Sunsetting VendorVectors (#718)

2025-12-22 07:10:41 -08:00 · 2020-10-25 19:45:56 +08:00
parent 906ab5483e
commit e621cf2bc1
3 changed files with 294 additions and 79 deletions
--- a/pkg/vulnerability/vulnerability_test.go
+++ b/pkg/vulnerability/vulnerability_test.go
@@ -212,65 +212,6 @@ func TestClient_FillInfo(t *testing.T) {
 				},
 			},
 		},
-		{
-			name: "happy path, with only OS vulnerability, yes vendor severity, with both NVD and deprecated vendor vectors",
-			getVulnerability: []db.OperationGetVulnerabilityExpectation{
-				{
-					Args: db.OperationGetVulnerabilityArgs{
-						VulnerabilityID: "CVE-2019-0001",
-					},
-					Returns: db.OperationGetVulnerabilityReturns{
-						Vulnerability: dbTypes.Vulnerability{
-							Title:       "dos",
-							Description: "dos vulnerability",
-							Severity:    dbTypes.SeverityMedium.String(),
-							VendorSeverity: dbTypes.VendorSeverity{
-								vulnerability.RedHat: dbTypes.SeverityLow, // CentOS uses RedHat
-							},
-							VendorVectors: map[string]dbTypes.CVSSVector{
-								vulnerability.Nvd: {
-									V2: "(AV:N/AC:L/Au:N/C:P/I:P/A:P)",
-									V3: "CVSS:3.0/PR:N/UI:N/S:U/C:H/I:H/A:H",
-								},
-								vulnerability.RedHat: {
-									V2: "AV:N/AC:M/Au:N/C:N/I:P/A:N",
-									V3: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
-								},
-							},
-							References: []string{"http://example.com"},
-						},
-					},
-				},
-			},
-			args: args{
-				vulns: []types.DetectedVulnerability{
-					{VulnerabilityID: "CVE-2019-0001"},
-				},
-				reportType: vulnerability.CentOS,
-			},
-			expectedVulnerabilities: []types.DetectedVulnerability{
-				{
-					VulnerabilityID: "CVE-2019-0001",
-					Vulnerability: dbTypes.Vulnerability{
-						Title:       "dos",
-						Description: "dos vulnerability",
-						Severity:    dbTypes.SeverityLow.String(),
-						References:  []string{"http://example.com"},
-						VendorVectors: map[string]dbTypes.CVSSVector{
-							vulnerability.Nvd: {
-								V2: "(AV:N/AC:L/Au:N/C:P/I:P/A:P)",
-								V3: "CVSS:3.0/PR:N/UI:N/S:U/C:H/I:H/A:H",
-							},
-							vulnerability.RedHat: {
-								V2: "AV:N/AC:M/Au:N/C:N/I:P/A:N",
-								V3: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
-							},
-						},
-					},
-					SeveritySource: vulnerability.RedHat,
-				},
-			},
-		},
 		{
 			name: "happy path light db, with only OS vulnerability, yes vendor severity",
 			getVulnerability: []db.OperationGetVulnerabilityExpectation{