Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit b252f38

Browse filesBrowse files
facutuescaruyadorno
facutuesca
authored and
ruyadorno
committed
tools: update undici CPE in vuln checking script
This changes the search method for `undici` on the NVD database. Before, since `undici` did not have a CPE assigned, the search was by keyword. Now that a CPE was assigned, it is used to query for new vulnerabilities. PR-URL: #44128 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
1 parent 960a209 commit b252f38
Copy full SHA for b252f38

File tree

Expand file treeCollapse file tree

1 file changed

+3
-1
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

1 file changed

+3
-1
lines changed
Open diff view settings
Collapse file

‎tools/dep_checker/dependencies.py‎

Copy file name to clipboardExpand all lines: tools/dep_checker/dependencies.py
+3-1Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,9 @@ def get_cpe(self) -> Optional[str]:
4747
version=vp.get_libuv_version(), cpe=CPE(vendor="libuv_project", product="libuv")
4848
),
4949
"undici": Dependency(
50-
version=vp.get_undici_version(), cpe=None, keyword="undici", npm_name="undici"
50+
version=vp.get_undici_version(),
51+
cpe=CPE(vendor="nodejs", product="undici"),
52+
npm_name="undici",
5153
),
5254
"OpenSSL": Dependency(
5355
version=vp.get_openssl_version(), cpe=CPE(vendor="openssl", product="openssl")

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.