Skip to content

Commit 339f084

Browse files
progvalprogval
committed
Update from 1.6.7 to 1.7.4
Includes: * 1.7.0: ossf/osv-schema#312 (`upstream` field) ossf/osv-schema#319 ossf/osv-schema#337 (`Ubuntu` as `severity` score) * 1.7.1: nothing * 1.7.2: ossf/osv-schema#351 ossf/osv-schema#347 ossf/osv-schema#358 * 1.7.3: ossf/osv-schema#394 * 1.7.4: ossf/osv-schema#434 ossf/osv-schema#357
1 parent 199fc84 commit 339f084

File tree

2 files changed

+35
-1
lines changed

2 files changed

+35
-1
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ This library provides bindings to Open Source Security Foundation's
2020
Open Source Vulnerability (osv) schema and a client to access
2121
the API from the Rust Language.
2222

23-
Currently compatible with v1.6.7 of the [ossf/osv-schema](https://github.com/ossf/osv-schema).
23+
Currently compatible with v1.7.4 of the [ossf/osv-schema](https://github.com/ossf/osv-schema).
2424

2525
### References
2626

src/schema.rs

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,8 +33,10 @@ pub type Version = String;
3333
#[non_exhaustive]
3434
pub enum Ecosystem {
3535
AlmaLinux(Option<String>),
36+
Alpaquita,
3637
Alpine(Option<String>),
3738
Android,
39+
BellSoftHardenedContainers,
3840
Bioconductor,
3941
Bitnami,
4042
Chainguard,
@@ -43,18 +45,23 @@ pub enum Ecosystem {
4345
CratesIO,
4446
Debian(Option<String>),
4547
DWF,
48+
Echo,
4649
GHC,
4750
GSD,
4851
GitHubActions,
4952
Go,
5053
Hackage,
5154
Hex,
5255
JavaScript,
56+
Julia,
57+
Kubernetes,
5358
Linux,
5459
Mageia(String),
5560
Maven(String),
61+
MinimOS,
5662
Npm,
5763
NuGet,
64+
OpenEuler,
5865
OpenSUSE(Option<String>),
5966
OssFuzz,
6067
Packagist,
@@ -75,6 +82,7 @@ pub enum Ecosystem {
7582
lts: bool,
7683
},
7784
UVI,
85+
VSCode,
7886
Wolfi,
7987
}
8088

@@ -88,11 +96,13 @@ impl Serialize for Ecosystem {
8896
Ecosystem::AlmaLinux(Some(release)) => {
8997
serializer.serialize_str(&format!("AlmaLinux:{}", release))
9098
}
99+
Ecosystem::Alpaquita => serializer.serialize_str("Alpaquita"),
91100
Ecosystem::Alpine(None) => serializer.serialize_str("Alpine"),
92101
Ecosystem::Alpine(Some(version)) => {
93102
serializer.serialize_str(&format!("Alpine:{}", version))
94103
}
95104
Ecosystem::Android => serializer.serialize_str("Android"),
105+
Ecosystem::BellSoftHardenedContainers => serializer.serialize_str("BellSoft Hardened Containers"),
96106
Ecosystem::Bioconductor => serializer.serialize_str("Bioconductor"),
97107
Ecosystem::Bitnami => serializer.serialize_str("Bitnami"),
98108
Ecosystem::Chainguard => serializer.serialize_str("Chainguard"),
@@ -104,13 +114,16 @@ impl Serialize for Ecosystem {
104114
serializer.serialize_str(&format!("Debian:{}", version))
105115
}
106116
Ecosystem::DWF => serializer.serialize_str("DWF"),
117+
Ecosystem::Echo => serializer.serialize_str("Echo"),
107118
Ecosystem::GHC => serializer.serialize_str("GHC"),
108119
Ecosystem::GSD => serializer.serialize_str("GSD"),
109120
Ecosystem::GitHubActions => serializer.serialize_str("GitHub Actions"),
110121
Ecosystem::Go => serializer.serialize_str("Go"),
111122
Ecosystem::Hackage => serializer.serialize_str("Hackage"),
112123
Ecosystem::Hex => serializer.serialize_str("Hex"),
113124
Ecosystem::JavaScript => serializer.serialize_str("JavaScript"),
125+
Ecosystem::Julia => serializer.serialize_str("Julia"),
126+
Ecosystem::Kubernetes => serializer.serialize_str("Kubernetes"),
114127
Ecosystem::Linux => serializer.serialize_str("Linux"),
115128
Ecosystem::Mageia(release) => serializer.serialize_str(&format!("Mageia:{}", release)),
116129
Ecosystem::Maven(repository) => {
@@ -120,8 +133,10 @@ impl Serialize for Ecosystem {
120133
};
121134
serializer.serialize_str(&mvn)
122135
}
136+
Ecosystem::MinimOS => serializer.serialize_str("MinimOS"),
123137
Ecosystem::Npm => serializer.serialize_str("npm"),
124138
Ecosystem::NuGet => serializer.serialize_str("NuGet"),
139+
Ecosystem::OpenEuler => serializer.serialize_str("openEuler"),
125140
Ecosystem::OpenSUSE(None) => serializer.serialize_str("openSUSE"),
126141
Ecosystem::OpenSUSE(Some(release)) => {
127142
serializer.serialize_str(&format!("openSUSE:{}", release))
@@ -174,6 +189,7 @@ impl Serialize for Ecosystem {
174189
serializer.serialize_str(&serialized)
175190
}
176191
Ecosystem::UVI => serializer.serialize_str("UVI"),
192+
Ecosystem::VSCode => serializer.serialize_str("VSCode"),
177193
Ecosystem::Wolfi => serializer.serialize_str("Wolfi"),
178194
}
179195
}
@@ -199,6 +215,7 @@ impl<'de> Deserialize<'de> for Ecosystem {
199215
{
200216
match value {
201217
"AlmaLinux" | "AlmaLinux:" => Ok(Ecosystem::AlmaLinux(None)),
218+
"Alpaquita" => Ok(Ecosystem::Alpaquita),
202219
_ if value.starts_with("AlmaLinux:") => Ok(Ecosystem::AlmaLinux(
203220
value.strip_prefix("AlmaLinux:").map(|v| v.to_string()),
204221
)),
@@ -207,6 +224,7 @@ impl<'de> Deserialize<'de> for Ecosystem {
207224
value.strip_prefix("Alpine:").map(|v| v.to_string()),
208225
)),
209226
"Android" => Ok(Ecosystem::Android),
227+
"BellSoft Hardened Containers" => Ok(Ecosystem::BellSoftHardenedContainers),
210228
"Bioconductor" => Ok(Ecosystem::Bioconductor),
211229
"Bitnami" => Ok(Ecosystem::Bitnami),
212230
"Chainguard" => Ok(Ecosystem::Chainguard),
@@ -218,13 +236,16 @@ impl<'de> Deserialize<'de> for Ecosystem {
218236
value.strip_prefix("Debian:").map(|v| v.to_string()),
219237
)),
220238
"DWF" => Ok(Ecosystem::DWF),
239+
"Echo" => Ok(Ecosystem::Echo),
221240
"GHC" => Ok(Ecosystem::GHC),
222241
"GitHub Actions" => Ok(Ecosystem::GitHubActions),
223242
"Go" => Ok(Ecosystem::Go),
224243
"GSD" => Ok(Ecosystem::GSD),
225244
"Hackage" => Ok(Ecosystem::Hackage),
226245
"Hex" => Ok(Ecosystem::Hex),
227246
"JavaScript" => Ok(Ecosystem::JavaScript),
247+
"Julia" => Ok(Ecosystem::Julia),
248+
"Kubernetes" => Ok(Ecosystem::Kubernetes),
228249
"Linux" => Ok(Ecosystem::Linux),
229250
_ if value.starts_with("Mageia:") => Ok(Ecosystem::Mageia(
230251
value
@@ -238,8 +259,10 @@ impl<'de> Deserialize<'de> for Ecosystem {
238259
_ if value.starts_with("Maven:") => Ok(Ecosystem::Maven(
239260
value.strip_prefix("Maven:").map(|v| v.to_string()).unwrap(),
240261
)),
262+
"MinimOS" => Ok(Ecosystem::MinimOS),
241263
"npm" => Ok(Ecosystem::Npm),
242264
"NuGet" => Ok(Ecosystem::NuGet),
265+
"openEuler" => Ok(Ecosystem::OpenEuler),
243266
"openSUSE" => Ok(Ecosystem::OpenSUSE(None)),
244267
_ if value.starts_with("openSUSE:") => Ok(Ecosystem::OpenSUSE(
245268
value.strip_prefix("openSUSE:").map(|v| v.to_string()),
@@ -281,6 +304,7 @@ impl<'de> Deserialize<'de> for Ecosystem {
281304
).ok_or(de::Error::unknown_variant(value, &["Ecosystem"]))
282305
}
283306
"UVI" => Ok(Ecosystem::UVI),
307+
"VSCode" => Ok(Ecosystem::VSCode),
284308
"Wolfi" => Ok(Ecosystem::Wolfi),
285309
_ => Err(de::Error::unknown_variant(value, &["Ecosystem"])),
286310
}
@@ -472,6 +496,11 @@ pub enum SeverityType {
472496
#[serde(rename = "CVSS_V4")]
473497
CVSSv4,
474498

499+
/// A lowercased string representing the [Ubuntu priority](https://ubuntu.com/security/cves/about#priority).
500+
/// This is based on many factors including severity, importance, risk, estimated number of affected users,
501+
/// software configuration, active exploitation, and other factors.
502+
Ubuntu,
503+
475504
/// The severity score was arrived at by using an unspecified
476505
/// scoring method.
477506
#[serde(rename = "UNSPECIFIED")]
@@ -583,6 +612,11 @@ pub struct Vulnerability {
583612
#[serde(skip_serializing_if = "Option::is_none")]
584613
pub aliases: Option<Vec<String>>,
585614

615+
/// The `upstream` field gives a list of IDs of upstream vulnerabilities that are referred to
616+
/// by the vulnerability entry.
617+
#[serde(skip_serializing_if = "Option::is_none")]
618+
pub upstream: Option<Vec<String>>,
619+
586620
/// The related field gives a list of IDs of closely related vulnerabilities, such as the same
587621
/// problem in alternate ecosystems.
588622
#[serde(skip_serializing_if = "Option::is_none")]

0 commit comments

Comments
 (0)