Open
Conversation
hdonnay
force-pushed
the
feature/not-affected/aliases
branch
2 times, most recently
from
f52976b to
5d4fada
Compare
See-also: https://issues.redhat.com/browse/CLAIRDEV-85 Change-Id: Ie542a328758fb2eacfc15cf15108249421e11286 Signed-off-by: Hank Donnay <hdonnay@redhat.com>
This provides a standardized way to identify aliases and cross-references between vulnerabilities. See-also: https://issues.redhat.com/browse/CLAIRDEV-85 Change-Id: I7255300dddb328dcb5b579523c8efcffe1a560f0 Signed-off-by: Hank Donnay <hdonnay@redhat.com>
hdonnay
force-pushed
the
feature/not-affected/aliases
branch
from
5d4fada to
82da00e
Compare
dcaravel
reviewed
Mar 24, 2026
Comment on lines
+41
to
+51
|
|
||
| // Self is an Alias that is the "identity" for this Vulnerability. | ||
| // | ||
| // This should be a system-wide, external identifier. | ||
| Self Alias | ||
| // Aliases is a set of aliases for the same abstract software flaw. | ||
| // | ||
| // For example, GHSA advisories frequently also reference CVE identifiers. | ||
| // | ||
| // This may contain the "Self" alias. | ||
| Aliases []Alias |
There was a problem hiding this comment.
Were the json tags left out intentionally?
There was a problem hiding this comment.
nit: consider adding test for Valid()
|
|
||
| CREATE TABLE IF NOT EXISTS alias ( | ||
| id INTEGER PRIMARY KEY GENERATED ALWAYS AS IDENTITY, | ||
| namespace INTEGER REFERENCES alias_namespace (id) ON DELETE CASCADE, |
Comment on lines
+46
to
+51
| // Aliases is a set of aliases for the same abstract software flaw. | ||
| // | ||
| // For example, GHSA advisories frequently also reference CVE identifiers. | ||
| // | ||
| // This may contain the "Self" alias. | ||
| Aliases []Alias |
There was a problem hiding this comment.
Would this be easier to digest if it was prescriptive? - ie: "will always contain self alias" or "will never contain self alias"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This creates the
Aliastype, adds it to theVulnerabilitytype, and adds relevant database tables.It does not add any code that makes use of these types.