🚧 working purl cves

vulncheck-oss · Mar 28, 2024 · 0e9723e · 0e9723e
1 parent a8b68e1
commit 0e9723e
Show file tree

Hide file tree

Showing 4 changed files with 62 additions and 4 deletions.
diff --git a/pkg/cmd/cpe/cpe.go b/pkg/cmd/cpe/cpe.go
@@ -11,7 +11,7 @@ import (
 func Command() *cobra.Command {
 	return &cobra.Command{
 		Use:   "cpe <scheme>",
-		Short: "Look up a specified cpe",
+		Short: "Look up a specified cpe for any related CVEs",
 		RunE: func(cmd *cobra.Command, args []string) error {
 			if len(args) != 1 {
 				return ui.Error("cpe scheme is required")
@@ -21,7 +21,9 @@ func Command() *cobra.Command {
 				return err
 			}
 			cves := response.GetData()
-			ui.CpeStruct(response.GetCpeStruct())
+			if err := ui.CpeMeta(response.GetCpeMeta()); err != nil {
+				return err
+			}
 			if len(cves) == 0 {
 				ui.Info(fmt.Sprintf("No CVEs were found for cpe %s", args[0]))
 				return nil

diff --git a/pkg/cmd/purl/purl.go b/pkg/cmd/purl/purl.go
@@ -0,0 +1,38 @@
+package purl
+
+import (
+	"fmt"
+	"github.com/octoper/go-ray"
+	"github.com/spf13/cobra"
+	"github.com/vulncheck-oss/cli/pkg/config"
+	"github.com/vulncheck-oss/cli/pkg/session"
+	"github.com/vulncheck-oss/cli/pkg/ui"
+)
+
+func Command() *cobra.Command {
+	return &cobra.Command{
+		Use:   "purl <scheme>",
+		Short: "Look up a specified PURL for any CVES or vulnerabilities",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			if len(args) != 1 {
+				return ui.Error("purl scheme is required")
+			}
+			response, err := session.Connect(config.Token()).GetPurl(args[0])
+			if err != nil {
+				return err
+			}
+			cves := response.GetCves()
+			ray.Ray(response.GetPurlMeta())
+			if err := ui.PurlMeta(response.GetPurlMeta()); err != nil {
+				return err
+			}
+			if len(cves) == 0 {
+				ui.Info(fmt.Sprintf("No CVEs were found for purl %s", args[0]))
+				return nil
+			}
+			ui.Info(fmt.Sprintf("%d CVEs were found for purl %s", len(cves), args[0]))
+			ui.Json(cves)
+			return nil
+		},
+	}
+}
diff --git a/pkg/cmd/root/root.go b/pkg/cmd/root/root.go
@@ -13,6 +13,7 @@ import (
 	"github.com/vulncheck-oss/cli/pkg/cmd/cpe"
 	"github.com/vulncheck-oss/cli/pkg/cmd/index"
 	"github.com/vulncheck-oss/cli/pkg/cmd/indices"
+	"github.com/vulncheck-oss/cli/pkg/cmd/purl"
 	"github.com/vulncheck-oss/cli/pkg/cmd/version"
 	"github.com/vulncheck-oss/cli/pkg/config"
 	"github.com/vulncheck-oss/cli/pkg/environment"
@@ -90,6 +91,7 @@ func NewCmdRoot() *cobra.Command {
 	cmd.AddCommand(index.Command())
 	cmd.AddCommand(backup.Command())
 	cmd.AddCommand(cpe.Command())
+	cmd.AddCommand(purl.Command())
 
 	return cmd
 }

diff --git a/pkg/ui/table.go b/pkg/ui/table.go
@@ -7,6 +7,7 @@ import (
 	"github.com/charmbracelet/lipgloss"
 	ltable "github.com/charmbracelet/lipgloss/table"
 	"github.com/vulncheck-oss/sdk"
+	"golang.org/x/term"
 	"strings"
 )
 
@@ -122,13 +123,28 @@ func IndicesList(indices []sdk.IndicesMeta, search string) error {
 	return nil
 }
 
-func CpeStruct(cpe sdk.CpeStruct) error {
+func TermWidth() int {
+	width, _, _ := term.GetSize(0)
+	return width
+}
+
+func CpeMeta(cpe sdk.CpeMeta) error {
 	t := ltable.New().
 		Border(lipgloss.NormalBorder()).
 		BorderStyle(lipgloss.NewStyle().Foreground(lipgloss.Color("99"))).
 		Headers("Part", "Vendor", "Product", "Version", "Update", "Edition").
-		Row(cpe.Part, cpe.Vendor, cpe.Product, cpe.Version, cpe.Update, cpe.Edition).Width(80)
+		Row(cpe.Part, cpe.Vendor, cpe.Product, cpe.Version, cpe.Update, cpe.Edition).Width(TermWidth())
 	fmt.Println(t)
 	return nil
+}
 
+func PurlMeta(purl sdk.PurlMeta) error {
+	t := ltable.New().
+		Border(lipgloss.NormalBorder()).
+		BorderStyle(lipgloss.NewStyle().Foreground(lipgloss.Color("99"))).
+		Headers("Type", "Namespace", "Nme", "Version", "Qualifiers", "Subpath").
+		Row(purl.Type, purl.Namespace, purl.Name, purl.Version, strings.Join(purl.Qualifiers, ","), purl.Subpath).
+		Width(TermWidth())
+	fmt.Println(t)
+	return nil
 }