SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Merge pull request #307 from csaf-poc/issue299

Browse source 
Extract more than one string from expr: category fields.
This commit is contained in:
JanHoefelmeyer 2023-01-27 09:24:06 +01:00 committed by GitHub
commit ddf0747327
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 83 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

12
docs/csaf_provider.md
View file

@ -106,6 +106,18 @@ The following example file documents all available configuration options:
# If a list item starts with `expr:`
# the rest of the string is used as a JsonPath expression
# to extract a string from the incoming advisories.
# If the result of the expression is a string this string
# is used. If the result is an array each element of
# this array is tested if it is a string or an array.
# If this test fails the expression fails. If the
# test succeeds the rules are applied recursively to
# collect all strings in the result.
# Suggested expressions are:
# - vendor, product family and product names: "expr:$.product_tree..branches[?(@.category==\"vendor\" || @.category==\"product_family\" || @.category==\"product_name\")].name"
# - CVEs: "expr:$.vulnerabilities[*].cve"
# - CWEs: "expr:$.vulnerabilities[*].cwe.id"
# The used implementation to evaluate JSONPath expressions does
# not support the use of single-quotes. Double quotes have to be quoted.
# Strings not starting with `expr:` are taken verbatim.
# By default no category documents are created.
# This example provides an overview over the syntax,