fix(rules): Adjust to the new vulnerability API

sschuberth · sschuberth · commit 366b3db97dd4 · 2024-09-18T21:00:31.000+02:00
See [1]. [1]: oss-review-toolkit/ort#9091 Signed-off-by: Sebastian Schuberth <sebastian@doubleopen.org>
diff --git a/evaluator.rules.kts b/evaluator.rules.kts
@@ -1540,24 +1540,20 @@ fun RuleSet.vulnerabilityInDependencyRule() = packageRule("VULNERABILITY_IN_DEPE
 }
 
 fun RuleSet.vulnerabilityWithHighSeverityInDependencyRule() = packageRule("HIGH_SEVERITY_VULNERABILITY_IN_DEPENDENCY") {
-    val maxAcceptedSeverity = "5.0"
+    val scoreThreshold = 5.0f
 
     require {
         -isProject()
         -isExcluded()
         +AnyOf(
-            hasVulnerability(maxAcceptedSeverity, "CVSS2") { value, threshold ->
-                value.toFloat() >= threshold.toFloat()
-            },
-            hasVulnerability(maxAcceptedSeverity, "CVSS3") { value, threshold ->
-                value.toFloat() >= threshold.toFloat()
-            }
+            hasVulnerability(scoreThreshold, "CVSS2"),
+            hasVulnerability(scoreThreshold, "CVSS3")
         )
     }
 
     error(
         "The package '${pkg.metadata.id.toCoordinates()}' has a vulnerability score greater than or equal to " +
-            "$maxAcceptedSeverity.",
+            "$scoreThreshold.",
         howToFixDefault()
     )
 }

Original file line number	Diff line number	Diff line change
`@@ -1540,24 +1540,20 @@ fun RuleSet.vulnerabilityInDependencyRule() = packageRule("VULNERABILITY_IN_DEPE`
`1540`	`1540`	`}`
`1541`	`1541`
`1542`	`1542`	`fun RuleSet.vulnerabilityWithHighSeverityInDependencyRule() = packageRule("HIGH_SEVERITY_VULNERABILITY_IN_DEPENDENCY") {`
`1543`		`- val maxAcceptedSeverity = "5.0"`
	`1543`	`+ val scoreThreshold = 5.0f`
`1544`	`1544`
`1545`	`1545`	`require {`
`1546`	`1546`	`-isProject()`
`1547`	`1547`	`-isExcluded()`
`1548`	`1548`	`+AnyOf(`
`1549`		`- hasVulnerability(maxAcceptedSeverity, "CVSS2") { value, threshold ->`
`1550`		`- value.toFloat() >= threshold.toFloat()`
`1551`		`- },`
`1552`		`- hasVulnerability(maxAcceptedSeverity, "CVSS3") { value, threshold ->`
`1553`		`- value.toFloat() >= threshold.toFloat()`
`1554`		`- }`
	`1549`	`+ hasVulnerability(scoreThreshold, "CVSS2"),`
	`1550`	`+ hasVulnerability(scoreThreshold, "CVSS3")`
`1555`	`1551`	`)`
`1556`	`1552`	`}`
`1557`	`1553`
`1558`	`1554`	`error(`
`1559`	`1555`	`"The package '${pkg.metadata.id.toCoordinates()}' has a vulnerability score greater than or equal to " +`
`1560`		`- "$maxAcceptedSeverity.",`
	`1556`	`+ "$scoreThreshold.",`
`1561`	`1557`	`howToFixDefault()`
`1562`	`1558`	`)`
`1563`	`1559`	`}`