updating endpoint to grab update guidance from the new endpoint

Glenn Snyder · Glenn Snyder · commit 4a1710297073 · 2020-06-03T17:22:07.000-04:00
diff --git a/examples/get_bom_component_vulnerability_info.py b/examples/get_bom_component_vulnerability_info.py
@@ -78,11 +78,7 @@
     # Retrieve additional details about the vulnerability
     #
 
-    # As per https://jira-sig.internal.synopsys.com/browse/HUB-16455
-    # update guidance can be found on an un-documented, public API endpoint
-    # of the form, /api/components/{component_id}/versions/{version_id}/remediating
-    #
-    update_guidance_url = vuln['componentVersion'] + "/remediating"
+    update_guidance_url = vuln['componentVersion'] + "/upgrade-guidance"
     update_guidance_results = hub.execute_get(update_guidance_url).json()
     vuln['update_guidance'] = update_guidance_results
 
@@ -117,5 +113,30 @@
 else:
 	logging.debug("Did not find any vulnerable BOM components in project {}, version {}".format(args.project_name, args.version))
 
-print(json.dumps(vulnerable_bom_components))
+# Combine counts and vulnerabilities (aka vulnerable bom components)
+#
+num_bdsa_records = len(list(filter(lambda v: v['vulnerabilityWithRemediation']['source'] == 'BDSA', 
+    vulnerable_bom_components)))
+num_nvd_records = len(list(filter(lambda v: v['vulnerabilityWithRemediation']['source'] == 'NVD', 
+    vulnerable_bom_components)))
+
+remediation_counts = {}
+remediation_statuses = [v['vulnerabilityWithRemediation']['remediationStatus'] for v in vulnerable_bom_components]
+for status in remediation_statuses:
+    remediation_counts[status] = remediation_counts.get(status, 0) + 1
+
+counts = {
+    'BDSA': num_bdsa_records,
+    'NVD': num_nvd_records,
+    'all_vulns': num_bdsa_records + num_nvd_records,
+    'by_remediation_status': remediation_counts
+}
+
+
+everything = {
+    'counts': counts,
+    'vulnerabilities': vulnerable_bom_components
+}
+
+print(json.dumps(everything))
 
