fix: never filter out-of-support rhel entries (#270)

* fix: never filter out-of-support rhel entries Signed-off-by: Weston Steimel <[email protected]> * chore: bump labels Signed-off-by: Weston Steimel <[email protected]> --------- Signed-off-by: Weston Steimel <[email protected]>
anchore · Aug 29, 2023 · 8ad34e1 · 8ad34e1
1 parent dd2b4aa
commit 8ad34e1
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 225 deletions.
diff --git a/src/vunnel/providers/rhel/parser.py b/src/vunnel/providers/rhel/parser.py
@@ -636,36 +636,7 @@ def _parse_package_state(self, cve_id: str, fixed: list[FixedIn], content) -> li
             except:
                 self.logger.exception(f"error parsing {cve_id} package state entity: {item}")
 
-        merged_fixed_ins = Parser._merge_out_of_support_affected(fixed, affected, out_of_support)
-        return merged_fixed_ins
-
-    @staticmethod
-    def _merge_out_of_support_affected(
-        fixed: list[FixedIn], affected: list[FixedIn], out_of_support: list[FixedIn]
-    ) -> list[FixedIn]:
-        if not out_of_support:
-            return affected
-
-        if affected or fixed:
-            merged = copy.deepcopy(affected)
-
-            for oos in out_of_support:
-                for r in affected + fixed:
-                    # A newer release is impacted, so assume out-of-support version is as well
-                    try:
-                        if oos.package == r.package and int(oos.platform) < int(r.platform):
-                            merged.append(oos)
-                            break
-                    except ValueError:
-                        # Be conservative if we cannot tell if it is <
-                        merged.append(oos)
-                        break
-            return merged
-
-        for oos in out_of_support:
-            affected.append(oos)
-
-        return affected
+        return affected + out_of_support
 
     def _parse_cve(self, cve_id, content):
         # logger.debug('Parsing {}'.format(cve_id))

diff --git a/tests/quality/vulnerability-match-labels b/tests/quality/vulnerability-match-labels
diff --git a/tests/unit/providers/rhel/test_rhel.py b/tests/unit/providers/rhel/test_rhel.py
@@ -511,200 +511,6 @@ def test_get_name_version(self, package, name, version):
         assert Parser._get_name_version(package) == (name, version)
 
 
-@pytest.mark.parametrize(
-    "fixed, affected, out_of_support, expected",
-    [
-        (
-            [],
-            [
-                FixedIn(
-                    module=None,
-                    platform="6",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                )
-            ],
-            [
-                FixedIn(
-                    module=None,
-                    platform="5",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                )
-            ],
-            [
-                FixedIn(
-                    module=None,
-                    platform="6",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                ),
-                FixedIn(
-                    module=None,
-                    platform="5",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                ),
-            ],
-        ),
-        (
-            [],
-            [
-                FixedIn(
-                    module=None,
-                    platform="5",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                )
-            ],
-            [
-                FixedIn(
-                    module=None,
-                    platform="6",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                )
-            ],
-            [
-                FixedIn(
-                    module=None,
-                    platform="5",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                ),
-            ],
-        ),
-        (
-            [],
-            [
-                FixedIn(
-                    module=None,
-                    platform="7",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                )
-            ],
-            [],
-            [
-                FixedIn(
-                    module=None,
-                    platform="7",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                ),
-            ],
-        ),
-        (
-            [],
-            [],
-            [
-                FixedIn(
-                    module=None,
-                    platform="7",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                )
-            ],
-            [
-                FixedIn(
-                    module=None,
-                    platform="7",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                )
-            ],
-        ),
-        (
-            [],
-            [
-                FixedIn(
-                    module=None,
-                    platform="8",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                )
-            ],
-            [
-                FixedIn(
-                    module=None,
-                    platform="7",
-                    package="foobar2",
-                    advisory=None,
-                    version=None,
-                )
-            ],
-            [
-                FixedIn(
-                    module=None,
-                    platform="8",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                ),
-            ],
-        ),
-        (
-            [
-                FixedIn(
-                    module=None,
-                    platform="8",
-                    package="foobar",
-                    advisory=None,
-                    version="1.2.3.4",
-                )
-            ],
-            [],
-            [
-                FixedIn(
-                    module=None,
-                    platform="6",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                ),
-                FixedIn(
-                    module=None,
-                    platform="7",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                ),
-            ],
-            [
-                FixedIn(
-                    module=None,
-                    platform="6",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                ),
-                FixedIn(
-                    module=None,
-                    platform="7",
-                    package="foobar",
-                    advisory=None,
-                    version=None,
-                ),
-            ],
-        ),
-    ],
-)
-def test_out_of_support(fixed, affected, out_of_support, expected):
-    assert Parser._merge_out_of_support_affected(fixed, affected, out_of_support) == expected
-
-
 @pytest.fixture
 def disable_get_requests(monkeypatch):
     def disabled(*args, **kwargs):