Add CVE id handler (#52)

chrishrb · Mar 20, 2024 · 0665db8 · 0665db8
1 parent 075bc1c
commit 0665db8
Show file tree

Hide file tree

Showing 3 changed files with 55 additions and 0 deletions.
diff --git a/lua/gx/handler.lua b/lua/gx/handler.lua
@@ -6,6 +6,7 @@ local url_handler = require("gx.handlers.url")
 local github_handler = require("gx.handlers.github")
 local commit_handler = require("gx.handlers.commit")
 local markdown_handler = require("gx.handlers.markdown")
+local cve_handler = require("gx.handlers.cve")
 local search_handler = require("gx.handlers.search")
 
 local M = {}
@@ -42,6 +43,7 @@ local function resolve_handlers(handlers)
   add_handler(resolved, commit_handler, handlers.commit and exists.commit == nil)
   add_handler(resolved, markdown_handler, handlers.markdown and exists.markdown == nil)
   add_handler(resolved, url_handler, handlers.url and exists.url == nil)
+  add_handler(resolved, cve_handler, handlers.cve and exists.cve == nil)
   add_handler(resolved, search_handler, handlers.search and exists.search == nil)
   -- ###
 

diff --git a/lua/gx/handlers/cve.lua b/lua/gx/handlers/cve.lua
@@ -0,0 +1,17 @@
+local helper = require("gx.helper")
+
+local M = {
+  -- every filetype and filename
+  filetype = nil,
+  filename = nil,
+}
+
+function M.handle(mode, line, _)
+  local cve_id = helper.find(line, mode, "(CVE[%d-]+)")
+  if not cve_id or #cve_id > 20 then
+    return
+  end
+  return "https://nvd.nist.gov/vuln/detail/" .. cve_id
+end
+
+return M
diff --git a/test/spec/gx/handlers/cve_handler_spec.lua b/test/spec/gx/handlers/cve_handler_spec.lua
@@ -0,0 +1,36 @@
+local handler = require("gx.handlers.cve")
+
+describe("cve_handler_works", function()
+  it("with_only_CVE_number_on_the_line", function()
+    assert.equals(
+      "https://nvd.nist.gov/vuln/detail/CVE-2020-24372",
+      handler.handle("v", "CVE-2020-24372")
+    )
+  end)
+  it("with_surrounding_text", function()
+    assert.equals(
+      "https://nvd.nist.gov/vuln/detail/CVE-2020-24372",
+      handler.handle("v", "This fixes CVE-2020-24372 for sure")
+    )
+  end)
+  it("with_comments", function()
+    assert.equals(
+      "https://nvd.nist.gov/vuln/detail/CVE-2020-24372",
+      handler.handle("v", "#CVE-2020-24372")
+    )
+    assert.equals(
+      "https://nvd.nist.gov/vuln/detail/CVE-2020-24372",
+      handler.handle("v", "--CVE-2020-24372")
+    )
+    assert.equals(
+      "https://nvd.nist.gov/vuln/detail/CVE-2020-24372",
+      handler.handle("v", "//CVE-2020-24372")
+    )
+  end)
+  it("within_parentheses", function()
+    assert.equals(
+      "https://nvd.nist.gov/vuln/detail/CVE-2020-24372",
+      handler.handle("v", "This is related to CVE (CVE-2020-24372) and should be fixed")
+    )
+  end)
+end)