vuln2json.pl: adapted to the schema more

- Provide a bogus (curl) Id and make the CVE an alias - Add a (made up) time to the published string to make it correct syntax - Provide URL and CWE in a "database_specific" object - Rename 'last' to 'last_affected' within the affected ranges Reported-by: Oliver Chang Ref: #240 Closes #241
curl · May 3, 2023 · 1bf8f77 · 1bf8f77
1 parent 87f59a2
commit 1bf8f77
Showing 1 changed file with 10 additions and 5 deletions.
diff --git a/docs/vuln2json.pl b/docs/vuln2json.pl
@@ -139,12 +139,17 @@ sub inclusive {
     my $v = inclusive($first, $last, "        ");
     push @single,
         "{\n".
-        "  \"id\": \"$cve\",\n".
+        "  \"id\": \"CURL-$cve\",\n".
+        "  \"aliases\": [\n".
+        "    \"$cve\"\n".
+        "  ],\n".
         "  \"summary\": \"$name\",\n".
-        "  \"URL\": \"https://curl.se/docs/$cve.html\",\n".
         "  \"modified\": \"${modified}Z\",\n".
-        "  \"CWE\": \"$cwe\",\n".
-        "  \"published\": \"$announce\",\n".
+        "  \"database_specific\": {\n".
+        "    \"URL\": \"https://curl.se/docs/$cve.html\",\n".
+        "    \"CWE\": \"$cwe\"\n".
+        "  },\n".
+        "  \"published\": \"${announce}T08:00:00Z\",\n".
         "  \"affected\": [\n".
         "    {\n".
         "      \"package\": {\n".
@@ -156,7 +161,7 @@ sub inclusive {
         "           \"type\": \"SEMVER\",\n".
         "           \"events\": [\n".
         "             {\"introduced\": \"$first\"},\n".
-        "             {\"last\": \"$last\"},\n".
+        "             {\"last_affected\": \"$last\"},\n".
         "             {\"fixed\": \"$fixed\"}\n".
         "           ]\n".
         "        }\n".