updater/driver: add the ability to signal "removal" in an update #1179
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1179 +/- ##
==========================================
- Coverage 55.86% 55.82% -0.05%
==========================================
Files 266 266
Lines 16625 16625
==========================================
- Hits 9288 9281 -7
- Misses 6374 6379 +5
- Partials 963 965 +2 ☔ View full report in Codecov by Sentry. |
| Repository []Repository | ||
| // Removed is a list of Vulnerabilities (the "Name" member) removed in the | ||
| // current set of Vulnerabilities. | ||
| Removed []string |
There was a problem hiding this comment.
Just to mention: I had the realization that for us the Name is generic i.e. for some VEX CVE files we generate 100s of vulnerabilities with the same name (CVE-2023-001 for samba, CVE-2023-001 for samba-libs etc). This didn't actually change much except that the UpdateVulnerabilities() method now parses existing vulnerabilities into a map[string][]string, where the key is the name (CVE-2023-001) and the value is a list of all vuln ID that share that name.
There was a problem hiding this comment.
All that to say, I think this is still valid, it's just worth pointing out the nuanced difference
There was a problem hiding this comment.
Right -- this isn't in use yet, but I imagine this is in the current Updater's namespace
Signed-off-by: Hank Donnay <[email protected]>
hdonnay
force-pushed
the
hack/new-updater/delta
branch
from
6956336
to
4fb218e
Compare
No description provided.