Update hsec-tools parser for the cwe: name syntax

Author: TristanCacqueray

code/hsec-tools/src/Security/Advisories/Parse.hs

@@ -37,6 +37,7 @@ import qualified Data.Map as Map
 import Data.Sequence (Seq((:<|)))
 import qualified Data.Set as Set
 import qualified Data.Text as T
+import qualified Data.Text.Read as T
 import qualified Data.Text.Lazy as T (toStrict)
 import Data.Time (LocalTime(..), ZonedTime(..), midnight, utc)
 import Distribution.Parsec (eitherParsec)
@@ -420,8 +421,17 @@ onKey tbl k absent present =
 
 isCWE :: TOML.Value -> TableParser CWE.CWEID
 isCWE (TOML.Integer i) | Just cwe <- CWE.mkCWEID i, Map.member cwe CWE.cweNames = pure cwe
-isCWE (TOML.String txt) | Just cwe <- Map.lookup txt CWE.cweIds = pure cwe
-isCWE other = throwError $ InvalidFormat "Integer" (describeValue other) "42"
+isCWE (TOML.String txt) = case T.breakOn ":" txt of
+  (numTxt, name) -> case T.decimal numTxt of
+    Right (num, "") -> do
+      cwe <- isCWE (TOML.Integer num)
+      case T.strip (T.drop 1 name) of
+        "" -> pure cwe
+        expectedName -> case Map.lookup cwe CWE.cweNames of
+          Just cweName | expectedName == cweName -> pure cwe
+          _ -> error ("bad name: " <> show cwe <> ", " <> show expectedName)
+    _ -> error ("bad num: "<> show numTxt)
+isCWE other = throwError $ InvalidFormat "CWE ID" (describeValue other) "42"
 
 isString :: TOML.Value -> TableParser T.Text
 isString (TOML.String txt) = pure txt