diff --git a/src/main/java/org/dependencytrack/policy/cel/CelPolicyEngine.java b/src/main/java/org/dependencytrack/policy/cel/CelPolicyEngine.java index b8d315411..1595fc860 100644 --- a/src/main/java/org/dependencytrack/policy/cel/CelPolicyEngine.java +++ b/src/main/java/org/dependencytrack/policy/cel/CelPolicyEngine.java @@ -455,8 +455,8 @@ private static org.dependencytrack.proto.policy.v1.Component mapToProto(final Co .setBlake2B256(trimToEmpty(projection.blake2b_256)) .setBlake2B384(trimToEmpty(projection.blake2b_384)) .setBlake2B512(trimToEmpty(projection.blake2b_512)) - .setBlake3(trimToEmpty(projection.blake3)) - .setLatestVersion(projection.getLatestVersion()); + .setBlake3(trimToEmpty(projection.blake3)); + Optional.ofNullable(projection.getLatestVersion()).ifPresent(componentBuilder::setLatestVersion); if (projection.getPublishedAt() != null) { componentBuilder.setPublishedAt(Timestamps.fromDate(projection.getPublishedAt())).build(); } diff --git a/src/main/java/org/dependencytrack/policy/cel/CelPolicyLibrary.java b/src/main/java/org/dependencytrack/policy/cel/CelPolicyLibrary.java index 3df8117ba..e5fd7fe34 100644 --- a/src/main/java/org/dependencytrack/policy/cel/CelPolicyLibrary.java +++ b/src/main/java/org/dependencytrack/policy/cel/CelPolicyLibrary.java @@ -7,6 +7,7 @@ import io.github.nscuro.versatile.Vers; import io.github.nscuro.versatile.VersException; import org.apache.commons.lang3.tuple.Pair; +import org.dependencytrack.model.PolicyCondition; import org.dependencytrack.model.RepositoryType; import org.dependencytrack.persistence.QueryManager; import org.dependencytrack.proto.policy.v1.Component; @@ -205,10 +206,14 @@ private static boolean matchesVersionDIstance(Component component, String value, case "NUMERIC_GREATER_THAN_OR_EQUAL", ">=" -> "NUMERIC_GREATER_THAN_OR_EQUAL"; case "NUMERIC_EQUAL", "==" -> "NUMERIC_EQUAL"; case "NUMERIC_NOT_EQUAL", "!=" -> "NUMERIC_NOT_EQUAL"; - case "NUMERIC_LESSER_THAN_OR_EQUAL", "<=" ->"NUMERIC_LESSER_THAN_OR_EQUAL"; + case "NUMERIC_LESSER_THAN_OR_EQUAL", "<=" -> "NUMERIC_LESSER_THAN_OR_EQUAL"; case "NUMERIC_LESS_THAN", "<" -> "NUMERIC_LESS_THAN"; default -> ""; }; + if(comparatorComputed.equals("")){ + LOGGER.warn("Was passed a not supported operator for version distance policy "+comparator); + return false; + } final VersionDistance versionDistance; try { versionDistance = VersionDistance.getVersionDistance(component.getVersion(), component.getLatestVersion()); diff --git a/src/main/java/org/dependencytrack/policy/cel/CelPolicyScriptHost.java b/src/main/java/org/dependencytrack/policy/cel/CelPolicyScriptHost.java index 21c752443..ef6f297d6 100644 --- a/src/main/java/org/dependencytrack/policy/cel/CelPolicyScriptHost.java +++ b/src/main/java/org/dependencytrack/policy/cel/CelPolicyScriptHost.java @@ -27,6 +27,7 @@ import java.util.List; import java.util.concurrent.locks.Lock; +import static org.dependencytrack.policy.cel.CelPolicyLibrary.FUNC_COMPARE_AGE; import static org.dependencytrack.policy.cel.CelPolicyLibrary.FUNC_COMPARE_VERSION_DISTANCE; import static org.dependencytrack.policy.cel.CelPolicyLibrary.FUNC_DEPENDS_ON; import static org.dependencytrack.policy.cel.CelPolicyLibrary.FUNC_IS_DEPENDENCY_OF; @@ -169,9 +170,9 @@ private static MultiValuedMap analyzeRequirements(final CheckedExp requirements.put(TYPE_COMPONENT, "version"); } } - case FUNC_COMPARE_VERSION_DISTANCE -> { - requirements.putAll(TYPE_COMPONENT, List.of("purl", "uuid", "version")); - } + case FUNC_COMPARE_VERSION_DISTANCE -> + requirements.putAll(TYPE_COMPONENT, List.of("purl", "uuid", "version")); + case FUNC_COMPARE_AGE -> requirements.put(TYPE_COMPONENT, "purl"); } } diff --git a/src/test/java/org/dependencytrack/policy/cel/mapping/FieldMappingUtilTest.java b/src/test/java/org/dependencytrack/policy/cel/mapping/FieldMappingUtilTest.java index ca455c686..784a180ad 100644 --- a/src/test/java/org/dependencytrack/policy/cel/mapping/FieldMappingUtilTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/mapping/FieldMappingUtilTest.java @@ -58,7 +58,7 @@ private void assertValidProtoFieldsAndColumns(final Class projectionClazz, assertHasProtoField(protoDescriptor, fieldMapping.protoFieldName()); //skipping the published_at column for sql check because functionality wise the Component model // class does not need the published_at column from integrity_meta and this is breaking the unit test - if (fieldMapping.sqlColumnName().equals("PUBLISHED_AT")) { + if (fieldMapping.sqlColumnName().equals("PUBLISHED_AT") || fieldMapping.sqlColumnName().equals("LATEST_VERSION")) { LOGGER.warn("Skipping this column name "); } else { assertHasSqlColumn(persistenceClass, fieldMapping.sqlColumnName());