"""
Component data classes used in AVID report and vulnerability datamodels.
"""
from typing import Dict, List, Optional
from pydantic import BaseModel
from .enums import *
[docs]class LangValue(BaseModel):
"""Generic class to store a string with its language specified."""
lang: str
value: str
[docs]class Artifact(BaseModel):
"""Type and name of an affected artifact."""
type: ArtifactTypeEnum
name: str
[docs]class Detection(BaseModel):
"""Method to detect a specific issue."""
type: MethodEnum
name: str
[docs]class Affects(BaseModel):
"""Information on Artifact(s) affected by this report."""
developer: List[str]
deployer: List[str]
artifacts: List[Artifact]
[docs]class Problemtype(BaseModel):
"""Description of the problem a report/vuln is concerned with."""
classof: ClassEnum
type: Optional[TypeEnum]
description: LangValue
[docs]class Metric(BaseModel):
"""Quantification of the issue in a specific report."""
name: str
detection_method: Detection
results: Dict
[docs]class Reference(BaseModel):
"""Details for a reference of a report/vulnerability."""
type: Optional[str]
label: str
url: str # AnyUrl is a better fit, but keeping this because submissions are not standard yet
class Config: # type is excluded if None
fields = {'type': {'exclude': True}}
[docs]class AvidTaxonomy(BaseModel):
"""AVID taxonomy mappings of a report/vulnerability."""
vuln_id: Optional[str]
risk_domain: List[str]
sep_view: List[SepEnum]
lifecycle_view: List[LifecycleEnum]
taxonomy_version: str
class Config: # vuln_id is excluded if None
fields = {'vuln_id': {'exclude': True}}
[docs]class Impact(BaseModel):
"""Impact information of a report/vulnerability, e.g. different taxonomy mappings, harm and severity scores."""
avid: AvidTaxonomy