com.metaeffekt.artifact.analysis.diffmerge.VulnerabilityStatusDiff Maven / Gradle / Ivy
/*
* Copyright 2021-2024 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.metaeffekt.artifact.analysis.diffmerge;
import org.metaeffekt.core.inventory.processor.model.VulnerabilityMetaData;
import java.util.Arrays;
public enum VulnerabilityStatusDiff {
NO_CHANGE("no change"),
DOWN_RATED("downrated"),
UP_RATED("uprated"),
INTRODUCED("introduced"),
RE_INTRODUCED("reintroduced"),
INVALID("invalid"),
RESOLVED("resolved"),
@Deprecated
VOIDED("resolved"),
REMOVED("removed"),
REMOVED_EXPECTED_VOID("removed (expected void)"),
NEW("new");
public final String key;
VulnerabilityStatusDiff(String key) {
this.key = key;
}
public String getKey() {
return key;
}
public static VulnerabilityStatusDiff findByKey(String key) {
return Arrays.stream(VulnerabilityStatusDiff.values())
.filter(diff -> diff.key.equals(key))
.findFirst()
.orElse(INVALID);
}
/**
* col (before) -> row (after)
* | | applicable | not applicable | insignificant | void | null |
* |----------------|--------------|----------------|---------------|------------|-----------|
* | applicable | NO_CHANGE | down-rated | down-rated | void | invalid |
* | not applicable | uprated | NO_CHANGE | down-rated | void | invalid |
* | insignificant | uprated | uprated | NO_CHANGE | void | invalid |
* | void | reintroduced | reintroduced | reintroduced | NO_CHANGE | invalid |
* | null | introduced | introduced | introduced | introduced | NO_CHANGE |
*/
public final static VulnerabilityStatusDiff[][] STATUS_MAPPINGS = new VulnerabilityStatusDiff[][]{
{VulnerabilityStatusDiff.NO_CHANGE, VulnerabilityStatusDiff.DOWN_RATED, VulnerabilityStatusDiff.DOWN_RATED, VulnerabilityStatusDiff.RESOLVED, VulnerabilityStatusDiff.INVALID},
{VulnerabilityStatusDiff.UP_RATED, VulnerabilityStatusDiff.NO_CHANGE, VulnerabilityStatusDiff.DOWN_RATED, VulnerabilityStatusDiff.RESOLVED, VulnerabilityStatusDiff.INVALID},
{VulnerabilityStatusDiff.UP_RATED, VulnerabilityStatusDiff.UP_RATED, VulnerabilityStatusDiff.NO_CHANGE, VulnerabilityStatusDiff.RESOLVED, VulnerabilityStatusDiff.INVALID},
{VulnerabilityStatusDiff.RE_INTRODUCED, VulnerabilityStatusDiff.RE_INTRODUCED, VulnerabilityStatusDiff.RE_INTRODUCED, VulnerabilityStatusDiff.NO_CHANGE, VulnerabilityStatusDiff.INVALID},
{VulnerabilityStatusDiff.INTRODUCED, VulnerabilityStatusDiff.INTRODUCED, VulnerabilityStatusDiff.INTRODUCED, VulnerabilityStatusDiff.INTRODUCED, VulnerabilityStatusDiff.NO_CHANGE}
};
public static VulnerabilityStatusDiff deriveStatusChangeIdentifier(String before, String after) {
final int beforeIndex = deriveStatusIndex(before);
final int afterIndex = deriveStatusIndex(after);
if (beforeIndex == -1 || afterIndex == -1 || beforeIndex >= VulnerabilityStatusDiff.STATUS_MAPPINGS.length || afterIndex >= VulnerabilityStatusDiff.STATUS_MAPPINGS.length) {
return VulnerabilityStatusDiff.INVALID;
} else {
return VulnerabilityStatusDiff.STATUS_MAPPINGS[beforeIndex][afterIndex];
}
}
private static int deriveStatusIndex(String status) {
if (status == null) {
return 4;
}
switch (status) {
case VulnerabilityMetaData.STATUS_VALUE_APPLICABLE:
return 0;
case VulnerabilityMetaData.STATUS_VALUE_NOTAPPLICABLE:
return 1;
case VulnerabilityMetaData.STATUS_VALUE_INSIGNIFICANT:
return 2;
case VulnerabilityMetaData.STATUS_VALUE_VOID:
return 3;
default:
return 4;
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy