CPE improvements #922
Merged
CPE improvements #922
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Rename some CPE functions and extend their doc strings for explaining their purpose even better. Add some additional tests for some functions to ensure they are working as expected despite already being tested implicitly.
Currently the CPE parsing model stores quoted well-formed CPE name (WNF) attribute values. This is not ideal for using them in the application logic. For example a version attribute will always return something like `"1\.2\.3"` as it's value. Therefore add a new function that allows to convert these values into their unquoted form.
…"1\.2") When parsing a CPE and accessing its attributes the returned values are now unquoted instead of being quoted according to the WNF. Using the unquoted value allows to use them directly now.
Conventional Commits Report
🚀 Conventional commits found. |
Codecov Report
@@ Coverage Diff @@
## main #922 +/- ##
==========================================
+ Coverage 90.23% 90.32% +0.09%
==========================================
Files 95 95
Lines 6635 6666 +31
Branches 953 957 +4
==========================================
+ Hits 5987 6021 +34
+ Misses 442 441 -1
+ Partials 206 204 -2
📣 Codecov offers a browser extension for seamless coverage viewing on GitHub. Try it in Chrome or Firefox today! |
y0urself
approved these changes
Nov 8, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What
Allow access to unquoted values of a CPE. Before the returned values are quoted according to the the well-formed CPE name (WFN) in the spec at https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf
The CPE implementation follows the spec very very closely. In future we might loosen the spec implementation a bit more by dropping the WNF and its quoting. But for now we keep the WNF values in an internal dataclass of the CPE.
Why
Allow to use the values directly for usage in applications without requiring to convert them to get the "real" values for example CPE version
1.2.3instead of1\.2\.3.Checklist