FixInfo doesn't handle optional fixedIn value

Question

FixInfo doesn't handle optional fixedIn value

daswartzcap opened this issue 2 years ago · comments

In FixInfo, the pysnyk model for FixInfo has fixedIn as required.

In processing, I encountered this:

`File "", line 67, in from_dict
File "", line 51, in from_dict
mashumaro.exceptions.MissingField: Field "fixedIn" of type List[str] is missing in FixInfo instance

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "", line 12, in from_dict
File "", line 12, in
File "", line 69, in from_dict
mashumaro.exceptions.InvalidFieldValue: Field "fixInfo" of type FixInfo in AggregatedIssue has invalid value {'isUpgradable': True, 'isPinnable': False, 'isPatchable': False, 'isFixable': True, 'isPartiallyFixable': True, 'nearestFixedInVersion': '2:1.1.1k-6.ksplice1.el8_5'}
`

The element which caused this exception is
{'id': 'SNYK-ORACLE8-OPENSSLLIBS-2605508', 'issueType': 'vuln', 'pkgName': 'openssl-libs', 'pkgVersions': ['1: 1.1.1c-15.el8' ], 'priorityScore': 733, 'priority': {'score': 733, 'factors': [ {'name': 'socialTrends', 'description': 'Currently trending on Twitter' }, {'name': 'isFresh', 'description': 'Recently disclosed' }, {'name': 'isFixable', 'description': 'Has a fix available' }, {'name': 'severity', 'description': 'High severity' } ] }, 'issueData': {'id': 'SNYK-ORACLE8-OPENSSLLIBS-2605508', 'title': "Loop with Unreachable Exit Condition ('Infinite Loop')", 'severity': 'high', 'url': 'https: //snyk.io/vuln/SNYK-ORACLE8-OPENSSLLIBS-2605508', 'identifiers': {'CVE': ['CVE-2022-0778'], 'CWE': [], 'ALTERNATIVE': []}, 'credit': [''], 'exploitMaturity': 'no-known-exploit', 'semver': {'vulnerable': ['<2:1.1.1k-6.ksplice1.el8_5']}, 'publicationTime': '2022-04-10T09:10:28.648629Z', 'disclosureTime': '2022-03-15T17:15:00Z', 'CVSSv3': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H', 'cvssScore': 7.5, 'language': 'linux', 'patches': [], 'nearestFixedInVersion': '2:1.1.1k-6.ksplice1.el8_5', 'isMaliciousPackage': False}, 'isPatched': False, 'isIgnored': False, 'fixInfo': {'isUpgradable': True, 'isPinnable': False, 'isPatchable': False, 'isFixable': True, 'isPartiallyFixable': True, 'nearestFixedInVersion': '2: 1.1.1k-6.ksplice1.el8_5' }, 'links': {'paths': 'https://app.snyk.io/api/v1/org/b25f6d47-bfd9-4af6-9229-c432e6ae654b/project/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/history/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/issue/SNYK-ORACLE8-OPENSSLLIBS-2605508/paths'}}

Avi Apelbaum · Answer 1 · Tue Apr 26 2022 19:54:42 GMT+0800 (China Standard Time)

Have the same issue , Any update or workaround ?

Doug Swartz · Answer 2 · Tue Apr 26 2022 21:34:41 GMT+0800 (China Standard Time)

Here's a fix. (I keep thinking about submitting a pull request -- but, lazy).

Change the fixedIn line in the Fixinfo class in the models.py file to this

fixedIn: Optional[List[str]] = field(default_factory=list)

Daniel H · Answer 3 · Fri Apr 29 2022 08:50:02 GMT+0800 (China Standard Time)

Similar issue using 0.9.2 when calling project_object.issueset_aggregated.all().issues

mashumaro.exceptions.InvalidFieldValue: Field "issues" of type List[AggregatedIssue] in IssueSetAggregated has invalid value [{'id': <.... etc>}]

Doug Swartz · Answer 4 · Wed May 18 2022 22:49:10 GMT+0800 (China Standard Time)

This appears fixed in he current code.