Initialize module and dependencies
This commit is contained in:
dwrz
36
vendor/golang.org/x/vuln/internal/semver/fixed.go
generated
vendored
Normal file
36
vendor/golang.org/x/vuln/internal/semver/fixed.go
generated
vendored
Normal file
@@ -0,0 +1,36 @@
|
||||
// Copyright 2023 The Go Authors. All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package semver
|
||||
|
||||
import "golang.org/x/vuln/internal/osv"
|
||||
|
||||
// NonSupersededFix returns a fixed version from ranges
|
||||
// that is not superseded by any other fix or any other
|
||||
// introduction of a vulnerability. Returns "" in case
|
||||
// there is no such fixed version.
|
||||
func NonSupersededFix(ranges []osv.Range) string {
|
||||
var latestFixed string
|
||||
for _, r := range ranges {
|
||||
if r.Type == "SEMVER" {
|
||||
for _, e := range r.Events {
|
||||
fixed := e.Fixed
|
||||
if fixed != "" && Less(latestFixed, fixed) {
|
||||
latestFixed = fixed
|
||||
}
|
||||
}
|
||||
|
||||
// If the vulnerability was re-introduced after the latest fix
|
||||
// we found, there is no latest fix for this range.
|
||||
for _, e := range r.Events {
|
||||
introduced := e.Introduced
|
||||
if introduced != "" && introduced != "0" && Less(latestFixed, introduced) {
|
||||
latestFixed = ""
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return latestFixed
|
||||
}
|
||||
Reference in New Issue
Block a user