up

2025-10-12 20:37:18 +03:00
parent 016c5a3fe7
commit d3a98326d1
306 changed files with 21409 additions and 4449 deletions
--- a/src/StellaOps.Feedser.Source.Osv.Tests/Fixtures/conflict-osv.canonical.json
+++ b/src/StellaOps.Feedser.Source.Osv.Tests/Fixtures/conflict-osv.canonical.json
@@ -0,0 +1,174 @@
+{
+  "advisoryKey": "OSV-2025-4242",
+  "affectedPackages": [
+    {
+      "type": "semver",
+      "identifier": "npm:conflict/package",
+      "platform": "npm",
+      "versionRanges": [
+        {
+          "fixedVersion": "1.5.0",
+          "introducedVersion": "1.0.0",
+          "lastAffectedVersion": "1.4.2",
+          "primitives": {
+            "evr": null,
+            "hasVendorExtensions": false,
+            "nevra": null,
+            "semVer": {
+              "constraintExpression": null,
+              "exactValue": null,
+              "fixed": "1.5.0",
+              "fixedInclusive": false,
+              "introduced": "1.0.0",
+              "introducedInclusive": true,
+              "lastAffected": "1.4.2",
+              "lastAffectedInclusive": true,
+              "style": "range"
+            },
+            "vendorExtensions": null
+          },
+          "provenance": {
+            "source": "osv",
+            "kind": "range",
+            "value": "npm:conflict/package",
+            "decisionReason": null,
+            "recordedAt": "2025-03-06T12:05:00+00:00",
+            "fieldMask": [
+              "affectedpackages[].versionranges[]"
+            ]
+          },
+          "rangeExpression": null,
+          "rangeKind": "semver"
+        }
+      ],
+      "normalizedVersions": [
+        {
+          "scheme": "semver",
+          "type": "range",
+          "min": "1.0.0",
+          "minInclusive": true,
+          "max": "1.5.0",
+          "maxInclusive": false,
+          "value": null,
+          "notes": "osv:npm:OSV-2025-4242:npm:conflict/package"
+        }
+      ],
+      "statuses": [],
+      "provenance": [
+        {
+          "source": "osv",
+          "kind": "affected",
+          "value": "npm:conflict/package",
+          "decisionReason": null,
+          "recordedAt": "2025-03-06T12:05:00+00:00",
+          "fieldMask": [
+            "affectedpackages[]"
+          ]
+        }
+      ]
+    }
+  ],
+  "aliases": [
+    "CVE-2025-4242",
+    "GHSA-qqqq-wwww-eeee",
+    "OSV-2025-4242"
+  ],
+  "credits": [
+    {
+      "displayName": "osv-reporter",
+      "role": "reporter",
+      "contacts": [
+        "mailto:osv-reporter@example.com"
+      ],
+      "provenance": {
+        "source": "osv",
+        "kind": "credit",
+        "value": "osv-reporter",
+        "decisionReason": null,
+        "recordedAt": "2025-03-06T12:05:00+00:00",
+        "fieldMask": [
+          "credits[]"
+        ]
+      }
+    }
+  ],
+  "cvssMetrics": [
+    {
+      "baseScore": 4.6,
+      "baseSeverity": "medium",
+      "provenance": {
+        "source": "osv",
+        "kind": "cvss",
+        "value": "CVSS_V3",
+        "decisionReason": null,
+        "recordedAt": "2025-03-06T12:05:00+00:00",
+        "fieldMask": []
+      },
+      "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
+      "version": "3.1"
+    }
+  ],
+  "exploitKnown": false,
+  "language": "en",
+  "modified": "2025-03-06T12:00:00+00:00",
+  "provenance": [
+    {
+      "source": "osv",
+      "kind": "document",
+      "value": "https://api.osv.dev/v1/vulns/OSV-2025-4242",
+      "decisionReason": null,
+      "recordedAt": "2025-03-06T11:30:00+00:00",
+      "fieldMask": [
+        "advisory"
+      ]
+    },
+    {
+      "source": "osv",
+      "kind": "mapping",
+      "value": "OSV-2025-4242",
+      "decisionReason": null,
+      "recordedAt": "2025-03-06T12:05:00+00:00",
+      "fieldMask": [
+        "advisory"
+      ]
+    }
+  ],
+  "published": "2025-02-28T00:00:00+00:00",
+  "references": [
+    {
+      "kind": "patch",
+      "provenance": {
+        "source": "osv",
+        "kind": "reference",
+        "value": "https://github.com/conflict/package/commit/abcdef1234567890",
+        "decisionReason": null,
+        "recordedAt": "2025-03-06T12:05:00+00:00",
+        "fieldMask": [
+          "references[]"
+        ]
+      },
+      "sourceTag": "FIX",
+      "summary": null,
+      "url": "https://github.com/conflict/package/commit/abcdef1234567890"
+    },
+    {
+      "kind": "advisory",
+      "provenance": {
+        "source": "osv",
+        "kind": "reference",
+        "value": "https://osv.dev/vulnerability/OSV-2025-4242",
+        "decisionReason": null,
+        "recordedAt": "2025-03-06T12:05:00+00:00",
+        "fieldMask": [
+          "references[]"
+        ]
+      },
+      "sourceTag": "ADVISORY",
+      "summary": null,
+      "url": "https://osv.dev/vulnerability/OSV-2025-4242"
+    }
+  ],
+  "severity": "medium",
+  "summary": "OSV captures the latest container escape details including patched version metadata.",
+  "title": "Container escape for conflict-package"
+}