types: Introduce CVSSScore as a struct to keep backwards compat.

Signed-off-by: Simarpreet Singh <[email protected]>
aquasecurity · Jun 1, 2020 · 9199281 · 9199281
1 parent 68f7321
commit 9199281
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 14 deletions.
diff --git a/pkg/types/types.go b/pkg/types/types.go
@@ -12,11 +12,16 @@ type Severity int
 type VendorSeverity map[string]Severity
 
 type CVSSVector struct {
-	V2      string  `json:"v2,omitempty"`
-	V2Score float64 `json:"v2_score,omitempty"`
-	V3      string  `json:"v3,omitempty"`
-	V3Score float64 `json:"v3_score,omitempty"`
+	V2     string `json:"v2,omitempty"`
+	V3     string `json:"v3,omitempty"`
+	Scores CVSSScore
 }
+
+type CVSSScore struct {
+	V2 float64 `json:"v2,omitempty"`
+	V3 float64 `json:"v3,omitempty"`
+}
+
 type VendorVectors map[string]CVSSVector
 
 const (

diff --git a/pkg/vulnsrc/vulnerability/vulnerability.go b/pkg/vulnsrc/vulnerability/vulnerability.go
@@ -40,10 +40,12 @@ func getVendorVectors(details map[string]types.VulnerabilityDetail) types.Vendor
 			continue
 		}
 		vv[vendor] = types.CVSSVector{
-			V2:      detail.CvssVector,
-			V2Score: detail.CvssScore,
-			V3:      detail.CvssVectorV3,
-			V3Score: detail.CvssScoreV3,
+			V2: detail.CvssVector,
+			V3: detail.CvssVectorV3,
+			Scores: types.CVSSScore{
+				V2: detail.CvssScore,
+				V3: detail.CvssScoreV3,
+			},
 		}
 	}
 	return vv

diff --git a/pkg/vulnsrc/vulnerability/vulnerability_test.go b/pkg/vulnsrc/vulnerability/vulnerability_test.go
@@ -62,14 +62,18 @@ func TestGetDetail(t *testing.T) {
 			expectedVendorSeverity: types.VendorSeverity{"redhat": 4, "ubuntu": 1, "rust-advisory-db": 4},
 			expectedVendorVectors: types.VendorVectors{
 				RedHat: types.CVSSVector{
-					V2:      "AV:N/AC:M/Au:N/C:N/I:P/A:N",
-					V2Score: 4.2,
-					V3:      "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
-					V3Score: 5.6,
+					V2: "AV:N/AC:M/Au:N/C:N/I:P/A:N",
+					V3: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+					Scores: types.CVSSScore{
+						V2: 4.2,
+						V3: 5.6,
+					},
 				},
 				Ubuntu: types.CVSSVector{
-					V3:      "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
-					V3Score: 3.4,
+					V3: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+					Scores: types.CVSSScore{
+						V3: 3.4,
+					},
 				},
 			},
 			expectedTitle:       "test vulnerability",