cve_schema 0.1.0

data/lib/cve_schema/cve/affects.rb

@@ -0,0 +1,55 @@
+require 'cve_schema/cve/vendor'
+
+module CVESchema
+  class CVE
+    #
+    # Represents the `"affects"` JSON object.
+    #
+    class Affects
+
+      # @return [Array<Vendor>]
+      attr_reader :vendor
+
+      alias vendors vendor
+
+      #
+      # Initializes the affects container.
+      #
+      # @param [Array<Vendor>] vendor
+      #
+      def initialize(vendor)
+        @vendor = vendor
+      end
+
+      #
+      # Maps the parsed JSON to an Array of {Vendor} objects for {#initialize}.
+      #
+      # @param [Hash{String => Object}] json
+      #   The parsed JSON.
+      #
+      # @return [Array<Vendor>]
+      #
+      # @api semipublic
+      #
+      def self.from_json(json)
+        json['vendor']['vendor_data'].map(&Vendor.method(:load))
+      end
+
+      #
+      # Loads the affects object from parsed JSON.
+      #
+      # @param [Hash{String => Object}] json
+      #   The parsed JSON.
+      #
+      # @return [Affects]
+      #   The loaded affects object.
+      #
+      # @api semipublic
+      #
+      def self.load(json)
+        new(from_json(json))
+      end
+
+    end
+  end
+end

data/lib/cve_schema/cve/configuration.rb

@@ -0,0 +1,14 @@
+require 'cve_schema/cve/has_lang_value'
+
+module CVESchema
+  class CVE
+    #
+    # Represents a configuration within the `"configuration"` JSON Array.
+    #
+    class Configuration
+
+      include HasLangValue
+
+    end
+  end
+end

data/lib/cve_schema/cve/credit.rb

@@ -0,0 +1,14 @@
+require 'cve_schema/cve/has_lang_value'
+
+module CVESchema
+  class CVE
+    #
+    # Represents a credit within the `"credit"` JSON Array.
+    #
+    class Credit
+
+      include HasLangValue
+
+    end
+  end
+end

data/lib/cve_schema/cve/data_meta.rb

@@ -0,0 +1,185 @@
+# frozen_string_literal: true
+
+require 'cve_schema/exceptions'
+require 'cve_schema/cve/id'
+require 'cve_schema/cve/timestamp'
+
+module CVESchema
+  class CVE
+    #
+    # Represents the `"CVE_data_meta"` JSON object.
+    #
+    class DataMeta
+
+      # The CVE ID.
+      #
+      # @return [ID]
+      attr_reader :id
+
+      # The assigner's email address.
+      #
+      # @return [String]
+      attr_reader :assigner
+
+      # Date last updated.
+      #
+      # @return [DateTime, nil]
+      attr_reader :updated
+
+      # @return [Integer, nil]
+      attr_reader :serial
+
+      # Date requested.
+      #
+      # @return [DateTime, nil]
+      attr_reader :date_requested
+
+      # Date assigned.
+      #
+      # @return [DateTime, nil]
+      attr_reader :date_assigned
+
+      # Date published publically.
+      #
+      # @return [DateTime, nil]
+      attr_reader :date_public
+
+      # Requester email address.
+      #
+      # @return [String, nil]
+      attr_reader :requester
+
+      # List of IDs that replaced the CVE.
+      #
+      # @return [Array<ID>, nil]
+      attr_reader :replaced_by
+
+      STATES = {
+        'PUBLIC'      => :PUBLIC,
+        'RESERVED'    => :RESERVED,
+        'REPLACED_BY' => :REPLACED_BY,
+        'SPLIT_FROM'  => :SPLIT_FROM,
+        'MERGED_TO'   => :MERGED_TO,
+        'REJECT'      => :REJECT
+      }
+
+      # @return [:PUBLIC, :RESERVED, :REPLACED_BY, :SPLIT_FROM, :MERGED_TO, nil]
+      attr_reader :state
+
+      # @return [String, nil]
+      attr_reader :title
+
+      #
+      # Initializes the data-meta object.
+      #
+      # @param [ID] id
+      #
+      # @param [String] assigner
+      #
+      # @param [DateTime, nil] updated
+      #
+      # @param [Integer, nil] serial
+      #
+      # @param [DateTime, nil] date_requested
+      #
+      # @param [DateTime, nil] date_assigned
+      #
+      # @param [DateTime, nil] date_public
+      #
+      # @param [String, nil] requester
+      #
+      # @param [Array<ID>, nil] replaced_by
+      #
+      # @param [:PUBLIC, :RESERVED, :REPLACED_BY, :SPLIT_FROM, :MERGED_TO, nil] state
+      #
+      # @param [String, nil] title
+      def initialize(id: , assigner: , updated: nil,
+                                       serial: nil,
+                                       date_requested: nil,
+                                       date_assigned: nil,
+                                       date_public: nil,
+                                       requester: nil,
+                                       replaced_by: nil,
+                                       state: nil,
+                                       title: nil)
+        @id       = id
+        @assigner = assigner
+
+        @updated        = updated
+        @serial         = serial
+        @date_requested = date_requested
+        @date_assigned  = date_assigned
+        @date_public    = date_public
+        @requester      = requester
+        @replaced_by    = replaced_by
+        @state          = state
+        @title          = title
+      end
+
+      #
+      # Maps the parsed JSON to a Symbol Hash for {#initialize}.
+      #
+      # @param [Hash{String => Object}] json
+      #   The parsed JSON.
+      #
+      # @return [Hash{Symbol => Object}]
+      #   The Symbol Hash.
+      #
+      # @raise [MissingJSONKey]
+      #   The `"ID"` or `"ASSIGNER"` JSON keys were missing.
+      #
+      # @raise [UnknownJSONValue]
+      #   The `"STATE"` JSON value was unknown.
+      #
+      # @api semipublic
+      #
+      def self.from_json(json)
+        {
+          id: if (id = json['ID'])
+                ID.parse(id)
+              else
+                raise MissingJSONKey.new('ID')
+              end,
+
+          assigner: json['ASSIGNER'] || raise(MissingJSONKey.new('ASSIGNER')),
+
+          updated: json['UPDATED'] && Timestamp.parse(json['UPDATED']),
+          serial:  json['SERIAL'],
+          date_requested: json['DATE_REQUESTED'] && Timestamp.parse(json['DATE_REQUESTED']),
+          date_assigned: json['DATE_ASSIGNED'] && Timestamp.parse(json['DATE_ASSIGNED']),
+          date_public: json['DATE_PUBLIC'] && Timestamp.parse(json['DATE_PUBLIC']),
+          requester: json['REQUESTER'],
+          replaced_by: json['REPLACED_BY'] && json['REPLACED_BY'].split(/,\s*/).map { |id| ID.parse(id) },
+          state: if json['STATE']
+                   STATES.fetch(json['STATE']) do
+                     raise UnknownJSONValue.new('STATE',json['STATE'])
+                   end
+                 end,
+          title: json['TITLE']
+        }
+      end
+
+      #
+      # Loads the data-meta object from the parsed JSON.
+      #
+      # @param [Hash{String => Object}] json
+      #   The parsed JSON.
+      #
+      # @return [self]
+      #   The loaded data-meta object.
+      #
+      # @raise [MissingJSONKey]
+      #   The `"ID"` or `"ASSIGNER"` JSON keys were missing.
+      #
+      # @raise [UnknownJSONValue]
+      #   The `"STATE"` JSON value was unknown.
+      #
+      # @api semipublic
+      #
+      def self.load(json)
+        new(**from_json(json))
+      end
+
+    end
+  end
+end

data/lib/cve_schema/cve/description.rb

@@ -0,0 +1,24 @@
+require 'cve_schema/cve/has_lang_value'
+require 'cve_schema/cve/na'
+
+module CVESchema
+  class CVE
+    #
+    # Represents a description JSON object.
+    #
+    class Description
+
+      include HasLangValue
+
+      #
+      # Determines if the {#value} is `n/a`.
+      #
+      # @return [Boolean]
+      #
+      def na?
+        @value == NA
+      end
+
+    end
+  end
+end

data/lib/cve_schema/cve/exploit.rb

@@ -0,0 +1,14 @@
+require 'cve_schema/cve/has_lang_value'
+
+module CVESchema
+  class CVE
+    #
+    # Represents an exploit JSON object within the `"exploits"` JSON Array.
+    #
+    class Exploit
+
+      include HasLangValue
+
+    end
+  end
+end

data/lib/cve_schema/cve/has_lang_value.rb

@@ -0,0 +1,93 @@
+# frozen_string_literal: true
+
+module CVESchema
+  class CVE
+    #
+    # Mixins for JSON objects containing `"lang"` and `"value"` keys.
+    #
+    module HasLangValue
+
+      #
+      # Adds {ClassMethods} to the class.
+      #
+      # @param [Class] base
+      #   The class including {HasLangValue}.
+      #
+      def self.included(base)
+        base.extend ClassMethods
+      end
+
+      #
+      # Class methods.
+      #
+      module ClassMethods
+        LANG = {
+          'eng' => :eng, # English
+          'es'  => :es, # Spanish
+        }
+
+        #
+        # Maps the parsed JSON to a Symbol Hash for {#initialize}.
+        #
+        # @param [Hash{String => Object}] json
+        #   The parsed JSON.
+        #
+        # @return [Hash{Symbol => Object}]
+        #   The mapped Symbol Hash.
+        #
+        def from_json(json)
+          {
+            lang:  LANG.fetch(json['lang'],json['lang']),
+            value: json['value']
+          }
+        end
+
+        #
+        # Loads the objects from the parsed JSON.
+        #
+        # @param [Hash{String => Object}] json
+        #   The parsed JSON.
+        #
+        # @return [HasLangValue]
+        #   The loaded object.
+        #
+        def load(json)
+          new(**from_json(json))
+        end
+      end
+
+      # Language identifier for {#value}.
+      #
+      # @return [:en, :es, String]
+      attr_reader :lang
+
+      # Text value.
+      #
+      # @return [String]
+      attr_reader :value
+
+      #
+      # Initializes {#lang} and {#value}.
+      #
+      # @param [:en, :es, String] lang
+      #
+      # @param [String] value
+      #
+      def initialize(lang: , value: )
+        @lang  = lang
+        @value = value
+      end
+
+      #
+      # Converts the object to a String.
+      #
+      # @return [String]
+      #   Returns the {#value}.
+      #
+      def to_s
+        @value
+      end
+
+    end
+  end
+end

data/lib/cve_schema/cve/id.rb

@@ -0,0 +1,79 @@
+module CVESchema
+  class CVE
+    #
+    # Represents a CVE ID (ex: `CVE-2021-1234`).
+    #
+    class ID
+
+      # The year the CVE ID was assigned.
+      #
+      # @return [String]
+      attr_reader :year
+
+      # The CVE number.
+      #
+      # @return [String]
+      attr_reader :number
+
+      #
+      # Initializes the CVE ID.
+      #
+      # @param [String] year
+      #   The year the CVE ID was assigned.
+      #
+      # @param [String] number
+      #   The CVE number.
+      #
+      def initialize(year,number)
+        @year   = year
+        @number = number
+      end
+
+      #
+      # Parses the CVE ID.
+      #
+      # @param [String] id
+      #   The CVE ID string.
+      #
+      # @raise [ArgumentError]
+      #   The given ID was not a valid CVE.
+      #
+      def self.parse(id)
+        cve, year, number = id.split('-',3)
+
+        unless cve == 'CVE'
+          raise(ArgumentError,"invalid CVE #{id.inspect}")
+        end
+
+        new(year,number)
+      end
+
+      #
+      # Compares the ID with another ID.
+      #
+      # @param [ID] other
+      #   The other ID.
+      #
+      # @return [Boolean]
+      #   Identicates whether the IDs match.
+      #
+      def ==(other)
+        self.class == other.class && (
+          @year   == other.year && 
+          @number == other.number
+        )
+      end
+
+      #
+      # Converts the CVE ID back into a String.
+      #
+      # @return [String]
+      #   The full CVE ID (ex: `CVE-2021-1234`).
+      #
+      def to_s
+        "CVE-#{@year}-#{@number}"
+      end
+
+    end
+  end
+end