jtsymon / cpe23 Goto Github PK
View Code? Open in Web Editor NEWParse and serialise CPEs in CPE23, URI, and WFN formats.
License: MIT License
Parse and serialise CPEs in CPE23, URI, and WFN formats.
License: MIT License
Hi @jtsymon,
I'm using your gem in a project and while writing some RSpec for my code, I noticed white space is not properly handled. I expected the gem would either convert the whitespace to _
or raise an error if one of the parts contained whitespace, but neither happens. In my example the vendor is "Vendie Space". The CPE spec http://csrc.nist.gov/publications/nistir/ir7696/NISTIR-7696-CPE-Matching.pdf (sorry, a PDF link is all I could find) addresses this in section 5.3.2, here's the quote (2nd item).
I can create a PR if you'd like. I was going to do the conversion on the way in (in parse, but might also need it in initialize https://github.com/jtsymon/cpe23/blob/master/lib/cpe23.rb#L189) vs throwing an exception since plenty of vendors and products have whitespace in them and making the caller handle that seems wrong.
Let me know what you think
1. Uppercase letters, lowercase letters or digit characters MAY be used (ASCII x41-x5a, x30-x39 and x61-x7a).
2. The underscore (x5f) MAY be used, and it SHOULD be used in place of whitespace characters (which SHALL NOT be used).
[10] pry(main)> cpe2 = Cpe23.new(part: "o", product: "ProdOS", vendor: "Vendie Space", version: "1.2.3")
=> #<Cpe23:0x00007f69be014cd8
@edition=nil,
@language=nil,
@other=nil,
@part="o",
@product="ProdOS",
@sw_edition=nil,
@target_hw=nil,
@target_sw=nil,
@update=nil,
@vendor="Vendie Space",
@version="1.2.3">
[11] pry(main)> cpe2.to_s
=> "cpe:2.3:o:vendie space:prodos:1.2.3:::::::"
[12] pry(main)> cpe2.to_wfn
=> "wfn:[part=\"o\",vendor=\"vendie space\",product=\"prodos\",version=\"1.2.3\",update=NA,edition=NA,language=NA,sw_edition=NA,target_sw=NA,target_hw=NA,other=NA]"
pry(main)> cpe = Cpe23.parse "cpe:2.3:o:vendie space:prodos:1.3.5:::::::"
=> #<Cpe23:0x00007f69bebf7d48
@edition=nil,
@language=nil,
@other=nil,
@part="o",
@product="prodos",
@sw_edition=nil,
@target_hw=nil,
@target_sw=nil,
@update=nil,
@vendor="vendie space",
@version="1.3.5">
[8] pry(main)> cpe.to_s
=> "cpe:2.3:o:vendie space:prodos:1.3.5:::::::"
[9] pry(main)> cpe.to_wfn
=> "wfn:[part=\"o\",vendor=\"vendie space\",product=\"prodos\",version=\"1.3.5\",update=NA,edition=NA,language=NA,sw_edition=NA,target_sw=NA,target_hw=NA,other=NA]"
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.