diff --git a/docs/csaf_provider.md b/docs/csaf_provider.md index 464f0db..4db4d31 100644 --- a/docs/csaf_provider.md +++ b/docs/csaf_provider.md @@ -112,6 +112,16 @@ The following example file documents all available configuration options: # If this test fails the expression fails. If the # test succeeds the rules are applied recursively to # collect all strings in the result. +# If the result of the expression is a string this string +# is used. If the result is an array each element of +# this array is tested if it is a string or an array. +# If this test fails the expression fails. If the +# test succeeds the rules are applied recursively to +# collect all strings in the result. +# Suggested expressions are: +# - vendor, product family and product names: "expr:$.product_tree..branches[?(@.category=='vendor' || @.category=='product_family' || @.category=='product_name')].name" +# - CVEs: "expr:$.vulnerabilities[*].cve" +# - CWEs: "expr:$.vulnerabilities[*].cwe.id" # Strings not starting with `expr:` are taken verbatim. # By default no category documents are created. # This example provides an overview over the syntax, diff --git a/util/json.go b/util/json.go index d21b4cf..985c7e1 100644 --- a/util/json.go +++ b/util/json.go @@ -101,8 +101,8 @@ func StringMatcher(dst *string) func(any) error { } } -// StringTreeMatcher returns a matcher which addis strings from -// strings and recursively from arrays of strings. +// StringTreeMatcher returns a matcher which adds strings +// to a slice and recursively strings from arrays of strings. func StringTreeMatcher(strings *[]string) func(any) error { // Only add unique strings. unique := func(s string) { @@ -179,8 +179,8 @@ func (pe *PathEval) Match(matcher []PathEvalMatcher, doc any) error { } // StringsFromTree returns strings from the given exprs. -// 1. If a expression results a string this string is used. -// 2. if a expression results in an array the elements +// 1. If an expression results in a string this string is used. +// 2. if an expression results in an array the elements // of this array are recursively treated with 1. and 2. func (pe *PathEval) StringsFromTree( exprs []string,