Skip to content

Commit

Permalink
fix: rework replaceOrAddVulnerability
Browse files Browse the repository at this point in the history
hopefully resolves #5809
  • Loading branch information
jeremylong committed Nov 21, 2024
1 parent cc7f0c5 commit f494398
Showing 1 changed file with 7 additions and 10 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -505,16 +505,13 @@ protected void processResults(final List<Advisory> advisories, Engine engine,
* @param vuln the vulnerability to add
*/
protected void replaceOrAddVulnerability(Dependency dependency, Vulnerability vuln) {
boolean found = false;
for (Vulnerability existing : dependency.getVulnerabilities()) {
for (Reference ref : existing.getReferences()) {
if (ref.getName() != null
&& vuln.getSource().toString().equals("NPM")
&& ref.getName().equals("https://nodesecurity.io/advisories/" + vuln.getName())) {
found = true;
}
}
}
boolean found = vuln.getSource() == Vulnerability.Source.NPM &&
dependency.getVulnerabilities().stream().anyMatch(existing -> {
return existing.getReferences().stream().anyMatch(ref ->{
return ref.getName() != null
&& ref.getName().equals("https://nodesecurity.io/advisories/" + vuln.getName());
});
});
if (!found) {
dependency.addVulnerability(vuln);
}
Expand Down

0 comments on commit f494398

Please sign in to comment.