in foundation_security_advisories/common_cve.py [0:0]
def get_local_cve_advisories():
"""
Get all the CVE advisories located in this repository as `CVEAdvisory`
objects. Returns a dictionary of all the local CVE-IDs mapped to
their respective `CVEAdvisory` objects.
"""
local_advisories: dict[str, CVEAdvisory] = {}
print("\n-> Checking local files")
for file_name in get_all_files():
if not file_name.endswith(".yml"):
continue
file_data: dict = parse_yml_file(file_name)
file_last_modified = int(
subprocess.run(
[
"git",
"log",
"--pretty=format:%at",
"-1",
"HEAD",
"--",
file_name,
],
capture_output=True,
).stdout.strip()
)
if "advisories" in file_data:
for cve_id in file_data["advisories"]:
cve_data = file_data["advisories"][cve_id]
if cve_id not in local_advisories:
year = int(cve_id.split("-")[-2])
local_advisories[cve_id] = CVEAdvisory(id=cve_id, year=year)
for fixed_in in file_data["fixed_in"]:
product, version_fixed = fixed_in.rsplit(None, 1)
references = [parse_bug(bug) for bug in cve_data["bugs"]]
cve_instance = CVEAdvisoryInstance(
parent=local_advisories[cve_id],
title=cve_data["title"],
description=cve_data["description"].strip(),
reporter=cve_data["reporter"],
references=references,
mfsa_id=file_data["mfsa_id"],
product=product,
version_fixed=version_fixed,
file_name=file_name,
file_last_modified=file_last_modified,
)
# We want the instances to be sorted by the msfa id to avoid pushing updates
# to the API where the only thing that changes is the order of the instances.
insort(
local_advisories[cve_id].instances,
cve_instance,
key=lambda x: x.mfsa_id,
)
return local_advisories