refactor(evaluated-model): Remove the EvaluatedVulnerabilityReference

This can be replaced now with plain `VulnerabilityReference`s. Signed-off-by: Sebastian Schuberth <[email protected]>
oss-review-toolkit · Oct 30, 2023 · 2d3bdce · 2d3bdce
1 parent 002a57a
commit 2d3bdce
Show file tree

Hide file tree

Showing 7 changed files with 12 additions and 45 deletions.
diff --git a/...ed-model/src/funTest/assets/evaluated-model-reporter-test-deduplicate-expected-output.yml b/...ed-model/src/funTest/assets/evaluated-model-reporter-test-deduplicate-expected-output.yml
@@ -872,7 +872,7 @@ vulnerabilities:
   - url: "https://registry.vulnerability-url/"
     scoring_system: "SCORING_SYSTEM_NAME"
     severity: "ERROR"
-    severity_mapped: "UNKNOWN"
+    severity_rating: "UNKNOWN"
   resolutions: []
 statistics:
   repository_configuration:

diff --git a/...ers/evaluated-model/src/funTest/assets/evaluated-model-reporter-test-expected-output.json b/...ers/evaluated-model/src/funTest/assets/evaluated-model-reporter-test-expected-output.json
@@ -960,7 +960,7 @@
       "url" : "https://registry.vulnerability-url/",
       "scoring_system" : "SCORING_SYSTEM_NAME",
       "severity" : "ERROR",
-      "severity_mapped" : "UNKNOWN"
+      "severity_rating" : "UNKNOWN"
     } ],
     "resolutions" : [ ]
   } ],

diff --git a/...ters/evaluated-model/src/funTest/assets/evaluated-model-reporter-test-expected-output.yml b/...ters/evaluated-model/src/funTest/assets/evaluated-model-reporter-test-expected-output.yml
@@ -876,7 +876,7 @@ vulnerabilities:
   - url: "https://registry.vulnerability-url/"
     scoring_system: "SCORING_SYSTEM_NAME"
     severity: "ERROR"
-    severity_mapped: "UNKNOWN"
+    severity_rating: "UNKNOWN"
   resolutions: []
 statistics:
   repository_configuration:

diff --git a/plugins/reporters/evaluated-model/src/main/kotlin/EvaluatedModelMapper.kt b/plugins/reporters/evaluated-model/src/main/kotlin/EvaluatedModelMapper.kt
@@ -45,7 +45,6 @@ import org.ossreviewtoolkit.model.utils.FindingCurationMatcher
 import org.ossreviewtoolkit.model.utils.FindingsMatcher
 import org.ossreviewtoolkit.model.utils.RootLicenseMatcher
 import org.ossreviewtoolkit.model.vulnerabilities.Vulnerability
-import org.ossreviewtoolkit.model.vulnerabilities.VulnerabilityReference
 import org.ossreviewtoolkit.reporter.ReporterInput
 import org.ossreviewtoolkit.reporter.StatisticsCalculator.getStatistics
 import org.ossreviewtoolkit.utils.ort.ProcessedDeclaredLicense
@@ -396,16 +395,12 @@ internal class EvaluatedModelMapper(private val input: ReporterInput) {
     private fun addVulnerability(pkg: EvaluatedPackage, vulnerability: Vulnerability) {
         val resolutions = addResolutions(vulnerability)
 
-        val evaluatedReferences = vulnerability.references.map {
-            EvaluatedVulnerabilityReference(it.url, it.scoringSystem, it.severity, it.severityRating)
-        }
-
         vulnerabilities += EvaluatedVulnerability(
             pkg = pkg,
             id = vulnerability.id,
             summary = vulnerability.summary,
             description = vulnerability.description,
-            references = evaluatedReferences,
+            references = vulnerability.references,
             resolutions = resolutions
         )
     }

diff --git a/plugins/reporters/evaluated-model/src/main/kotlin/EvaluatedVulnerability.kt b/plugins/reporters/evaluated-model/src/main/kotlin/EvaluatedVulnerability.kt
@@ -23,6 +23,7 @@ import com.fasterxml.jackson.annotation.JsonInclude
 import com.fasterxml.jackson.annotation.JsonInclude.Include
 
 import org.ossreviewtoolkit.model.config.VulnerabilityResolution
+import org.ossreviewtoolkit.model.vulnerabilities.VulnerabilityReference
 
 data class EvaluatedVulnerability(
     val id: String,
@@ -31,6 +32,6 @@ data class EvaluatedVulnerability(
     val summary: String?,
     @JsonInclude(Include.NON_NULL)
     val description: String?,
-    val references: List<EvaluatedVulnerabilityReference>,
+    val references: List<VulnerabilityReference>,
     val resolutions: List<VulnerabilityResolution>
 )
diff --git a/plugins/reporters/evaluated-model/src/main/kotlin/EvaluatedVulnerabilityReference.kt b/plugins/reporters/evaluated-model/src/main/kotlin/EvaluatedVulnerabilityReference.kt
diff --git a/plugins/reporters/web-app-template/src/models/VulnerabilityReference.js b/plugins/reporters/web-app-template/src/models/VulnerabilityReference.js
@@ -24,7 +24,7 @@ class VulnerabilityReference {
 
     #severityIndex;
 
-    #severityMapped;
+    #severityRating;
 
     #url;
 
@@ -38,10 +38,10 @@ class VulnerabilityReference {
                 this.#severity = obj.severity;
             }
 
-            if (obj.severity_mapped !== null || obj.severityMapped !== null) {
-                this.#severityMapped = obj.severity_mapped || obj.severityMapped;
+            if (obj.severity_rating !== null || obj.severityRating !== null) {
+                this.#severityRating = obj.severity_rating || obj.severityRating;
 
-                switch (this.#severityMapped) {
+                switch (this.#severityRating) {
                     case 'CRITICAL':
                         this.#severityIndex = 0;
                         break;
@@ -77,8 +77,8 @@ class VulnerabilityReference {
         return this.#severityIndex;
     }
 
-    get severityMapped() {
-        return this.#severityMapped;
+    get severityRating() {
+        return this.#severityRating;
     }
 
     get url() {