refactor(npm-db): update author field to be more verbose #314
Conversation
tools/vuln_valid/index.js
Outdated
| author: joi.object().keys( | ||
| { | ||
| name: joi.string().required(), | ||
| username: joi.string().optional().allow(null), |
There was a problem hiding this comment.
Should username and website be required, but allowed to be null?
I kind of think this makes more sense.
There was a problem hiding this comment.
It helps consistency through the reports format so that's ok with me.
pxlpnk
force-pushed
the
fix/npm-db-author
branch
from
5fbaee2 to
f307a73
Compare
|
Rebased and migrated the files |
vuln/npm/129.json
Outdated
| @@ -17,4 +21,4 @@ | |||
| "cvss_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", | |||
| "cvss_score": 7.3, | |||
| "coordinating_vendor": "^Lift Security" | |||
| } | |||
| } | |||
vuln/npm_old/98.json
Outdated
| "cvss_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", | ||
| "cvss_score": 6.8, | ||
| "coordinating_vendor": "^Lift Security" | ||
| } |
There was a problem hiding this comment.
What should we do with this directory?
pxlpnk
force-pushed
the
fix/npm-db-author
branch
from
f307a73 to
e126212
Compare
|
I think this one and #316 should be in good shape. WDYTH? |
tools/vuln_valid/index.js
Outdated
| @@ -24,7 +24,14 @@ const npmModel = joi.object().keys({ | |||
| updated_at: joi.string().regex(/^\d{4}-\d{2}-\d{2}$/).required().isoDate(), | |||
| title: joi.string().required(), | |||
| title: joi.string().max(150).regex(/^[^\n]+$/).required(), | |||
| author: joi.string().allow(null).required(), | |||
| author: joi.object().required(), | |||
There was a problem hiding this comment.
the first author field is redundant, no?
same goes for the title field above
There was a problem hiding this comment.
You where right, I removed the first author: joi.object().required(). As for the title field. I don't know what the intention with this was. But I can clean this up in a separate PR. I think there might be more in this file that could need a touch up.
|
I can't really figure out what the problem is here with travis. @vdeturckheim Any idea? I rebase, fixed some things and created a messy history. |
pxlpnk
force-pushed
the
fix/npm-db-author
branch
from
3f7a144 to
fb43ad5
Compare
This splits up the author field into 3 fields
- name
- website
- username
```
"author": {
"name": "Cal Leeming",
"website": null,
"username": null
}
```
pxlpnk
force-pushed
the
fix/npm-db-author
branch
from
fb43ad5 to
dec584d
Compare
This splits up the author field into 3 fields
The PR comes with a (
tools/migrations/transform_author.js) script that changes the existing database.You can check out the branch and run:
node tools/migrations/transform_author.js). Then runnpm testafterwards to check the migration.The migrated files where not yet checked in to keep the PR less noisy. I will supply those changes as soon as the proposed changes are approved. The PR will be failing until those changes are applied.
I updated the files with id 109 and 113 as they had author set to null and replaced it with
unknown.This is the first PR to get #200 moving forward.