Resolve merge conflicts

Add advisory_url to ruby importer

Signed-off-by: ziadhany <ziadhany2016@gmail.com>

vulnerabilities/importers/ruby.py

@@ -23,6 +23,7 @@
 from vulnerabilities.importer import VulnerabilitySeverity
 from vulnerabilities.severity_systems import SCORING_SYSTEMS
 from vulnerabilities.utils import build_description
+from vulnerabilities.utils import get_advisory_url
 from vulnerabilities.utils import load_yaml
 
 logger = logging.getLogger(__name__)
@@ -60,13 +61,18 @@ def advisory_data(self) -> Iterable[AdvisoryData]:
                     if file_path.name.startswith("OSVDB-"):
                         continue
                     raw_data = load_yaml(file_path)
-                    yield parse_ruby_advisory(raw_data, subdir)
+                    advisory_url = get_advisory_url(
+                        file=file_path,
+                        base_path=base_path,
+                        url="https://github.com/rubysec/ruby-advisory-db/blob/master/",
+                    )
+                    yield parse_ruby_advisory(raw_data, subdir, advisory_url)
         finally:
             if self.vcs_response:
                 self.vcs_response.delete()
 
 
-def parse_ruby_advisory(record, schema_type):
+def parse_ruby_advisory(record, schema_type, advisory_url):
     """
     Parse a ruby advisory file and return an AdvisoryData or None.
     Each advisory file contains the advisory information in YAML format.
@@ -86,6 +92,7 @@ def parse_ruby_advisory(record, schema_type):
                 affected_packages=get_affected_packages(record, purl),
                 references=get_references(record),
                 date_published=get_publish_time(record),
+                url=advisory_url,
             )
 
     elif schema_type == "rubies":
@@ -100,6 +107,7 @@ def parse_ruby_advisory(record, schema_type):
                 affected_packages=get_affected_packages(record, purl),
                 references=get_references(record),
                 date_published=get_publish_time(record),
+                url=advisory_url,
             )
 
 

vulnerabilities/tests/test_data/ruby/CVE-2007-5770-expected.json

@@ -43,5 +43,6 @@
     }
   ],
   "date_published": "2007-10-08T00:00:00+00:00",
-  "weaknesses": []
+  "weaknesses": [],
+  "url": "https://github.com/rubysec/ruby-advisory-db"
 }

vulnerabilities/tests/test_data/ruby/CVE-2010-1330-expected.json

@@ -32,5 +32,6 @@
     }
   ],
   "date_published": "2010-04-26T00:00:00+00:00",
-  "weaknesses": []
+  "weaknesses": [],
+  "url": "https://github.com/rubysec/ruby-advisory-db"
 }

vulnerabilities/tests/test_data/ruby/CVE-2018-11627-expected.json

@@ -31,5 +31,6 @@
     }
   ],
   "date_published": "2018-05-31T00:00:00+00:00",
-  "weaknesses": []
+  "weaknesses": [],
+  "url": "https://github.com/rubysec/ruby-advisory-db"
 }

vulnerabilities/tests/test_data/ruby/CVE-2018-7212-expected.json

@@ -54,5 +54,6 @@
     }
   ],
   "date_published": "2018-01-09T00:00:00+00:00",
-  "weaknesses": []
+  "weaknesses": [],
+  "url": "https://github.com/rubysec/ruby-advisory-db"
 }

vulnerabilities/tests/test_ruby.py

@@ -40,7 +40,9 @@
 def test_advisories(filename, expected_filename, schema_type):
     file_path = os.path.join(TEST_DATA, filename)
     mock_response = load_yaml(file_path)
-    results = parse_ruby_advisory(mock_response, schema_type).to_dict()
+    results = parse_ruby_advisory(
+        mock_response, schema_type, "https://github.com/rubysec/ruby-advisory-db"
+    ).to_dict()
     expected_file = os.path.join(TEST_DATA, expected_filename)
     check_results_against_json(results=results, expected_file=expected_file)