Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support linking to CWEs #122

Merged
merged 2 commits into from
Jan 1, 2022
Merged

Support linking to CWEs #122

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7fdcee5
Support linking to CWEs
hugovk Dec 24, 2021
afd6b23
Update changelog
sloria Jan 1, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions README.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,12 @@ Use the ``:cve:`` role to link to CVEs on https://cve.mitre.org.

:cve:`CVE-2018-17175` - Addresses possible vulnerability when...

Use the ``:cwe:`` role to link to CWEs on https://cwe.mitre.org.

.. code-block:: rst

:cwe:`CWE-787` - The software writes data past the end, or...

Credits
*******

Expand Down
21 changes: 21 additions & 0 deletions sphinx_issues.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,27 @@ def cve_role(name, rawtext, text, lineno, inliner, options=None, content=None):
return [link], []


def cwe_role(name, rawtext, text, lineno, inliner, options=None, content=None):
"""Sphinx role for linking to a CWE on https://cwe.mitre.org.

Examples: ::

:cwe:`CWE-787`

"""
options = options or {}
content = content or []
has_explicit_title, title, target = split_explicit_title(text)

target = utils.unescape(target).strip()
title = utils.unescape(title).strip()
number = target[4:]
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thought (non-blocking): would it make sense to also support :cwe:787 here?

no need to do this now

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can do! But should we also support this?

:cve:`2018-17175`

In addition to the current:

:cve:`CVE-2018-17175`

ref = f"https://cwe.mitre.org/data/definitions/{number}.html"
text = title if has_explicit_title else target
link = nodes.reference(text=text, refuri=ref, **options)
return [link], []


class IssueRole:

EXTERNAL_REPO_REGEX = re.compile(r"^(\w+)/(.+)([#@])([\w]+)$")
Expand Down
14 changes: 9 additions & 5 deletions test_sphinx_issues.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,14 @@
from tempfile import mkdtemp
from shutil import rmtree

try:
from unittest.mock import Mock
except ImportError:
from unittest.mock import Mock
from unittest.mock import Mock

from sphinx.application import Sphinx
from sphinx_issues import (
issue_role,
user_role,
pr_role,
cve_role,
cwe_role,
commit_role,
setup as issues_setup,
)
Expand Down Expand Up @@ -84,6 +81,13 @@ def inliner(app):
"CVE-2018-17175",
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17175",
),
(
cwe_role,
"cve",
"CWE-787",
"CWE-787",
"https://cwe.mitre.org/data/definitions/787.html",
),
(
commit_role,
"commit",
Expand Down