making fix and adding code showing how to retrieve component-version update guidance to remediate vulnerabilities

Glenn Snyder · Glenn Snyder · commit f21425d7732e · 2020-03-17T13:35:11.000-04:00
diff --git a/examples/get_bom_component_policy_violations.py b/examples/get_bom_component_policy_violations.py
@@ -31,7 +31,10 @@
     project = hub.get_project_by_name(args.project_name)
     version = hub.get_version_by_name(project, args.version)
 
-bom_components = hub.get_version_components(version)
+if project and version:
+    bom_components = hub.get_version_components(version)
+else:
+    sys.exit()
 
 all_policy_violations = dict()
 
diff --git a/examples/get_bom_component_vulnerability_info.py b/examples/get_bom_component_vulnerability_info.py
@@ -76,6 +76,16 @@
     vuln_name = vuln['vulnerabilityWithRemediation']['vulnerabilityName']
 
     # Retrieve additional details about the vulnerability
+    #
+
+    # As per https://jira-sig.internal.synopsys.com/browse/HUB-16455
+    # update guidance can be found on an un-documented, public API endpoint
+    # of the form, /api/components/{component_id}/versions/{version_id}/remediating
+    #
+    update_guidance_url = vuln['componentVersion'] + "/remediating"
+    update_guidance_results = hub.execute_get(update_guidance_url).json()
+    vuln['update_guidance'] = update_guidance_results
+
     logging.debug("Retrieving additional details regarding vuln {}, i={}".format(vuln_name, i))
     vuln_url = hub.get_apibase() + "/vulnerabilities/{}".format(vuln_name)
     vuln_details_response = hub.execute_get(vuln_url, custom_headers={'Accept': 'application/json'})
