityAdvisory(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData); +skip_length_delimited_SecurityAdvisory(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> Length = X bsl N + Acc, <<_:Length/binary, Rest2/binary>> = Rest, - dfp_read_field_def_AdvisoryReference(Rest2, 0, 0, F, F@_1, F@_2, TrUserData). + dfp_read_field_def_SecurityAdvisory(Rest2, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -skip_group_AdvisoryReference(Bin, _, Z2, FNum, F@_1, F@_2, TrUserData) -> +skip_group_SecurityAdvisory(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> {_, Rest} = read_group(Bin, FNum), - dfp_read_field_def_AdvisoryReference(Rest, 0, Z2, FNum, F@_1, F@_2, TrUserData). + dfp_read_field_def_SecurityAdvisory(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -skip_32_AdvisoryReference(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> dfp_read_field_def_AdvisoryReference(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData). +skip_32_SecurityAdvisory(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). -skip_64_AdvisoryReference(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> dfp_read_field_def_AdvisoryReference(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData). +skip_64_SecurityAdvisory(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData) -> dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, F@_7, TrUserData). decode_msg_Dependency(Bin, TrUserData) -> dfp_read_field_def_Dependency(Bin, 0, 0, 0, id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), TrUserData). @@ -1284,7 +1075,6 @@ merge_msgs(Prev, New, MsgName, Opts) -> 'Release' -> merge_msg_Release(Prev, New, TrUserData); 'RetirementStatus' -> merge_msg_RetirementStatus(Prev, New, TrUserData); 'SecurityAdvisory' -> merge_msg_SecurityAdvisory(Prev, New, TrUserData); - 'AdvisoryReference' -> merge_msg_AdvisoryReference(Prev, New, TrUserData); 'Dependency' -> merge_msg_Dependency(Prev, New, TrUserData); 'Timestamp' -> merge_msg_Timestamp(Prev, New, TrUserData) end. @@ -1360,34 +1150,13 @@ merge_msg_SecurityAdvisory(#{} = PMsg, #{id := NFid, summary := NFsummary, html_ {#{cvss_score := PFcvss_score}, _} -> S2#{cvss_score => PFcvss_score}; _ -> S2 end, - S4 = case {PMsg, NMsg} of - {#{aliases := PFaliases}, #{aliases := NFaliases}} -> S3#{aliases => 'erlang_++'(PFaliases, NFaliases, TrUserData)}; - {_, #{aliases := NFaliases}} -> S3#{aliases => NFaliases}; - {#{aliases := PFaliases}, _} -> S3#{aliases => PFaliases}; - {_, _} -> S3 - end, - S5 = case {PMsg, NMsg} of - {#{published_at := PFpublished_at}, #{published_at := NFpublished_at}} -> S4#{published_at => merge_msg_Timestamp(PFpublished_at, NFpublished_at, TrUserData)}; - {_, #{published_at := NFpublished_at}} -> S4#{published_at => NFpublished_at}; - {#{published_at := PFpublished_at}, _} -> S4#{published_at => PFpublished_at}; - {_, _} -> S4 - end, - S6 = case {PMsg, NMsg} of - {#{modified_at := PFmodified_at}, #{modified_at := NFmodified_at}} -> S5#{modified_at => merge_msg_Timestamp(PFmodified_at, NFmodified_at, TrUserData)}; - {_, #{modified_at := NFmodified_at}} -> S5#{modified_at => NFmodified_at}; - {#{modified_at := PFmodified_at}, _} -> S5#{modified_at => PFmodified_at}; - {_, _} -> S5 - end, case {PMsg, NMsg} of - {#{references := PFreferences}, #{references := NFreferences}} -> S6#{references => 'erlang_++'(PFreferences, NFreferences, TrUserData)}; - {_, #{references := NFreferences}} -> S6#{references => NFreferences}; - {#{references := PFreferences}, _} -> S6#{references => PFreferences}; - {_, _} -> S6 + {#{aliases := PFaliases}, #{aliases := NFaliases}} -> S3#{aliases => 'erlang_++'(PFaliases, NFaliases, TrUserData)}; + {_, #{aliases := NFaliases}} -> S3#{aliases => NFaliases}; + {#{aliases := PFaliases}, _} -> S3#{aliases => PFaliases}; + {_, _} -> S3 end. --compile({nowarn_unused_function,merge_msg_AdvisoryReference/3}). -merge_msg_AdvisoryReference(#{}, #{type := NFtype, url := NFurl}, _) -> #{type => NFtype, url => NFurl}. - -compile({nowarn_unused_function,merge_msg_Dependency/3}). merge_msg_Dependency(#{} = PMsg, #{package := NFpackage, requirement := NFrequirement} = NMsg, _) -> S1 = #{package => NFpackage, requirement => NFrequirement}, @@ -1420,7 +1189,6 @@ verify_msg(Msg, MsgName, Opts) -> 'Release' -> v_msg_Release(Msg, [MsgName], TrUserData); 'RetirementStatus' -> v_msg_RetirementStatus(Msg, [MsgName], TrUserData); 'SecurityAdvisory' -> v_msg_SecurityAdvisory(Msg, [MsgName], TrUserData); - 'AdvisoryReference' -> v_msg_AdvisoryReference(Msg, [MsgName], TrUserData); 'Dependency' -> v_msg_Dependency(Msg, [MsgName], TrUserData); 'Timestamp' -> v_msg_Timestamp(Msg, [MsgName], TrUserData); _ -> mk_type_error(not_a_known_message, Msg, []) @@ -1556,23 +1324,6 @@ v_msg_SecurityAdvisory(#{id := F1, summary := F2, html_url := F3, api_url := F6} end; _ -> ok end, - case M of - #{published_at := F8} -> v_submsg_Timestamp(F8, [published_at | Path], TrUserData); - _ -> ok - end, - case M of - #{modified_at := F9} -> v_submsg_Timestamp(F9, [modified_at | Path], TrUserData); - _ -> ok - end, - case M of - #{references := F10} -> - if is_list(F10) -> - _ = [v_submsg_AdvisoryReference(Elem, [references | Path], TrUserData) || Elem <- F10], - ok; - true -> mk_type_error({invalid_list_of, {msg, 'AdvisoryReference'}}, F10, [references | Path]) - end; - _ -> ok - end, lists:foreach(fun (id) -> ok; (summary) -> ok; (html_url) -> ok; @@ -1580,9 +1331,6 @@ v_msg_SecurityAdvisory(#{id := F1, summary := F2, html_url := F3, api_url := F6} (cvss_score) -> ok; (api_url) -> ok; (aliases) -> ok; - (published_at) -> ok; - (modified_at) -> ok; - (references) -> ok; (OtherKey) -> mk_type_error({extraneous_key, OtherKey}, M, Path) end, maps:keys(M)), @@ -1590,22 +1338,6 @@ v_msg_SecurityAdvisory(#{id := F1, summary := F2, html_url := F3, api_url := F6} v_msg_SecurityAdvisory(M, Path, _TrUserData) when is_map(M) -> mk_type_error({missing_fields, [id, summary, html_url, api_url] -- maps:keys(M), 'SecurityAdvisory'}, M, Path); v_msg_SecurityAdvisory(X, Path, _TrUserData) -> mk_type_error({expected_msg, 'SecurityAdvisory'}, X, Path). --compile({nowarn_unused_function,v_submsg_AdvisoryReference/3}). -v_submsg_AdvisoryReference(Msg, Path, TrUserData) -> v_msg_AdvisoryReference(Msg, Path, TrUserData). - --compile({nowarn_unused_function,v_msg_AdvisoryReference/3}). -v_msg_AdvisoryReference(#{type := F1, url := F2} = M, Path, TrUserData) -> - v_type_string(F1, [type | Path], TrUserData), - v_type_string(F2, [url | Path], TrUserData), - lists:foreach(fun (type) -> ok; - (url) -> ok; - (OtherKey) -> mk_type_error({extraneous_key, OtherKey}, M, Path) - end, - maps:keys(M)), - ok; -v_msg_AdvisoryReference(M, Path, _TrUserData) when is_map(M) -> mk_type_error({missing_fields, [type, url] -- maps:keys(M), 'AdvisoryReference'}, M, Path); -v_msg_AdvisoryReference(X, Path, _TrUserData) -> mk_type_error({expected_msg, 'AdvisoryReference'}, X, Path). - -compile({nowarn_unused_function,v_submsg_Dependency/3}). v_submsg_Dependency(Msg, Path, TrUserData) -> v_msg_Dependency(Msg, Path, TrUserData). @@ -1776,11 +1508,7 @@ get_msg_defs() -> #{name => severity, fnum => 4, rnum => 5, type => {enum, 'AdvisorySeverity'}, occurrence => optional, opts => []}, #{name => cvss_score, fnum => 5, rnum => 6, type => float, occurrence => optional, opts => []}, #{name => api_url, fnum => 6, rnum => 7, type => string, occurrence => required, opts => []}, - #{name => aliases, fnum => 7, rnum => 8, type => string, occurrence => repeated, opts => []}, - #{name => published_at, fnum => 8, rnum => 9, type => {msg, 'Timestamp'}, occurrence => optional, opts => []}, - #{name => modified_at, fnum => 9, rnum => 10, type => {msg, 'Timestamp'}, occurrence => optional, opts => []}, - #{name => references, fnum => 10, rnum => 11, type => {msg, 'AdvisoryReference'}, occurrence => repeated, opts => []}]}, - {{msg, 'AdvisoryReference'}, [#{name => type, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => url, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}]}, + #{name => aliases, fnum => 7, rnum => 8, type => string, occurrence => repeated, opts => []}]}, {{msg, 'Dependency'}, [#{name => package, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => requirement, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}, @@ -1790,13 +1518,13 @@ get_msg_defs() -> {{msg, 'Timestamp'}, [#{name => seconds, fnum => 1, rnum => 2, type => int64, occurrence => required, opts => []}, #{name => nanos, fnum => 2, rnum => 3, type => int32, occurrence => required, opts => []}]}]. -get_msg_names() -> ['Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'AdvisoryReference', 'Dependency', 'Timestamp']. +get_msg_names() -> ['Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'Dependency', 'Timestamp']. get_group_names() -> []. -get_msg_or_group_names() -> ['Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'AdvisoryReference', 'Dependency', 'Timestamp']. +get_msg_or_group_names() -> ['Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'Dependency', 'Timestamp']. get_enum_names() -> ['RetirementReason', 'AdvisorySeverity']. @@ -1837,11 +1565,7 @@ find_msg_def('SecurityAdvisory') -> #{name => severity, fnum => 4, rnum => 5, type => {enum, 'AdvisorySeverity'}, occurrence => optional, opts => []}, #{name => cvss_score, fnum => 5, rnum => 6, type => float, occurrence => optional, opts => []}, #{name => api_url, fnum => 6, rnum => 7, type => string, occurrence => required, opts => []}, - #{name => aliases, fnum => 7, rnum => 8, type => string, occurrence => repeated, opts => []}, - #{name => published_at, fnum => 8, rnum => 9, type => {msg, 'Timestamp'}, occurrence => optional, opts => []}, - #{name => modified_at, fnum => 9, rnum => 10, type => {msg, 'Timestamp'}, occurrence => optional, opts => []}, - #{name => references, fnum => 10, rnum => 11, type => {msg, 'AdvisoryReference'}, occurrence => repeated, opts => []}]; -find_msg_def('AdvisoryReference') -> [#{name => type, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => url, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}]; + #{name => aliases, fnum => 7, rnum => 8, type => string, occurrence => repeated, opts => []}]; find_msg_def('Dependency') -> [#{name => package, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => requirement, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}, @@ -1939,7 +1663,6 @@ fqbin_to_msg_name(<<"Package">>) -> 'Package'; fqbin_to_msg_name(<<"Release">>) -> 'Release'; fqbin_to_msg_name(<<"RetirementStatus">>) -> 'RetirementStatus'; fqbin_to_msg_name(<<"SecurityAdvisory">>) -> 'SecurityAdvisory'; -fqbin_to_msg_name(<<"AdvisoryReference">>) -> 'AdvisoryReference'; fqbin_to_msg_name(<<"Dependency">>) -> 'Dependency'; fqbin_to_msg_name(<<"Timestamp">>) -> 'Timestamp'; fqbin_to_msg_name(E) -> error({gpb_error, {badmsg, E}}). @@ -1949,7 +1672,6 @@ msg_name_to_fqbin('Package') -> <<"Package">>; msg_name_to_fqbin('Release') -> <<"Release">>; msg_name_to_fqbin('RetirementStatus') -> <<"RetirementStatus">>; msg_name_to_fqbin('SecurityAdvisory') -> <<"SecurityAdvisory">>; -msg_name_to_fqbin('AdvisoryReference') -> <<"AdvisoryReference">>; msg_name_to_fqbin('Dependency') -> <<"Dependency">>; msg_name_to_fqbin('Timestamp') -> <<"Timestamp">>; msg_name_to_fqbin(E) -> error({gpb_error, {badmsg, E}}). @@ -1992,7 +1714,7 @@ get_all_source_basenames() -> ["hex_pb_package.proto"]. get_all_proto_names() -> ["hex_pb_package"]. -get_msg_containment("hex_pb_package") -> ['AdvisoryReference', 'Dependency', 'Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'Timestamp']; +get_msg_containment("hex_pb_package") -> ['Dependency', 'Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'Timestamp']; get_msg_containment(P) -> error({gpb_error, {badproto, P}}). @@ -2016,7 +1738,6 @@ get_proto_by_msg_name_as_fqbin(<<"Timestamp">>) -> "hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"RetirementStatus">>) -> "hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"Release">>) -> "hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"Package">>) -> "hex_pb_package"; -get_proto_by_msg_name_as_fqbin(<<"AdvisoryReference">>) -> "hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"SecurityAdvisory">>) -> "hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"Dependency">>) -> "hex_pb_package"; get_proto_by_msg_name_as_fqbin(E) -> error({gpb_error, {badmsg, E}}). diff --git a/test/hex_advisory_SUITE.erl b/test/hex_advisory_SUITE.erl index 26e554e..409e35f 100644 --- a/test/hex_advisory_SUITE.erl +++ b/test/hex_advisory_SUITE.erl @@ -11,10 +11,7 @@ all() -> groups_advisories_sharing_cve_alias, prefers_eef_over_ghsa_over_nvd, breaks_same_source_ties_by_id_ascending, - attaches_osv_url_only_to_alias_ids_that_are_group_members, - merges_references_by_url_accumulating_types, - min_published_at_max_modified_at, - missing_timestamps_yield_undefined + attaches_osv_url_only_to_alias_ids_that_are_group_members ]. identity_when_no_aliases(_Config) -> @@ -68,49 +65,6 @@ attaches_osv_url_only_to_alias_ids_that_are_group_members(_Config) -> ?assertEqual(undefined, maps:get(url, Cve)), ok. -merges_references_by_url_accumulating_types(_Config) -> - RefsA = [ - #{type => <<"WEB">>, url => <<"https://example.com/advisory">>}, - #{type => <<"ADVISORY">>, url => <<"https://shared.example.com/1">>} - ], - RefsB = [ - #{type => <<"FIX">>, url => <<"https://shared.example.com/1">>}, - #{type => <<"WEB">>, url => <<"https://other.example.com/2">>} - ], - A = (base_advisory(<<"GHSA-a">>, <<"A">>, [<<"CVE-2026-0001">>]))#{references => RefsA}, - B = (base_advisory(<<"GHSA-b">>, <<"B">>, [<<"CVE-2026-0001">>]))#{references => RefsB}, - [Result] = hex_advisory:group_for_display([A, B]), - ByUrl = maps:from_list( - [{maps:get(url, R), maps:get(types, R)} || R <- maps:get(references, Result)] - ), - ?assertEqual(3, maps:size(ByUrl)), - ?assertEqual([<<"WEB">>], maps:get(<<"https://example.com/advisory">>, ByUrl)), - Shared = maps:get(<<"https://shared.example.com/1">>, ByUrl), - ?assertEqual(lists:sort([<<"ADVISORY">>, <<"FIX">>]), lists:sort(Shared)), - ?assertEqual([<<"WEB">>], maps:get(<<"https://other.example.com/2">>, ByUrl)), - ok. - -min_published_at_max_modified_at(_Config) -> - A = (base_advisory(<<"GHSA-a">>, <<"A">>, [<<"CVE-2026-0001">>]))#{ - published_at => #{seconds => 100, nanos => 0}, - modified_at => #{seconds => 150, nanos => 0} - }, - B = (base_advisory(<<"GHSA-b">>, <<"B">>, [<<"CVE-2026-0001">>]))#{ - published_at => #{seconds => 90, nanos => 0}, - modified_at => #{seconds => 200, nanos => 0} - }, - [Result] = hex_advisory:group_for_display([A, B]), - ?assertEqual(#{seconds => 90, nanos => 0}, maps:get(published_at, Result)), - ?assertEqual(#{seconds => 200, nanos => 0}, maps:get(modified_at, Result)), - ok. - -missing_timestamps_yield_undefined(_Config) -> - A = base_advisory(<<"GHSA-a">>, <<"A">>, []), - [Result] = hex_advisory:group_for_display([A]), - ?assertEqual(undefined, maps:get(published_at, Result)), - ?assertEqual(undefined, maps:get(modified_at, Result)), - ok. - %%==================================================================== %% Helpers %%==================================================================== @@ -121,6 +75,5 @@ base_advisory(Id, Summary, Aliases) -> summary => Summary, html_url => <<"https://osv.dev/vulnerability/", Id/binary>>, api_url => <<"https://api.osv.dev/v1/vulns/", Id/binary>>, - aliases => Aliases, - references => [] + aliases => Aliases }. diff --git a/test/hex_registry_SUITE.erl b/test/hex_registry_SUITE.erl index 58b4a68..2b1f580 100644 --- a/test/hex_registry_SUITE.erl +++ b/test/hex_registry_SUITE.erl @@ -104,13 +104,7 @@ package_test(_Config) -> severity => 'SEVERITY_HIGH', cvss_score => 8.0, api_url => <<"https://api.osv.dev/v1/vulns/GHSA-abcd-1234-efgh">>, - aliases => [<<"CVE-2026-0001">>, <<"NVD-CVE-2026-0001">>], - published_at => #{seconds => 1700000000, nanos => 0}, - modified_at => #{seconds => 1700100000, nanos => 0}, - references => [ - #{type => <<"WEB">>, url => <<"https://example.com/a">>}, - #{type => <<"FIX">>, url => <<"https://example.com/fix">>} - ] + aliases => [<<"CVE-2026-0001">>, <<"NVD-CVE-2026-0001">>] } ] }, From 8a20ad538df118e43c5d9e6ac5c343de8ed92b18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eric=20Meadows-J=C3=B6nsson?= Date: Tue, 19 May 2026 23:05:19 +0200 Subject: [PATCH 7/8] Revert "Release 0.17.0" This reverts commit bcbaeaafc8a885ffe0a602e6938cce8e69e5e182. --- CHANGELOG.md | 5 ----- src/hex_core.app.src | 2 +- src/hex_core.hrl | 2 +- 3 files changed, 2 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0e72bac..f230fc6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,10 +1,5 @@ # CHANGELOG -## v0.17.0 (2026-05-19) - -* Add `aliases`, `published_at`, `modified_at`, and `references` fields to `SecurityAdvisory` proto -* Add `hex_advisory:group_for_display/1` for deduplicating advisories that share aliases - ## v0.16.0 (2026-05-13) * Validate tarball file paths and symlink targets when creating package and docs tarballs. diff --git a/src/hex_core.app.src b/src/hex_core.app.src index d5c160d..f685a1c 100644 --- a/src/hex_core.app.src +++ b/src/hex_core.app.src @@ -1,6 +1,6 @@ {application, hex_core, [ {description, "Reference implementation of Hex specifications"}, - {vsn, "0.17.0"}, + {vsn, "0.16.0"}, {registered, []}, {applications, [kernel, stdlib, inets, ssl, ssh]}, {licenses, ["Apache-2.0"]}, diff --git a/src/hex_core.hrl b/src/hex_core.hrl index 4aeeaca..cbeb6f7 100644 --- a/src/hex_core.hrl +++ b/src/hex_core.hrl @@ -1 +1 @@ --define(HEX_CORE_VERSION, "0.17.0"). +-define(HEX_CORE_VERSION, "0.16.0"). From 915f094b215240df7ae2c49dd4bcf6a1778be297 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eric=20Meadows-J=C3=B6nsson?= Date: Tue, 19 May 2026 23:09:43 +0200 Subject: [PATCH 8/8] Drop uri_string:quote/1 call for OTP 24 compatibility --- src/hex_advisory.erl | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/src/hex_advisory.erl b/src/hex_advisory.erl index e322312..700c252 100644 --- a/src/hex_advisory.erl +++ b/src/hex_advisory.erl @@ -92,11 +92,8 @@ identifiers(Advisory) -> alias_url(Id, AdvisoryIds) -> case sets:is_element(Id, AdvisoryIds) of - true -> - Encoded = uri_string:quote(Id), - <<"https://osv.dev/vulnerability/", Encoded/binary>>; - false -> - undefined + true -> <<"https://osv.dev/vulnerability/", Id/binary>>; + false -> undefined end. uniq(List) ->