Allow retrieval of suggested patch version in patchLocatorFormatter…

… interface (#2127) Allow access to patch locators suggested version
mindersec · Jan 16, 2024 · 0c876ce · 0c876ce
1 parent aa6a217
commit 0c876ce
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/internal/engine/eval/vulncheck/pkgdb.go b/internal/engine/eval/vulncheck/pkgdb.go
@@ -52,6 +52,7 @@ type patchLocatorFormatter interface {
 	LineHasDependency(line string) bool
 	IndentedString(indent int, oldDepLine string, oldDep *pb.Dependency) string
 	HasPatchedVersion() bool
+	GetPatchedVersion() string
 }
 
 // RepoQuerier is the interface for querying a repository
@@ -123,6 +124,10 @@ func (pj *packageJson) HasPatchedVersion() bool {
 	return pj.Version != ""
 }
 
+func (pj *packageJson) GetPatchedVersion() string {
+	return pj.Version
+}
+
 // check that pypi repository implements RepoQuerier
 var _ RepoQuerier = (*pypiRepository)(nil)
 
@@ -165,6 +170,11 @@ func (p *PyPiReply) HasPatchedVersion() bool {
 	return p.Info.Version != ""
 }
 
+// GetPatchedVersion returns the suggested patch version for a vulnerable package
+func (p *PyPiReply) GetPatchedVersion() string {
+	return p.Info.Version
+}
+
 func (p *pypiRepository) SendRecvRequest(ctx context.Context, dep *pb.Dependency, patched string, latest bool,
 ) (patchLocatorFormatter, error) {
 	req, err := p.newRequest(ctx, dep, patched, latest)
@@ -325,6 +335,10 @@ func (gmp *goModPackage) HasPatchedVersion() bool {
 	return gmp.Version != ""
 }
 
+func (gmp *goModPackage) GetPatchedVersion() string {
+	return gmp.Version
+}
+
 type goProxyRepository struct {
 	proxyClient   *http.Client
 	sumClient     *http.Client