feat: append additional references to NVD override record

Signed-off-by: Weston Steimel <[email protected]>
anchore · Nov 4, 2024 · 4462e3f · 4462e3f
1 parent cb83f06
commit 4462e3f
Show file tree

Hide file tree

Showing 2 changed files with 59 additions and 8 deletions.
diff --git a/schema/overrides.schema.json b/schema/overrides.schema.json
@@ -4,10 +4,17 @@
   "type": "object",
   "additionalProperties": false,
   "properties": {
-    "_annotation": {"$ref": "#/$defs/annotation_record"},
-    "cve": {"$ref": "#/$defs/nvd_cve_record"}
+    "_annotation": {
+      "$ref": "#/$defs/annotation_record"
+    },
+    "cve": {
+      "$ref": "#/$defs/nvd_cve_record"
+    }
   },
-  "required": ["_annotation", "cve"],
+  "required": [
+    "_annotation",
+    "cve"
+  ],
   "$defs": {
     "annotation_record": {
       "type": "object",
@@ -18,11 +25,14 @@
         "reason": {
           "type": "string"
         },
-	"generated_from": {
-	  "type": "string"
-	}
+        "generated_from": {
+          "type": "string"
+        }
       },
-      "required": ["reason", "cve_id"],
+      "required": [
+        "reason",
+        "cve_id"
+      ],
       "additionalProperties": true
     },
     "nvd_cve_record": {
@@ -34,9 +44,37 @@
           "items": {
             "$ref": "#/$defs/nvd_cpe_configuration"
           }
+        },
+        "references": {
+          "type": "array",
+          "items": {
+            "$ref": "#/$defs/nvd_reference"
+          }
         }
       }
     },
+    "nvd_reference": {
+      "type": "object",
+      "properties": {
+        "url": {
+          "maxLength": 500,
+          "type": "string",
+          "pattern": "^(ftp|http)s?://\\S+$"
+        },
+        "source": {
+          "type": "string"
+        },
+        "tags": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        }
+      },
+      "required": [
+        "url"
+      ]
+    },
     "nvd_cpe_configuration": {
       "type": "object",
       "required": [
@@ -122,4 +160,4 @@
       }
     }
   }
-}
+}
diff --git a/scripts/generate.py b/scripts/generate.py
@@ -211,6 +211,19 @@ def generate():
 
                 override["cve"]["configurations"].append(configuration)
 
+        references = enriched["adp"].get("references")
+        if references:
+            refs = []
+
+            for r in references:
+                refs.append({
+                    "url": r["url"],
+                    "source": "anchoreadp",
+                })
+
+            if refs:
+                override["cve"]["references"] = refs
+
         override_path = f"data/{year}"
 
         if not os.path.exists(override_path):