Skip to content

Commit 940ccec

Browse files
david-roccadavid-rocca
authored
Merge pull request #1231 from CVEProject/jd-version-fix
Updated rejectExistingCve to update dataVersion
2 parents 68eae7e + 49ed41d commit 940ccec

File tree

4 files changed

+10
-4
lines changed

4 files changed

+10
-4
lines changed

api-docs/openapi.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"openapi": "3.0.2",
33
"info": {
4-
"version": "2.3.1",
4+
"version": "2.3.2",
55
"title": "CVE Services API",
66
"description": "The CVE Services API supports automation tooling for the CVE Program. Credentials are required for most service endpoints. Representatives of <a href='https://www.cve.org/ProgramOrganization/CNAs'>CVE Numbering Authorities (CNAs)</a> should use one of the methods below to obtain credentials: <ul><li>If your organization already has an Organizational Administrator (OA) account for the CVE Services, ask your admin for credentials</li> <li>Contact your Root (<a href='https://www.cve.org/PartnerInformation/ListofPartners/partner/Google'>Google</a>, <a href='https://www.cve.org/PartnerInformation/ListofPartners/partner/INCIBE'>INCIBE</a>, <a href='https://www.cve.org/PartnerInformation/ListofPartners/partner/jpcert'>JPCERT/CC</a>, or <a href='https://www.cve.org/PartnerInformation/ListofPartners/partner/redhat'>Red Hat</a>) or Top-Level Root (<a href='https://www.cve.org/PartnerInformation/ListofPartners/partner/icscert'>CISA ICS</a> or <a href='https://www.cve.org/PartnerInformation/ListofPartners/partner/mitre'>MITRE</a>) to request credentials </ul> <p>CVE data is to be in the JSON 5.1 CVE Record format. Details of the JSON 5.1 schema are located <a href='https://github.com/CVEProject/cve-schema/tree/5.1.0/schema/v5.0' target='_blank'>here</a>.</p> <a href='https://cveform.mitre.org/' class='link' target='_blank'>Contact the CVE Services team</a>",
77
"contact": {

package-lock.json

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

src/controller/cve.controller/cve.controller.js

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -723,9 +723,15 @@ async function rejectExistingCve (req, res, next) {
723723

724724
const providerMetadata = createProviderMetadata(providerOrgObj.UUID, req.ctx.org, (new Date()).toISOString())
725725

726+
// Update dataVersion to current schema version
727+
if (result.cve.dataVersion !== CONSTANTS.SCHEMA_VERSION) {
728+
result.cve.dataVersion = CONSTANTS.SCHEMA_VERSION
729+
}
730+
726731
// update CVE record to rejected
727732
const updatedRecord = Cve.updateCveToRejected(id, providerMetadata, result.cve, req.ctx.body)
728733
const updatedCve = new Cve({ cve: updatedRecord })
734+
729735
result = Cve.validateCveRecord(updatedCve.cve)
730736
if (!result.isValid) {
731737
logger.error(JSON.stringify({ uuid: req.ctx.uuid, message: 'CVE JSON schema validation FAILED.' }))

src/swagger.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ const rejectedCreateCVERecord = require('../schemas/cve/rejected-create-cve-exam
1414
/* eslint-disable no-multi-str */
1515
const doc = {
1616
info: {
17-
version: '2.3.1',
17+
version: '2.3.2',
1818
title: 'CVE Services API',
1919
description: "The CVE Services API supports automation tooling for the CVE Program. Credentials are \
2020
required for most service endpoints. Representatives of \

0 commit comments

Comments
 (0)