fix(rules): Adjust to the new vulnerability API

See [1]. [1]: oss-review-toolkit/ort#9091 Signed-off-by: Sebastian Schuberth <[email protected]>
oss-review-toolkit · Sep 18, 2024 · 1bf0d35 · 1bf0d35
1 parent e74d2ed
commit 1bf0d35
Showing 1 changed file with 3 additions and 7 deletions.
diff --git a/evaluator.rules.kts b/evaluator.rules.kts
@@ -1540,18 +1540,14 @@ fun RuleSet.vulnerabilityInDependencyRule() = packageRule("VULNERABILITY_IN_DEPE
 }
 
 fun RuleSet.vulnerabilityWithHighSeverityInDependencyRule() = packageRule("HIGH_SEVERITY_VULNERABILITY_IN_DEPENDENCY") {
-    val maxAcceptedSeverity = "5.0"
+    val scoreThreshold = 5.0f
 
     require {
         -isProject()
         -isExcluded()
         +AnyOf(
-            hasVulnerability(maxAcceptedSeverity, "CVSS2") { value, threshold ->
-                value.toFloat() >= threshold.toFloat()
-            },
-            hasVulnerability(maxAcceptedSeverity, "CVSS3") { value, threshold ->
-                value.toFloat() >= threshold.toFloat()
-            }
+            hasVulnerability(scoreThreshold, "CVSS2"),
+            hasVulnerability(scoreThreshold, "CVSS3")
         )
     }