Bug fixes. Closes #12

Prabhu Subramanian · Prabhu Subramanian · commit 0b529bc99aaf · 2020-10-04T22:05:09.000+01:00
diff --git a/.github/workflows/pythonapp.yml b/.github/workflows/pythonapp.yml
@@ -9,7 +9,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
-        python-version: [3.6, 3.7, 3.8]
+        python-version: [3.8]
     steps:
     - uses: actions/checkout@v2
     - name: Set up Python 3.7
diff --git a/.github/workflows/pythonpublish.yml b/.github/workflows/pythonpublish.yml
@@ -0,0 +1,40 @@
+name: Upload depscan Python Package
+
+on:
+  push:
+    tags:
+      - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
+
+
+jobs:
+  deploy:
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Python
+        uses: actions/setup-python@v1
+        with:
+          python-version: '3.x'
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install setuptools wheel twine
+      - name: Create Release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: Release ${{ github.ref }}
+          draft: false
+          prerelease: false
+      - name: Build and publish
+        env:
+          TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }}
+          TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
+        run: |
+          python setup.py sdist bdist_wheel
+          twine upload dist/*
diff --git a/setup.py b/setup.py
@@ -21,11 +21,9 @@
         "Intended Audience :: System Administrators",
         "Topic :: Utilities",
         "Topic :: Security",
-        "Programming Language :: Python :: 3.6",
-        "Programming Language :: Python :: 3.7",
         "Programming Language :: Python :: 3.8",
         "License :: OSI Approved :: MIT License",
         "Operating System :: OS Independent",
     ],
-    python_requires=">=3.6",
+    python_requires=">=3.8",
 )
diff --git a/test/test_source.py b/test/test_source.py
@@ -19,7 +19,7 @@ def test_cve_json():
 def test_convert(test_cve_json):
     nvdlatest = NvdSource()
     data = nvdlatest.convert(test_cve_json)
-    assert len(data) == 385
+    assert len(data) == 384
     for v in data:
         details = v.details
         for detail in details:
diff --git a/vdb/lib/__init__.py b/vdb/lib/__init__.py
@@ -342,6 +342,9 @@ def from_values(
             version_right = "<=" + max_affected_version_including
         if version_left and not version_right:
             version = version_left
+            # Convert >0.0.0 to *
+            if version == ">0.0.0":
+                version = "*"
         elif not version_left and version_right:
             version = version_right
         elif version_left and version_right:
diff --git a/vdb/lib/nvd.py b/vdb/lib/nvd.py
@@ -123,6 +123,9 @@ def convert_vuln(vuln):
         severity = None
         base_score = None
         description = vuln["cve"]["description"]["description_data"][0]["value"]
+        # Issue 12 - Ignore disputed vulnerabilities
+        if "** DISPUTED **" in description:
+            return None
         rdata = vuln["cve"]["references"]["reference_data"]
         related_urls = [r["url"] for r in rdata]
         if "baseMetricV3" in vuln["impact"]:
