diff --git a/src/mix_hex_api.erl b/src/mix_hex_api.erl index d311fd4b..1bc95746 100644 --- a/src/mix_hex_api.erl +++ b/src/mix_hex_api.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Hex HTTP API diff --git a/src/mix_hex_api_auth.erl b/src/mix_hex_api_auth.erl index 80712229..8979fd38 100644 --- a/src/mix_hex_api_auth.erl +++ b/src/mix_hex_api_auth.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Hex HTTP API - Authentication. diff --git a/src/mix_hex_api_key.erl b/src/mix_hex_api_key.erl index 3e31239a..d35b6e88 100644 --- a/src/mix_hex_api_key.erl +++ b/src/mix_hex_api_key.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Hex HTTP API - Keys. diff --git a/src/mix_hex_api_oauth.erl b/src/mix_hex_api_oauth.erl index 21949b58..d8ac5bb6 100644 --- a/src/mix_hex_api_oauth.erl +++ b/src/mix_hex_api_oauth.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Hex HTTP API - OAuth. diff --git a/src/mix_hex_api_organization.erl b/src/mix_hex_api_organization.erl index 07433fc9..a9fdb034 100644 --- a/src/mix_hex_api_organization.erl +++ b/src/mix_hex_api_organization.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Hex HTTP API - Organizations. diff --git a/src/mix_hex_api_organization_member.erl b/src/mix_hex_api_organization_member.erl index 35c5b17f..ab8fabe6 100644 --- a/src/mix_hex_api_organization_member.erl +++ b/src/mix_hex_api_organization_member.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Hex HTTP API - Organization Members. diff --git a/src/mix_hex_api_package.erl b/src/mix_hex_api_package.erl index 0351e0ff..465f6717 100644 --- a/src/mix_hex_api_package.erl +++ b/src/mix_hex_api_package.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Hex HTTP API - Packages. diff --git a/src/mix_hex_api_package_owner.erl b/src/mix_hex_api_package_owner.erl index eb52dafb..b53f30d5 100644 --- a/src/mix_hex_api_package_owner.erl +++ b/src/mix_hex_api_package_owner.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Hex HTTP API - Package Owners. diff --git a/src/mix_hex_api_release.erl b/src/mix_hex_api_release.erl index effbd617..94c19765 100644 --- a/src/mix_hex_api_release.erl +++ b/src/mix_hex_api_release.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Hex HTTP API - Releases. diff --git a/src/mix_hex_api_short_url.erl b/src/mix_hex_api_short_url.erl index 6aab9672..ef8904ec 100644 --- a/src/mix_hex_api_short_url.erl +++ b/src/mix_hex_api_short_url.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Hex HTTP API - Short URLs. diff --git a/src/mix_hex_api_user.erl b/src/mix_hex_api_user.erl index dc5d3526..7ffa75e8 100644 --- a/src/mix_hex_api_user.erl +++ b/src/mix_hex_api_user.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Hex HTTP API - Users. diff --git a/src/mix_hex_core.erl b/src/mix_hex_core.erl index 3b25a228..b8b7908b 100644 --- a/src/mix_hex_core.erl +++ b/src/mix_hex_core.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% `hex_core' entrypoint module. @@ -69,15 +69,20 @@ %% `134_217_728' (128 MiB). Set to `infinity' to not enforce the limit. %% %% * `tarball_files_root' - Root directory for source files when creating tarballs. -%% Required for filesystem source paths, which must be relative and must resolve inside -%% this root after following symlinks. Set to `undefined' when all tarball contents are -%% provided as binaries and no filesystem source paths are used (default: `undefined'). +%% Filesystem source paths must resolve inside this root after following symlinks. +%% Relative source paths are resolved from this root and absolute source paths must be +%% inside it (default: `"."'). %% %% * `docs_tarball_max_size' - Maximum size of docs tarball, defaults to %% `16_777_216' (16 MiB). Set to `infinity' to not enforce the limit. %% %% * `docs_tarball_max_uncompressed_size' - Maximum size of uncompressed docs tarball, defaults to %% `134_217_728' (128 MiB). Set to `infinity' to not enforce the limit. +%% +%% * `metadata_fields' - Either `all' or a list of metadata.config keys (binaries) to read. +%% When set to a list, the metadata decoder streams past unrequested fields without +%% buffering their tokens, which keeps peak memory bounded for packages with very +%% large fields like `<<"files">>'. Defaults to `all'. -module(mix_hex_core). -export([default_config/0]). @@ -115,11 +120,12 @@ repo_verify => boolean(), repo_verify_origin => boolean(), send_100_continue => boolean(), - tarball_files_root => file:filename() | undefined, + tarball_files_root => file:filename(), tarball_max_size => pos_integer() | infinity, tarball_max_uncompressed_size => pos_integer() | infinity, docs_tarball_max_size => pos_integer() | infinity, - docs_tarball_max_uncompressed_size => pos_integer() | infinity + docs_tarball_max_uncompressed_size => pos_integer() | infinity, + metadata_fields => all | [binary()] }. -spec default_config() -> config(). @@ -142,9 +148,10 @@ default_config() -> repo_verify => true, repo_verify_origin => true, send_100_continue => true, - tarball_files_root => undefined, + tarball_files_root => ".", tarball_max_size => 16 * 1024 * 1024, tarball_max_uncompressed_size => 128 * 1024 * 1024, docs_tarball_max_size => 16 * 1024 * 1024, - docs_tarball_max_uncompressed_size => 128 * 1024 * 1024 + docs_tarball_max_uncompressed_size => 128 * 1024 * 1024, + metadata_fields => all }. diff --git a/src/mix_hex_core.hrl b/src/mix_hex_core.hrl index 8dbff979..70d96530 100644 --- a/src/mix_hex_core.hrl +++ b/src/mix_hex_core.hrl @@ -1,3 +1,3 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually --define(HEX_CORE_VERSION, "0.15.0"). +-define(HEX_CORE_VERSION, "0.16.0"). diff --git a/src/mix_hex_erl_tar.erl b/src/mix_hex_erl_tar.erl index e3db3e8c..e0dc46b6 100644 --- a/src/mix_hex_erl_tar.erl +++ b/src/mix_hex_erl_tar.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% This file is a copy of erl_tar.erl from OTP with the following modifications: %% 1. Module renamed from erl_tar to mix_hex_erl_tar diff --git a/src/mix_hex_erl_tar.hrl b/src/mix_hex_erl_tar.hrl index f25d9340..05fbc8f8 100644 --- a/src/mix_hex_erl_tar.hrl +++ b/src/mix_hex_erl_tar.hrl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% This file is a copy of erl_tar.hrl from OTP with the following modifications: %% 1. Added chunk_size field to #read_opts{} for streaming extraction to disk diff --git a/src/mix_hex_http.erl b/src/mix_hex_http.erl index 0ef191f9..30aad081 100644 --- a/src/mix_hex_http.erl +++ b/src/mix_hex_http.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% HTTP contract. diff --git a/src/mix_hex_http_httpc.erl b/src/mix_hex_http_httpc.erl index 62ac35de..1cdc24e5 100644 --- a/src/mix_hex_http_httpc.erl +++ b/src/mix_hex_http_httpc.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% httpc-based implementation of {@link mix_hex_http} contract. @@ -41,15 +41,12 @@ request_to_file(Method, URI, ReqHeaders, Body, Filename, AdapterConfig) when is_ Method, Request, HTTPOptions, - [{stream, unicode:characters_to_list(Filename)}], + [{sync, false}, {stream, self}], Profile ) of - {ok, saved_to_file} -> - {ok, {200, #{}}}; - {ok, {{_, StatusCode, _}, RespHeaders, _RespBody}} -> - RespHeaders2 = load_headers(RespHeaders), - {ok, {StatusCode, RespHeaders2}}; + {ok, RequestId} -> + stream_to_file(RequestId, Filename); {error, Reason} -> {error, Reason} end. @@ -58,6 +55,39 @@ request_to_file(Method, URI, ReqHeaders, Body, Filename, AdapterConfig) when is_ %% Internal functions %%==================================================================== +%% @private +%% httpc streams 200/206 responses as messages and returns non-2xx as +%% a normal response tuple. stream_start includes the response headers. +stream_to_file(RequestId, Filename) -> + receive + {http, {RequestId, stream_start, Headers}} -> + {ok, File} = file:open(Filename, [write, binary]), + case stream_body(RequestId, File) of + ok -> + ok = file:close(File), + {ok, {200, load_headers(Headers)}}; + {error, Reason} -> + ok = file:close(File), + {error, Reason} + end; + {http, {RequestId, {{_, StatusCode, _}, RespHeaders, _RespBody}}} -> + {ok, {StatusCode, load_headers(RespHeaders)}}; + {http, {RequestId, {error, Reason}}} -> + {error, Reason} + end. + +%% @private +stream_body(RequestId, File) -> + receive + {http, {RequestId, stream, BinBodyPart}} -> + ok = file:write(File, BinBodyPart), + stream_body(RequestId, File); + {http, {RequestId, stream_end, _Headers}} -> + ok; + {http, {RequestId, {error, Reason}}} -> + {error, Reason} + end. + %% @private http_options(URI, AdapterConfig) -> HTTPOptions0 = maps:get(http_options, AdapterConfig, []), diff --git a/src/mix_hex_licenses.erl b/src/mix_hex_licenses.erl index def4ada5..63e46db2 100644 --- a/src/mix_hex_licenses.erl +++ b/src/mix_hex_licenses.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (4ff8378), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Hex Licenses. diff --git a/src/mix_hex_pb_names.erl b/src/mix_hex_pb_names.erl index 75aa3055..5d0fd296 100644 --- a/src/mix_hex_pb_names.erl +++ b/src/mix_hex_pb_names.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% -*- coding: utf-8 -*- %% % this file is @generated diff --git a/src/mix_hex_pb_package.erl b/src/mix_hex_pb_package.erl index bb8e0574..6f5628a8 100644 --- a/src/mix_hex_pb_package.erl +++ b/src/mix_hex_pb_package.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% -*- coding: utf-8 -*- %% % this file is @generated @@ -21,6 +21,7 @@ -export([find_enum_def/1, fetch_enum_def/1]). -export([enum_symbol_by_value/2, enum_value_by_symbol/2]). -export([enum_symbol_by_value_RetirementReason/1, enum_value_by_symbol_RetirementReason/1]). +-export([enum_symbol_by_value_AdvisorySeverity/1, enum_value_by_symbol_AdvisorySeverity/1]). -export([get_service_names/0]). -export([get_service_def/1]). -export([get_rpc_names/1]). @@ -53,13 +54,15 @@ %% enumerated types -type 'RetirementReason'() :: 'RETIRED_OTHER' | 'RETIRED_INVALID' | 'RETIRED_SECURITY' | 'RETIRED_DEPRECATED' | 'RETIRED_RENAMED'. --export_type(['RetirementReason'/0]). +-type 'AdvisorySeverity'() :: 'SEVERITY_NONE' | 'SEVERITY_LOW' | 'SEVERITY_MEDIUM' | 'SEVERITY_HIGH' | 'SEVERITY_CRITICAL'. +-export_type(['RetirementReason'/0, 'AdvisorySeverity'/0]). %% message types -type 'Package'() :: #{releases => ['Release'()], % = 1, repeated name => unicode:chardata(), % = 2, required - repository => unicode:chardata() % = 3, required + repository => unicode:chardata(), % = 3, required + advisories => ['SecurityAdvisory'()] % = 4, repeated }. -type 'Release'() :: @@ -67,7 +70,8 @@ inner_checksum => iodata(), % = 2, required dependencies => ['Dependency'()], % = 3, repeated retired => 'RetirementStatus'(), % = 4, optional - outer_checksum => iodata() % = 5, optional + outer_checksum => iodata(), % = 5, optional + advisory_indexes => [non_neg_integer()] % = 6, repeated, 32 bits }. -type 'RetirementStatus'() :: @@ -75,6 +79,15 @@ message => unicode:chardata() % = 2, optional }. +-type 'SecurityAdvisory'() :: + #{id => unicode:chardata(), % = 1, required + summary => unicode:chardata(), % = 2, required + html_url => unicode:chardata(), % = 3, required + severity => 'SEVERITY_NONE' | 'SEVERITY_LOW' | 'SEVERITY_MEDIUM' | 'SEVERITY_HIGH' | 'SEVERITY_CRITICAL' | integer(), % = 4, optional, enum AdvisorySeverity + cvss_score => float() | integer() | infinity | '-infinity' | nan, % = 5, optional + api_url => unicode:chardata() % = 6, required + }. + -type 'Dependency'() :: #{package => unicode:chardata(), % = 1, required requirement => unicode:chardata(), % = 2, required @@ -83,9 +96,9 @@ repository => unicode:chardata() % = 5, optional }. --export_type(['Package'/0, 'Release'/0, 'RetirementStatus'/0, 'Dependency'/0]). --type '$msg_name'() :: 'Package' | 'Release' | 'RetirementStatus' | 'Dependency'. --type '$msg'() :: 'Package'() | 'Release'() | 'RetirementStatus'() | 'Dependency'(). +-export_type(['Package'/0, 'Release'/0, 'RetirementStatus'/0, 'SecurityAdvisory'/0, 'Dependency'/0]). +-type '$msg_name'() :: 'Package' | 'Release' | 'RetirementStatus' | 'SecurityAdvisory' | 'Dependency'. +-type '$msg'() :: 'Package'() | 'Release'() | 'RetirementStatus'() | 'SecurityAdvisory'() | 'Dependency'(). -export_type(['$msg_name'/0, '$msg'/0]). -if(?OTP_RELEASE >= 24). @@ -105,6 +118,7 @@ encode_msg(Msg, MsgName, Opts) -> 'Package' -> encode_msg_Package(id(Msg, TrUserData), TrUserData); 'Release' -> encode_msg_Release(id(Msg, TrUserData), TrUserData); 'RetirementStatus' -> encode_msg_RetirementStatus(id(Msg, TrUserData), TrUserData); + 'SecurityAdvisory' -> encode_msg_SecurityAdvisory(id(Msg, TrUserData), TrUserData); 'Dependency' -> encode_msg_Dependency(id(Msg, TrUserData), TrUserData) end. @@ -122,7 +136,15 @@ encode_msg_Package(#{name := F2, repository := F3} = M, Bin, TrUserData) -> _ -> Bin end, B2 = begin TrF2 = id(F2, TrUserData), e_type_string(TrF2, <>, TrUserData) end, - begin TrF3 = id(F3, TrUserData), e_type_string(TrF3, <>, TrUserData) end. + B3 = begin TrF3 = id(F3, TrUserData), e_type_string(TrF3, <>, TrUserData) end, + case M of + #{advisories := F4} -> + TrF4 = id(F4, TrUserData), + if TrF4 == [] -> B3; + true -> e_field_Package_advisories(TrF4, B3, TrUserData) + end; + _ -> B3 + end. encode_msg_Release(Msg, TrUserData) -> encode_msg_Release(Msg, <<>>, TrUserData). @@ -142,9 +164,17 @@ encode_msg_Release(#{version := F1, inner_checksum := F2} = M, Bin, TrUserData) #{retired := F4} -> begin TrF4 = id(F4, TrUserData), e_mfield_Release_retired(TrF4, <>, TrUserData) end; _ -> B3 end, + B5 = case M of + #{outer_checksum := F5} -> begin TrF5 = id(F5, TrUserData), e_type_bytes(TrF5, <>, TrUserData) end; + _ -> B4 + end, case M of - #{outer_checksum := F5} -> begin TrF5 = id(F5, TrUserData), e_type_bytes(TrF5, <>, TrUserData) end; - _ -> B4 + #{advisory_indexes := F6} -> + TrF6 = id(F6, TrUserData), + if TrF6 == [] -> B5; + true -> e_field_Release_advisory_indexes(TrF6, B5, TrUserData) + end; + _ -> B5 end. encode_msg_RetirementStatus(Msg, TrUserData) -> encode_msg_RetirementStatus(Msg, <<>>, TrUserData). @@ -157,6 +187,23 @@ encode_msg_RetirementStatus(#{reason := F1} = M, Bin, TrUserData) -> _ -> B1 end. +encode_msg_SecurityAdvisory(Msg, TrUserData) -> encode_msg_SecurityAdvisory(Msg, <<>>, TrUserData). + + +encode_msg_SecurityAdvisory(#{id := F1, summary := F2, html_url := F3, api_url := F6} = M, Bin, TrUserData) -> + B1 = begin TrF1 = id(F1, TrUserData), e_type_string(TrF1, <>, TrUserData) end, + B2 = begin TrF2 = id(F2, TrUserData), e_type_string(TrF2, <>, TrUserData) end, + B3 = begin TrF3 = id(F3, TrUserData), e_type_string(TrF3, <>, TrUserData) end, + B4 = case M of + #{severity := F4} -> begin TrF4 = id(F4, TrUserData), e_enum_AdvisorySeverity(TrF4, <>, TrUserData) end; + _ -> B3 + end, + B5 = case M of + #{cvss_score := F5} -> begin TrF5 = id(F5, TrUserData), e_type_float(TrF5, <>, TrUserData) end; + _ -> B4 + end, + begin TrF6 = id(F6, TrUserData), e_type_string(TrF6, <>, TrUserData) end. + encode_msg_Dependency(Msg, TrUserData) -> encode_msg_Dependency(Msg, <<>>, TrUserData). @@ -187,6 +234,17 @@ e_field_Package_releases([Elem | Rest], Bin, TrUserData) -> e_field_Package_releases(Rest, Bin3, TrUserData); e_field_Package_releases([], Bin, _TrUserData) -> Bin. +e_mfield_Package_advisories(Msg, Bin, TrUserData) -> + SubBin = encode_msg_SecurityAdvisory(Msg, <<>>, TrUserData), + Bin2 = e_varint(byte_size(SubBin), Bin), + <>. + +e_field_Package_advisories([Elem | Rest], Bin, TrUserData) -> + Bin2 = <>, + Bin3 = e_mfield_Package_advisories(id(Elem, TrUserData), Bin2, TrUserData), + e_field_Package_advisories(Rest, Bin3, TrUserData); +e_field_Package_advisories([], Bin, _TrUserData) -> Bin. + e_mfield_Release_dependencies(Msg, Bin, TrUserData) -> SubBin = encode_msg_Dependency(Msg, <<>>, TrUserData), Bin2 = e_varint(byte_size(SubBin), Bin), @@ -203,6 +261,12 @@ e_mfield_Release_retired(Msg, Bin, TrUserData) -> Bin2 = e_varint(byte_size(SubBin), Bin), <>. +e_field_Release_advisory_indexes([Elem | Rest], Bin, TrUserData) -> + Bin2 = <>, + Bin3 = e_varint(id(Elem, TrUserData), Bin2, TrUserData), + e_field_Release_advisory_indexes(Rest, Bin3, TrUserData); +e_field_Release_advisory_indexes([], Bin, _TrUserData) -> Bin. + e_enum_RetirementReason('RETIRED_OTHER', Bin, _TrUserData) -> <>; e_enum_RetirementReason('RETIRED_INVALID', Bin, _TrUserData) -> <>; e_enum_RetirementReason('RETIRED_SECURITY', Bin, _TrUserData) -> <>; @@ -210,6 +274,13 @@ e_enum_RetirementReason('RETIRED_DEPRECATED', Bin, _TrUserData) -> < <>; e_enum_RetirementReason(V, Bin, _TrUserData) -> e_varint(V, Bin). +e_enum_AdvisorySeverity('SEVERITY_NONE', Bin, _TrUserData) -> <>; +e_enum_AdvisorySeverity('SEVERITY_LOW', Bin, _TrUserData) -> <>; +e_enum_AdvisorySeverity('SEVERITY_MEDIUM', Bin, _TrUserData) -> <>; +e_enum_AdvisorySeverity('SEVERITY_HIGH', Bin, _TrUserData) -> <>; +e_enum_AdvisorySeverity('SEVERITY_CRITICAL', Bin, _TrUserData) -> <>; +e_enum_AdvisorySeverity(V, Bin, _TrUserData) -> e_varint(V, Bin). + -compile({nowarn_unused_function,e_type_sint/3}). e_type_sint(Value, Bin, _TrUserData) when Value >= 0 -> e_varint(Value * 2, Bin); e_type_sint(Value, Bin, _TrUserData) -> e_varint(Value * -2 - 1, Bin). @@ -335,85 +406,101 @@ decode_msg_1_catch(Bin, MsgName, TrUserData) -> decode_msg_2_doit('Package', Bin, TrUserData) -> id(decode_msg_Package(Bin, TrUserData), TrUserData); decode_msg_2_doit('Release', Bin, TrUserData) -> id(decode_msg_Release(Bin, TrUserData), TrUserData); decode_msg_2_doit('RetirementStatus', Bin, TrUserData) -> id(decode_msg_RetirementStatus(Bin, TrUserData), TrUserData); +decode_msg_2_doit('SecurityAdvisory', Bin, TrUserData) -> id(decode_msg_SecurityAdvisory(Bin, TrUserData), TrUserData); decode_msg_2_doit('Dependency', Bin, TrUserData) -> id(decode_msg_Dependency(Bin, TrUserData), TrUserData). -decode_msg_Package(Bin, TrUserData) -> dfp_read_field_def_Package(Bin, 0, 0, 0, id([], TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), TrUserData). +decode_msg_Package(Bin, TrUserData) -> dfp_read_field_def_Package(Bin, 0, 0, 0, id([], TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id([], TrUserData), TrUserData). -dfp_read_field_def_Package(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> d_field_Package_releases(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData); -dfp_read_field_def_Package(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> d_field_Package_name(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData); -dfp_read_field_def_Package(<<26, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> d_field_Package_repository(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData); -dfp_read_field_def_Package(<<>>, 0, 0, _, R1, F@_2, F@_3, TrUserData) -> +dfp_read_field_def_Package(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_field_Package_releases(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +dfp_read_field_def_Package(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_field_Package_name(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +dfp_read_field_def_Package(<<26, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_field_Package_repository(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +dfp_read_field_def_Package(<<34, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_field_Package_advisories(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +dfp_read_field_def_Package(<<>>, 0, 0, _, R1, F@_2, F@_3, R2, TrUserData) -> S1 = #{name => F@_2, repository => F@_3}, - if R1 == '$undef' -> S1; - true -> S1#{releases => lists_reverse(R1, TrUserData)} + S2 = if R1 == '$undef' -> S1; + true -> S1#{releases => lists_reverse(R1, TrUserData)} + end, + if R2 == '$undef' -> S2; + true -> S2#{advisories => lists_reverse(R2, TrUserData)} end; -dfp_read_field_def_Package(Other, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> dg_read_field_def_Package(Other, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData). +dfp_read_field_def_Package(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> dg_read_field_def_Package(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData). -dg_read_field_def_Package(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) when N < 32 - 7 -> dg_read_field_def_Package(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, TrUserData); -dg_read_field_def_Package(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, TrUserData) -> +dg_read_field_def_Package(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 32 - 7 -> dg_read_field_def_Package(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +dg_read_field_def_Package(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, F@_4, TrUserData) -> Key = X bsl N + Acc, case Key of - 10 -> d_field_Package_releases(Rest, 0, 0, 0, F@_1, F@_2, F@_3, TrUserData); - 18 -> d_field_Package_name(Rest, 0, 0, 0, F@_1, F@_2, F@_3, TrUserData); - 26 -> d_field_Package_repository(Rest, 0, 0, 0, F@_1, F@_2, F@_3, TrUserData); + 10 -> d_field_Package_releases(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); + 18 -> d_field_Package_name(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); + 26 -> d_field_Package_repository(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); + 34 -> d_field_Package_advisories(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); _ -> case Key band 7 of - 0 -> skip_varint_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, TrUserData); - 1 -> skip_64_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, TrUserData); - 2 -> skip_length_delimited_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, TrUserData); - 3 -> skip_group_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, TrUserData); - 5 -> skip_32_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, TrUserData) + 0 -> skip_varint_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData); + 1 -> skip_64_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData); + 2 -> skip_length_delimited_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData); + 3 -> skip_group_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData); + 5 -> skip_32_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData) end end; -dg_read_field_def_Package(<<>>, 0, 0, _, R1, F@_2, F@_3, TrUserData) -> +dg_read_field_def_Package(<<>>, 0, 0, _, R1, F@_2, F@_3, R2, TrUserData) -> S1 = #{name => F@_2, repository => F@_3}, - if R1 == '$undef' -> S1; - true -> S1#{releases => lists_reverse(R1, TrUserData)} + S2 = if R1 == '$undef' -> S1; + true -> S1#{releases => lists_reverse(R1, TrUserData)} + end, + if R2 == '$undef' -> S2; + true -> S2#{advisories => lists_reverse(R2, TrUserData)} end. -d_field_Package_releases(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) when N < 57 -> d_field_Package_releases(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, TrUserData); -d_field_Package_releases(<<0:1, X:7, Rest/binary>>, N, Acc, F, Prev, F@_2, F@_3, TrUserData) -> +d_field_Package_releases(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_field_Package_releases(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +d_field_Package_releases(<<0:1, X:7, Rest/binary>>, N, Acc, F, Prev, F@_2, F@_3, F@_4, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, {id(decode_msg_Release(Bs, TrUserData), TrUserData), Rest2} end, - dfp_read_field_def_Package(RestF, 0, 0, F, cons(NewFValue, Prev, TrUserData), F@_2, F@_3, TrUserData). + dfp_read_field_def_Package(RestF, 0, 0, F, cons(NewFValue, Prev, TrUserData), F@_2, F@_3, F@_4, TrUserData). -d_field_Package_name(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) when N < 57 -> d_field_Package_name(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, TrUserData); -d_field_Package_name(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, F@_3, TrUserData) -> +d_field_Package_name(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_field_Package_name(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +d_field_Package_name(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, F@_3, F@_4, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_Package(RestF, 0, 0, F, F@_1, NewFValue, F@_3, TrUserData). + dfp_read_field_def_Package(RestF, 0, 0, F, F@_1, NewFValue, F@_3, F@_4, TrUserData). -d_field_Package_repository(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) when N < 57 -> d_field_Package_repository(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, TrUserData); -d_field_Package_repository(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, _, TrUserData) -> +d_field_Package_repository(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_field_Package_repository(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +d_field_Package_repository(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, _, F@_4, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_Package(RestF, 0, 0, F, F@_1, F@_2, NewFValue, TrUserData). + dfp_read_field_def_Package(RestF, 0, 0, F, F@_1, F@_2, NewFValue, F@_4, TrUserData). + +d_field_Package_advisories(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_field_Package_advisories(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +d_field_Package_advisories(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, Prev, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, {id(decode_msg_SecurityAdvisory(Bs, TrUserData), TrUserData), Rest2} end, + dfp_read_field_def_Package(RestF, 0, 0, F, F@_1, F@_2, F@_3, cons(NewFValue, Prev, TrUserData), TrUserData). -skip_varint_Package(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> skip_varint_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData); -skip_varint_Package(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> dfp_read_field_def_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData). +skip_varint_Package(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> skip_varint_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +skip_varint_Package(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> dfp_read_field_def_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData). -skip_length_delimited_Package(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) when N < 57 -> skip_length_delimited_Package(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, TrUserData); -skip_length_delimited_Package(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) -> +skip_length_delimited_Package(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> skip_length_delimited_Package(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +skip_length_delimited_Package(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> Length = X bsl N + Acc, <<_:Length/binary, Rest2/binary>> = Rest, - dfp_read_field_def_Package(Rest2, 0, 0, F, F@_1, F@_2, F@_3, TrUserData). + dfp_read_field_def_Package(Rest2, 0, 0, F, F@_1, F@_2, F@_3, F@_4, TrUserData). -skip_group_Package(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, TrUserData) -> +skip_group_Package(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, F@_4, TrUserData) -> {_, Rest} = read_group(Bin, FNum), - dfp_read_field_def_Package(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, TrUserData). + dfp_read_field_def_Package(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, F@_4, TrUserData). -skip_32_Package(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> dfp_read_field_def_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData). +skip_32_Package(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> dfp_read_field_def_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData). -skip_64_Package(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> dfp_read_field_def_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData). +skip_64_Package(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> dfp_read_field_def_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData). -decode_msg_Release(Bin, TrUserData) -> dfp_read_field_def_Release(Bin, 0, 0, 0, id('$undef', TrUserData), id('$undef', TrUserData), id([], TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), TrUserData). +decode_msg_Release(Bin, TrUserData) -> dfp_read_field_def_Release(Bin, 0, 0, 0, id('$undef', TrUserData), id('$undef', TrUserData), id([], TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id([], TrUserData), TrUserData). -dfp_read_field_def_Release(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> d_field_Release_version(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -dfp_read_field_def_Release(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> d_field_Release_inner_checksum(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -dfp_read_field_def_Release(<<26, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> d_field_Release_dependencies(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -dfp_read_field_def_Release(<<34, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> d_field_Release_retired(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -dfp_read_field_def_Release(<<42, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> d_field_Release_outer_checksum(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -dfp_read_field_def_Release(<<>>, 0, 0, _, F@_1, F@_2, R1, F@_4, F@_5, TrUserData) -> - S1 = #{version => F@_1, inner_checksum => F@_2}, +dfp_read_field_def_Release(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_Release_version(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_Release(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_Release_inner_checksum(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_Release(<<26, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_Release_dependencies(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_Release(<<34, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_Release_retired(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_Release(<<42, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_Release_outer_checksum(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_Release(<<50, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_pfield_Release_advisory_indexes(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_Release(<<48, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_Release_advisory_indexes(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_Release(<<>>, 0, 0, _, F@_1, F@_2, R1, F@_4, F@_5, R2, TrUserData) -> + S1 = #{version => F@_1, inner_checksum => F@_2, advisory_indexes => lists_reverse(R2, TrUserData)}, S2 = if R1 == '$undef' -> S1; true -> S1#{dependencies => lists_reverse(R1, TrUserData)} end, @@ -423,28 +510,30 @@ dfp_read_field_def_Release(<<>>, 0, 0, _, F@_1, F@_2, R1, F@_4, F@_5, TrUserData if F@_5 == '$undef' -> S3; true -> S3#{outer_checksum => F@_5} end; -dfp_read_field_def_Release(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> dg_read_field_def_Release(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData). +dfp_read_field_def_Release(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> dg_read_field_def_Release(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). -dg_read_field_def_Release(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) when N < 32 - 7 -> dg_read_field_def_Release(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -dg_read_field_def_Release(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> +dg_read_field_def_Release(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 32 - 7 -> dg_read_field_def_Release(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dg_read_field_def_Release(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> Key = X bsl N + Acc, case Key of - 10 -> d_field_Release_version(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); - 18 -> d_field_Release_inner_checksum(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); - 26 -> d_field_Release_dependencies(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); - 34 -> d_field_Release_retired(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); - 42 -> d_field_Release_outer_checksum(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); + 10 -> d_field_Release_version(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 18 -> d_field_Release_inner_checksum(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 26 -> d_field_Release_dependencies(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 34 -> d_field_Release_retired(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 42 -> d_field_Release_outer_checksum(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 50 -> d_pfield_Release_advisory_indexes(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 48 -> d_field_Release_advisory_indexes(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); _ -> case Key band 7 of - 0 -> skip_varint_Release(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); - 1 -> skip_64_Release(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); - 2 -> skip_length_delimited_Release(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); - 3 -> skip_group_Release(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); - 5 -> skip_32_Release(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) + 0 -> skip_varint_Release(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 1 -> skip_64_Release(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 2 -> skip_length_delimited_Release(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 3 -> skip_group_Release(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 5 -> skip_32_Release(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) end end; -dg_read_field_def_Release(<<>>, 0, 0, _, F@_1, F@_2, R1, F@_4, F@_5, TrUserData) -> - S1 = #{version => F@_1, inner_checksum => F@_2}, +dg_read_field_def_Release(<<>>, 0, 0, _, F@_1, F@_2, R1, F@_4, F@_5, R2, TrUserData) -> + S1 = #{version => F@_1, inner_checksum => F@_2, advisory_indexes => lists_reverse(R2, TrUserData)}, S2 = if R1 == '$undef' -> S1; true -> S1#{dependencies => lists_reverse(R1, TrUserData)} end, @@ -455,23 +544,23 @@ dg_read_field_def_Release(<<>>, 0, 0, _, F@_1, F@_2, R1, F@_4, F@_5, TrUserData) true -> S3#{outer_checksum => F@_5} end. -d_field_Release_version(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) when N < 57 -> d_field_Release_version(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -d_field_Release_version(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, F@_3, F@_4, F@_5, TrUserData) -> +d_field_Release_version(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_Release_version(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +d_field_Release_version(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_Release(RestF, 0, 0, F, NewFValue, F@_2, F@_3, F@_4, F@_5, TrUserData). + dfp_read_field_def_Release(RestF, 0, 0, F, NewFValue, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). -d_field_Release_inner_checksum(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) when N < 57 -> d_field_Release_inner_checksum(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -d_field_Release_inner_checksum(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, F@_3, F@_4, F@_5, TrUserData) -> +d_field_Release_inner_checksum(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_Release_inner_checksum(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +d_field_Release_inner_checksum(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, F@_3, F@_4, F@_5, F@_6, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_Release(RestF, 0, 0, F, F@_1, NewFValue, F@_3, F@_4, F@_5, TrUserData). + dfp_read_field_def_Release(RestF, 0, 0, F, F@_1, NewFValue, F@_3, F@_4, F@_5, F@_6, TrUserData). -d_field_Release_dependencies(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) when N < 57 -> d_field_Release_dependencies(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -d_field_Release_dependencies(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, Prev, F@_4, F@_5, TrUserData) -> +d_field_Release_dependencies(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_Release_dependencies(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +d_field_Release_dependencies(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, Prev, F@_4, F@_5, F@_6, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, {id(decode_msg_Dependency(Bs, TrUserData), TrUserData), Rest2} end, - dfp_read_field_def_Release(RestF, 0, 0, F, F@_1, F@_2, cons(NewFValue, Prev, TrUserData), F@_4, F@_5, TrUserData). + dfp_read_field_def_Release(RestF, 0, 0, F, F@_1, F@_2, cons(NewFValue, Prev, TrUserData), F@_4, F@_5, F@_6, TrUserData). -d_field_Release_retired(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) when N < 57 -> d_field_Release_retired(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -d_field_Release_retired(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, Prev, F@_5, TrUserData) -> +d_field_Release_retired(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_Release_retired(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +d_field_Release_retired(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, Prev, F@_5, F@_6, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, {id(decode_msg_RetirementStatus(Bs, TrUserData), TrUserData), Rest2} end, dfp_read_field_def_Release(RestF, 0, @@ -484,29 +573,48 @@ d_field_Release_retired(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, true -> merge_msg_RetirementStatus(Prev, NewFValue, TrUserData) end, F@_5, + F@_6, TrUserData). -d_field_Release_outer_checksum(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) when N < 57 -> d_field_Release_outer_checksum(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -d_field_Release_outer_checksum(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, _, TrUserData) -> +d_field_Release_outer_checksum(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_Release_outer_checksum(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +d_field_Release_outer_checksum(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_Release(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, NewFValue, TrUserData). + dfp_read_field_def_Release(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, NewFValue, F@_6, TrUserData). + +d_field_Release_advisory_indexes(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_Release_advisory_indexes(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +d_field_Release_advisory_indexes(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, Prev, TrUserData) -> + {NewFValue, RestF} = {id((X bsl N + Acc) band 4294967295, TrUserData), Rest}, + dfp_read_field_def_Release(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, cons(NewFValue, Prev, TrUserData), TrUserData). + +d_pfield_Release_advisory_indexes(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_pfield_Release_advisory_indexes(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +d_pfield_Release_advisory_indexes(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, E, TrUserData) -> + Len = X bsl N + Acc, + <> = Rest, + NewSeq = d_packed_field_Release_advisory_indexes(PackedBytes, 0, 0, F, E, TrUserData), + dfp_read_field_def_Release(Rest2, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, NewSeq, TrUserData). -skip_varint_Release(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> skip_varint_Release(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -skip_varint_Release(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> dfp_read_field_def_Release(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData). +d_packed_field_Release_advisory_indexes(<<1:1, X:7, Rest/binary>>, N, Acc, F, AccSeq, TrUserData) when N < 57 -> d_packed_field_Release_advisory_indexes(Rest, N + 7, X bsl N + Acc, F, AccSeq, TrUserData); +d_packed_field_Release_advisory_indexes(<<0:1, X:7, Rest/binary>>, N, Acc, F, AccSeq, TrUserData) -> + {NewFValue, RestF} = {id((X bsl N + Acc) band 4294967295, TrUserData), Rest}, + d_packed_field_Release_advisory_indexes(RestF, 0, 0, F, [NewFValue | AccSeq], TrUserData); +d_packed_field_Release_advisory_indexes(<<>>, 0, 0, _, AccSeq, _) -> AccSeq. -skip_length_delimited_Release(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) when N < 57 -> skip_length_delimited_Release(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); -skip_length_delimited_Release(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> +skip_varint_Release(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> skip_varint_Release(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +skip_varint_Release(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> dfp_read_field_def_Release(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). + +skip_length_delimited_Release(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> skip_length_delimited_Release(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +skip_length_delimited_Release(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> Length = X bsl N + Acc, <<_:Length/binary, Rest2/binary>> = Rest, - dfp_read_field_def_Release(Rest2, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData). + dfp_read_field_def_Release(Rest2, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). -skip_group_Release(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> +skip_group_Release(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> {_, Rest} = read_group(Bin, FNum), - dfp_read_field_def_Release(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData). + dfp_read_field_def_Release(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). -skip_32_Release(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> dfp_read_field_def_Release(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData). +skip_32_Release(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> dfp_read_field_def_Release(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). -skip_64_Release(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> dfp_read_field_def_Release(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData). +skip_64_Release(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> dfp_read_field_def_Release(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). decode_msg_RetirementStatus(Bin, TrUserData) -> dfp_read_field_def_RetirementStatus(Bin, 0, 0, 0, id('$undef', TrUserData), id('$undef', TrUserData), TrUserData). @@ -567,6 +675,105 @@ skip_32_RetirementStatus(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserDat skip_64_RetirementStatus(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> dfp_read_field_def_RetirementStatus(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData). +decode_msg_SecurityAdvisory(Bin, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Bin, 0, 0, 0, id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), TrUserData). + +dfp_read_field_def_SecurityAdvisory(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_SecurityAdvisory_id(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_SecurityAdvisory_summary(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<26, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_SecurityAdvisory_html_url(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_SecurityAdvisory_severity(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<45, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_SecurityAdvisory_cvss_score(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<50, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> d_field_SecurityAdvisory_api_url(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dfp_read_field_def_SecurityAdvisory(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, _) -> + S1 = #{id => F@_1, summary => F@_2, html_url => F@_3, api_url => F@_6}, + S2 = if F@_4 == '$undef' -> S1; + true -> S1#{severity => F@_4} + end, + if F@_5 == '$undef' -> S2; + true -> S2#{cvss_score => F@_5} + end; +dfp_read_field_def_SecurityAdvisory(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> dg_read_field_def_SecurityAdvisory(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). + +dg_read_field_def_SecurityAdvisory(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 32 - 7 -> + dg_read_field_def_SecurityAdvisory(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +dg_read_field_def_SecurityAdvisory(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> + Key = X bsl N + Acc, + case Key of + 10 -> d_field_SecurityAdvisory_id(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 18 -> d_field_SecurityAdvisory_summary(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 26 -> d_field_SecurityAdvisory_html_url(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 32 -> d_field_SecurityAdvisory_severity(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 45 -> d_field_SecurityAdvisory_cvss_score(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 50 -> d_field_SecurityAdvisory_api_url(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + _ -> + case Key band 7 of + 0 -> skip_varint_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 1 -> skip_64_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 2 -> skip_length_delimited_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 3 -> skip_group_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); + 5 -> skip_32_SecurityAdvisory(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) + end + end; +dg_read_field_def_SecurityAdvisory(<<>>, 0, 0, _, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, _) -> + S1 = #{id => F@_1, summary => F@_2, html_url => F@_3, api_url => F@_6}, + S2 = if F@_4 == '$undef' -> S1; + true -> S1#{severity => F@_4} + end, + if F@_5 == '$undef' -> S2; + true -> S2#{cvss_score => F@_5} + end. + +d_field_SecurityAdvisory_id(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_SecurityAdvisory_id(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +d_field_SecurityAdvisory_id(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, NewFValue, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). + +d_field_SecurityAdvisory_summary(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_SecurityAdvisory_summary(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +d_field_SecurityAdvisory_summary(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, _, F@_3, F@_4, F@_5, F@_6, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, NewFValue, F@_3, F@_4, F@_5, F@_6, TrUserData). + +d_field_SecurityAdvisory_html_url(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_SecurityAdvisory_html_url(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +d_field_SecurityAdvisory_html_url(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, _, F@_4, F@_5, F@_6, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, NewFValue, F@_4, F@_5, F@_6, TrUserData). + +d_field_SecurityAdvisory_severity(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_SecurityAdvisory_severity(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +d_field_SecurityAdvisory_severity(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, _, F@_5, F@_6, TrUserData) -> + {NewFValue, RestF} = {id(d_enum_AdvisorySeverity(begin <> = <<(X bsl N + Acc):32/unsigned-native>>, id(Res, TrUserData) end), TrUserData), Rest}, + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, NewFValue, F@_5, F@_6, TrUserData). + +d_field_SecurityAdvisory_cvss_score(<<0:16, 128, 127, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, TrUserData) -> dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(infinity, TrUserData), F@_6, TrUserData); +d_field_SecurityAdvisory_cvss_score(<<0:16, 128, 255, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id('-infinity', TrUserData), F@_6, TrUserData); +d_field_SecurityAdvisory_cvss_score(<<_:16, 1:1, _:7, _:1, 127:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(nan, TrUserData), F@_6, TrUserData); +d_field_SecurityAdvisory_cvss_score(<>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, _, F@_6, TrUserData) -> + dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, id(Value, TrUserData), F@_6, TrUserData). + +d_field_SecurityAdvisory_api_url(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> d_field_SecurityAdvisory_api_url(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +d_field_SecurityAdvisory_api_url(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, _, TrUserData) -> + {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, + dfp_read_field_def_SecurityAdvisory(RestF, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, NewFValue, TrUserData). + +skip_varint_SecurityAdvisory(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> skip_varint_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +skip_varint_SecurityAdvisory(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). + +skip_length_delimited_SecurityAdvisory(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) when N < 57 -> + skip_length_delimited_SecurityAdvisory(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData); +skip_length_delimited_SecurityAdvisory(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> + Length = X bsl N + Acc, + <<_:Length/binary, Rest2/binary>> = Rest, + dfp_read_field_def_SecurityAdvisory(Rest2, 0, 0, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). + +skip_group_SecurityAdvisory(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> + {_, Rest} = read_group(Bin, FNum), + dfp_read_field_def_SecurityAdvisory(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). + +skip_32_SecurityAdvisory(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). + +skip_64_SecurityAdvisory(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData) -> dfp_read_field_def_SecurityAdvisory(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, F@_6, TrUserData). + decode_msg_Dependency(Bin, TrUserData) -> dfp_read_field_def_Dependency(Bin, 0, 0, 0, id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), id('$undef', TrUserData), TrUserData). dfp_read_field_def_Dependency(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData) -> d_field_Dependency_package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, F@_5, TrUserData); @@ -666,6 +873,13 @@ d_enum_RetirementReason(3) -> 'RETIRED_DEPRECATED'; d_enum_RetirementReason(4) -> 'RETIRED_RENAMED'; d_enum_RetirementReason(V) -> V. +d_enum_AdvisorySeverity(0) -> 'SEVERITY_NONE'; +d_enum_AdvisorySeverity(1) -> 'SEVERITY_LOW'; +d_enum_AdvisorySeverity(2) -> 'SEVERITY_MEDIUM'; +d_enum_AdvisorySeverity(3) -> 'SEVERITY_HIGH'; +d_enum_AdvisorySeverity(4) -> 'SEVERITY_CRITICAL'; +d_enum_AdvisorySeverity(V) -> V. + read_group(Bin, FieldNum) -> {NumBytes, EndTagLen} = read_gr_b(Bin, 0, 0, 0, 0, FieldNum), <> = Bin, @@ -732,17 +946,24 @@ merge_msgs(Prev, New, MsgName, Opts) -> 'Package' -> merge_msg_Package(Prev, New, TrUserData); 'Release' -> merge_msg_Release(Prev, New, TrUserData); 'RetirementStatus' -> merge_msg_RetirementStatus(Prev, New, TrUserData); + 'SecurityAdvisory' -> merge_msg_SecurityAdvisory(Prev, New, TrUserData); 'Dependency' -> merge_msg_Dependency(Prev, New, TrUserData) end. -compile({nowarn_unused_function,merge_msg_Package/3}). merge_msg_Package(#{} = PMsg, #{name := NFname, repository := NFrepository} = NMsg, TrUserData) -> S1 = #{name => NFname, repository => NFrepository}, + S2 = case {PMsg, NMsg} of + {#{releases := PFreleases}, #{releases := NFreleases}} -> S1#{releases => 'erlang_++'(PFreleases, NFreleases, TrUserData)}; + {_, #{releases := NFreleases}} -> S1#{releases => NFreleases}; + {#{releases := PFreleases}, _} -> S1#{releases => PFreleases}; + {_, _} -> S1 + end, case {PMsg, NMsg} of - {#{releases := PFreleases}, #{releases := NFreleases}} -> S1#{releases => 'erlang_++'(PFreleases, NFreleases, TrUserData)}; - {_, #{releases := NFreleases}} -> S1#{releases => NFreleases}; - {#{releases := PFreleases}, _} -> S1#{releases => PFreleases}; - {_, _} -> S1 + {#{advisories := PFadvisories}, #{advisories := NFadvisories}} -> S2#{advisories => 'erlang_++'(PFadvisories, NFadvisories, TrUserData)}; + {_, #{advisories := NFadvisories}} -> S2#{advisories => NFadvisories}; + {#{advisories := PFadvisories}, _} -> S2#{advisories => PFadvisories}; + {_, _} -> S2 end. -compile({nowarn_unused_function,merge_msg_Release/3}). @@ -760,10 +981,16 @@ merge_msg_Release(#{} = PMsg, #{version := NFversion, inner_checksum := NFinner_ {#{retired := PFretired}, _} -> S2#{retired => PFretired}; {_, _} -> S2 end, + S4 = case {PMsg, NMsg} of + {_, #{outer_checksum := NFouter_checksum}} -> S3#{outer_checksum => NFouter_checksum}; + {#{outer_checksum := PFouter_checksum}, _} -> S3#{outer_checksum => PFouter_checksum}; + _ -> S3 + end, case {PMsg, NMsg} of - {_, #{outer_checksum := NFouter_checksum}} -> S3#{outer_checksum => NFouter_checksum}; - {#{outer_checksum := PFouter_checksum}, _} -> S3#{outer_checksum => PFouter_checksum}; - _ -> S3 + {#{advisory_indexes := PFadvisory_indexes}, #{advisory_indexes := NFadvisory_indexes}} -> S4#{advisory_indexes => 'erlang_++'(PFadvisory_indexes, NFadvisory_indexes, TrUserData)}; + {_, #{advisory_indexes := NFadvisory_indexes}} -> S4#{advisory_indexes => NFadvisory_indexes}; + {#{advisory_indexes := PFadvisory_indexes}, _} -> S4#{advisory_indexes => PFadvisory_indexes}; + {_, _} -> S4 end. -compile({nowarn_unused_function,merge_msg_RetirementStatus/3}). @@ -775,6 +1002,20 @@ merge_msg_RetirementStatus(#{} = PMsg, #{reason := NFreason} = NMsg, _) -> _ -> S1 end. +-compile({nowarn_unused_function,merge_msg_SecurityAdvisory/3}). +merge_msg_SecurityAdvisory(#{} = PMsg, #{id := NFid, summary := NFsummary, html_url := NFhtml_url, api_url := NFapi_url} = NMsg, _) -> + S1 = #{id => NFid, summary => NFsummary, html_url => NFhtml_url, api_url => NFapi_url}, + S2 = case {PMsg, NMsg} of + {_, #{severity := NFseverity}} -> S1#{severity => NFseverity}; + {#{severity := PFseverity}, _} -> S1#{severity => PFseverity}; + _ -> S1 + end, + case {PMsg, NMsg} of + {_, #{cvss_score := NFcvss_score}} -> S2#{cvss_score => NFcvss_score}; + {#{cvss_score := PFcvss_score}, _} -> S2#{cvss_score => PFcvss_score}; + _ -> S2 + end. + -compile({nowarn_unused_function,merge_msg_Dependency/3}). merge_msg_Dependency(#{} = PMsg, #{package := NFpackage, requirement := NFrequirement} = NMsg, _) -> S1 = #{package => NFpackage, requirement => NFrequirement}, @@ -803,6 +1044,7 @@ verify_msg(Msg, MsgName, Opts) -> 'Package' -> v_msg_Package(Msg, [MsgName], TrUserData); 'Release' -> v_msg_Release(Msg, [MsgName], TrUserData); 'RetirementStatus' -> v_msg_RetirementStatus(Msg, [MsgName], TrUserData); + 'SecurityAdvisory' -> v_msg_SecurityAdvisory(Msg, [MsgName], TrUserData); 'Dependency' -> v_msg_Dependency(Msg, [MsgName], TrUserData); _ -> mk_type_error(not_a_known_message, Msg, []) end. @@ -822,9 +1064,19 @@ v_msg_Package(#{name := F2, repository := F3} = M, Path, TrUserData) -> end, v_type_string(F2, [name | Path], TrUserData), v_type_string(F3, [repository | Path], TrUserData), + case M of + #{advisories := F4} -> + if is_list(F4) -> + _ = [v_submsg_SecurityAdvisory(Elem, [advisories | Path], TrUserData) || Elem <- F4], + ok; + true -> mk_type_error({invalid_list_of, {msg, 'SecurityAdvisory'}}, F4, [advisories | Path]) + end; + _ -> ok + end, lists:foreach(fun (releases) -> ok; (name) -> ok; (repository) -> ok; + (advisories) -> ok; (OtherKey) -> mk_type_error({extraneous_key, OtherKey}, M, Path) end, maps:keys(M)), @@ -858,11 +1110,21 @@ v_msg_Release(#{version := F1, inner_checksum := F2} = M, Path, TrUserData) -> #{outer_checksum := F5} -> v_type_bytes(F5, [outer_checksum | Path], TrUserData); _ -> ok end, + case M of + #{advisory_indexes := F6} -> + if is_list(F6) -> + _ = [v_type_uint32(Elem, [advisory_indexes | Path], TrUserData) || Elem <- F6], + ok; + true -> mk_type_error({invalid_list_of, uint32}, F6, [advisory_indexes | Path]) + end; + _ -> ok + end, lists:foreach(fun (version) -> ok; (inner_checksum) -> ok; (dependencies) -> ok; (retired) -> ok; (outer_checksum) -> ok; + (advisory_indexes) -> ok; (OtherKey) -> mk_type_error({extraneous_key, OtherKey}, M, Path) end, maps:keys(M)), @@ -891,6 +1153,38 @@ v_msg_RetirementStatus(#{reason := F1} = M, Path, TrUserData) -> v_msg_RetirementStatus(M, Path, _TrUserData) when is_map(M) -> mk_type_error({missing_fields, [reason] -- maps:keys(M), 'RetirementStatus'}, M, Path); v_msg_RetirementStatus(X, Path, _TrUserData) -> mk_type_error({expected_msg, 'RetirementStatus'}, X, Path). +-compile({nowarn_unused_function,v_submsg_SecurityAdvisory/3}). +-dialyzer({nowarn_function,v_submsg_SecurityAdvisory/3}). +v_submsg_SecurityAdvisory(Msg, Path, TrUserData) -> v_msg_SecurityAdvisory(Msg, Path, TrUserData). + +-compile({nowarn_unused_function,v_msg_SecurityAdvisory/3}). +-dialyzer({nowarn_function,v_msg_SecurityAdvisory/3}). +v_msg_SecurityAdvisory(#{id := F1, summary := F2, html_url := F3, api_url := F6} = M, Path, TrUserData) -> + v_type_string(F1, [id | Path], TrUserData), + v_type_string(F2, [summary | Path], TrUserData), + v_type_string(F3, [html_url | Path], TrUserData), + case M of + #{severity := F4} -> v_enum_AdvisorySeverity(F4, [severity | Path], TrUserData); + _ -> ok + end, + case M of + #{cvss_score := F5} -> v_type_float(F5, [cvss_score | Path], TrUserData); + _ -> ok + end, + v_type_string(F6, [api_url | Path], TrUserData), + lists:foreach(fun (id) -> ok; + (summary) -> ok; + (html_url) -> ok; + (severity) -> ok; + (cvss_score) -> ok; + (api_url) -> ok; + (OtherKey) -> mk_type_error({extraneous_key, OtherKey}, M, Path) + end, + maps:keys(M)), + ok; +v_msg_SecurityAdvisory(M, Path, _TrUserData) when is_map(M) -> mk_type_error({missing_fields, [id, summary, html_url, api_url] -- maps:keys(M), 'SecurityAdvisory'}, M, Path); +v_msg_SecurityAdvisory(X, Path, _TrUserData) -> mk_type_error({expected_msg, 'SecurityAdvisory'}, X, Path). + -compile({nowarn_unused_function,v_submsg_Dependency/3}). -dialyzer({nowarn_function,v_submsg_Dependency/3}). v_submsg_Dependency(Msg, Path, TrUserData) -> v_msg_Dependency(Msg, Path, TrUserData). @@ -934,6 +1228,22 @@ v_enum_RetirementReason('RETIRED_RENAMED', _Path, _TrUserData) -> ok; v_enum_RetirementReason(V, _Path, _TrUserData) when -2147483648 =< V, V =< 2147483647, is_integer(V) -> ok; v_enum_RetirementReason(X, Path, _TrUserData) -> mk_type_error({invalid_enum, 'RetirementReason'}, X, Path). +-compile({nowarn_unused_function,v_enum_AdvisorySeverity/3}). +-dialyzer({nowarn_function,v_enum_AdvisorySeverity/3}). +v_enum_AdvisorySeverity('SEVERITY_NONE', _Path, _TrUserData) -> ok; +v_enum_AdvisorySeverity('SEVERITY_LOW', _Path, _TrUserData) -> ok; +v_enum_AdvisorySeverity('SEVERITY_MEDIUM', _Path, _TrUserData) -> ok; +v_enum_AdvisorySeverity('SEVERITY_HIGH', _Path, _TrUserData) -> ok; +v_enum_AdvisorySeverity('SEVERITY_CRITICAL', _Path, _TrUserData) -> ok; +v_enum_AdvisorySeverity(V, _Path, _TrUserData) when -2147483648 =< V, V =< 2147483647, is_integer(V) -> ok; +v_enum_AdvisorySeverity(X, Path, _TrUserData) -> mk_type_error({invalid_enum, 'AdvisorySeverity'}, X, Path). + +-compile({nowarn_unused_function,v_type_uint32/3}). +-dialyzer({nowarn_function,v_type_uint32/3}). +v_type_uint32(N, _Path, _TrUserData) when is_integer(N), 0 =< N, N =< 4294967295 -> ok; +v_type_uint32(N, Path, _TrUserData) when is_integer(N) -> mk_type_error({value_out_of_range, uint32, unsigned, 32}, N, Path); +v_type_uint32(X, Path, _TrUserData) -> mk_type_error({bad_integer, uint32, unsigned, 32}, X, Path). + -compile({nowarn_unused_function,v_type_bool/3}). -dialyzer({nowarn_function,v_type_bool/3}). v_type_bool(false, _Path, _TrUserData) -> ok; @@ -942,6 +1252,15 @@ v_type_bool(0, _Path, _TrUserData) -> ok; v_type_bool(1, _Path, _TrUserData) -> ok; v_type_bool(X, Path, _TrUserData) -> mk_type_error(bad_boolean_value, X, Path). +-compile({nowarn_unused_function,v_type_float/3}). +-dialyzer({nowarn_function,v_type_float/3}). +v_type_float(N, _Path, _TrUserData) when is_float(N) -> ok; +v_type_float(N, _Path, _TrUserData) when is_integer(N) -> ok; +v_type_float(infinity, _Path, _TrUserData) -> ok; +v_type_float('-infinity', _Path, _TrUserData) -> ok; +v_type_float(nan, _Path, _TrUserData) -> ok; +v_type_float(X, Path, _TrUserData) -> mk_type_error(bad_float_value, X, Path). + -compile({nowarn_unused_function,v_type_string/3}). -dialyzer({nowarn_function,v_type_string/3}). v_type_string(S, Path, _TrUserData) when is_list(S); is_binary(S) -> @@ -998,17 +1317,27 @@ cons(Elem, Acc, _TrUserData) -> [Elem | Acc]. get_msg_defs() -> [{{enum, 'RetirementReason'}, [{'RETIRED_OTHER', 0}, {'RETIRED_INVALID', 1}, {'RETIRED_SECURITY', 2}, {'RETIRED_DEPRECATED', 3}, {'RETIRED_RENAMED', 4}]}, + {{enum, 'AdvisorySeverity'}, [{'SEVERITY_NONE', 0}, {'SEVERITY_LOW', 1}, {'SEVERITY_MEDIUM', 2}, {'SEVERITY_HIGH', 3}, {'SEVERITY_CRITICAL', 4}]}, {{msg, 'Package'}, [#{name => releases, fnum => 1, rnum => 2, type => {msg, 'Release'}, occurrence => repeated, opts => []}, #{name => name, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}, - #{name => repository, fnum => 3, rnum => 4, type => string, occurrence => required, opts => []}]}, + #{name => repository, fnum => 3, rnum => 4, type => string, occurrence => required, opts => []}, + #{name => advisories, fnum => 4, rnum => 5, type => {msg, 'SecurityAdvisory'}, occurrence => repeated, opts => []}]}, {{msg, 'Release'}, [#{name => version, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => inner_checksum, fnum => 2, rnum => 3, type => bytes, occurrence => required, opts => []}, #{name => dependencies, fnum => 3, rnum => 4, type => {msg, 'Dependency'}, occurrence => repeated, opts => []}, #{name => retired, fnum => 4, rnum => 5, type => {msg, 'RetirementStatus'}, occurrence => optional, opts => []}, - #{name => outer_checksum, fnum => 5, rnum => 6, type => bytes, occurrence => optional, opts => []}]}, + #{name => outer_checksum, fnum => 5, rnum => 6, type => bytes, occurrence => optional, opts => []}, + #{name => advisory_indexes, fnum => 6, rnum => 7, type => uint32, occurrence => repeated, opts => []}]}, {{msg, 'RetirementStatus'}, [#{name => reason, fnum => 1, rnum => 2, type => {enum, 'RetirementReason'}, occurrence => required, opts => []}, #{name => message, fnum => 2, rnum => 3, type => string, occurrence => optional, opts => []}]}, + {{msg, 'SecurityAdvisory'}, + [#{name => id, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, + #{name => summary, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}, + #{name => html_url, fnum => 3, rnum => 4, type => string, occurrence => required, opts => []}, + #{name => severity, fnum => 4, rnum => 5, type => {enum, 'AdvisorySeverity'}, occurrence => optional, opts => []}, + #{name => cvss_score, fnum => 5, rnum => 6, type => float, occurrence => optional, opts => []}, + #{name => api_url, fnum => 6, rnum => 7, type => string, occurrence => required, opts => []}]}, {{msg, 'Dependency'}, [#{name => package, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => requirement, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}, @@ -1017,16 +1346,16 @@ get_msg_defs() -> #{name => repository, fnum => 5, rnum => 6, type => string, occurrence => optional, opts => []}]}]. -get_msg_names() -> ['Package', 'Release', 'RetirementStatus', 'Dependency']. +get_msg_names() -> ['Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'Dependency']. get_group_names() -> []. -get_msg_or_group_names() -> ['Package', 'Release', 'RetirementStatus', 'Dependency']. +get_msg_or_group_names() -> ['Package', 'Release', 'RetirementStatus', 'SecurityAdvisory', 'Dependency']. -get_enum_names() -> ['RetirementReason']. +get_enum_names() -> ['RetirementReason', 'AdvisorySeverity']. fetch_msg_def(MsgName) -> @@ -1046,14 +1375,23 @@ fetch_enum_def(EnumName) -> find_msg_def('Package') -> [#{name => releases, fnum => 1, rnum => 2, type => {msg, 'Release'}, occurrence => repeated, opts => []}, #{name => name, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}, - #{name => repository, fnum => 3, rnum => 4, type => string, occurrence => required, opts => []}]; + #{name => repository, fnum => 3, rnum => 4, type => string, occurrence => required, opts => []}, + #{name => advisories, fnum => 4, rnum => 5, type => {msg, 'SecurityAdvisory'}, occurrence => repeated, opts => []}]; find_msg_def('Release') -> [#{name => version, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => inner_checksum, fnum => 2, rnum => 3, type => bytes, occurrence => required, opts => []}, #{name => dependencies, fnum => 3, rnum => 4, type => {msg, 'Dependency'}, occurrence => repeated, opts => []}, #{name => retired, fnum => 4, rnum => 5, type => {msg, 'RetirementStatus'}, occurrence => optional, opts => []}, - #{name => outer_checksum, fnum => 5, rnum => 6, type => bytes, occurrence => optional, opts => []}]; + #{name => outer_checksum, fnum => 5, rnum => 6, type => bytes, occurrence => optional, opts => []}, + #{name => advisory_indexes, fnum => 6, rnum => 7, type => uint32, occurrence => repeated, opts => []}]; find_msg_def('RetirementStatus') -> [#{name => reason, fnum => 1, rnum => 2, type => {enum, 'RetirementReason'}, occurrence => required, opts => []}, #{name => message, fnum => 2, rnum => 3, type => string, occurrence => optional, opts => []}]; +find_msg_def('SecurityAdvisory') -> + [#{name => id, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, + #{name => summary, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}, + #{name => html_url, fnum => 3, rnum => 4, type => string, occurrence => required, opts => []}, + #{name => severity, fnum => 4, rnum => 5, type => {enum, 'AdvisorySeverity'}, occurrence => optional, opts => []}, + #{name => cvss_score, fnum => 5, rnum => 6, type => float, occurrence => optional, opts => []}, + #{name => api_url, fnum => 6, rnum => 7, type => string, occurrence => required, opts => []}]; find_msg_def('Dependency') -> [#{name => package, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => requirement, fnum => 2, rnum => 3, type => string, occurrence => required, opts => []}, @@ -1064,13 +1402,16 @@ find_msg_def(_) -> error. find_enum_def('RetirementReason') -> [{'RETIRED_OTHER', 0}, {'RETIRED_INVALID', 1}, {'RETIRED_SECURITY', 2}, {'RETIRED_DEPRECATED', 3}, {'RETIRED_RENAMED', 4}]; +find_enum_def('AdvisorySeverity') -> [{'SEVERITY_NONE', 0}, {'SEVERITY_LOW', 1}, {'SEVERITY_MEDIUM', 2}, {'SEVERITY_HIGH', 3}, {'SEVERITY_CRITICAL', 4}]; find_enum_def(_) -> error. -enum_symbol_by_value('RetirementReason', Value) -> enum_symbol_by_value_RetirementReason(Value). +enum_symbol_by_value('RetirementReason', Value) -> enum_symbol_by_value_RetirementReason(Value); +enum_symbol_by_value('AdvisorySeverity', Value) -> enum_symbol_by_value_AdvisorySeverity(Value). -enum_value_by_symbol('RetirementReason', Sym) -> enum_value_by_symbol_RetirementReason(Sym). +enum_value_by_symbol('RetirementReason', Sym) -> enum_value_by_symbol_RetirementReason(Sym); +enum_value_by_symbol('AdvisorySeverity', Sym) -> enum_value_by_symbol_AdvisorySeverity(Sym). enum_symbol_by_value_RetirementReason(0) -> 'RETIRED_OTHER'; @@ -1086,6 +1427,19 @@ enum_value_by_symbol_RetirementReason('RETIRED_SECURITY') -> 2; enum_value_by_symbol_RetirementReason('RETIRED_DEPRECATED') -> 3; enum_value_by_symbol_RetirementReason('RETIRED_RENAMED') -> 4. +enum_symbol_by_value_AdvisorySeverity(0) -> 'SEVERITY_NONE'; +enum_symbol_by_value_AdvisorySeverity(1) -> 'SEVERITY_LOW'; +enum_symbol_by_value_AdvisorySeverity(2) -> 'SEVERITY_MEDIUM'; +enum_symbol_by_value_AdvisorySeverity(3) -> 'SEVERITY_HIGH'; +enum_symbol_by_value_AdvisorySeverity(4) -> 'SEVERITY_CRITICAL'. + + +enum_value_by_symbol_AdvisorySeverity('SEVERITY_NONE') -> 0; +enum_value_by_symbol_AdvisorySeverity('SEVERITY_LOW') -> 1; +enum_value_by_symbol_AdvisorySeverity('SEVERITY_MEDIUM') -> 2; +enum_value_by_symbol_AdvisorySeverity('SEVERITY_HIGH') -> 3; +enum_value_by_symbol_AdvisorySeverity('SEVERITY_CRITICAL') -> 4. + get_service_names() -> []. @@ -1133,6 +1487,7 @@ service_and_rpc_name_to_fqbins(S, R) -> error({gpb_error, {badservice_or_rpc, {S fqbin_to_msg_name(<<"Package">>) -> 'Package'; fqbin_to_msg_name(<<"Release">>) -> 'Release'; fqbin_to_msg_name(<<"RetirementStatus">>) -> 'RetirementStatus'; +fqbin_to_msg_name(<<"SecurityAdvisory">>) -> 'SecurityAdvisory'; fqbin_to_msg_name(<<"Dependency">>) -> 'Dependency'; fqbin_to_msg_name(E) -> error({gpb_error, {badmsg, E}}). @@ -1140,15 +1495,18 @@ fqbin_to_msg_name(E) -> error({gpb_error, {badmsg, E}}). msg_name_to_fqbin('Package') -> <<"Package">>; msg_name_to_fqbin('Release') -> <<"Release">>; msg_name_to_fqbin('RetirementStatus') -> <<"RetirementStatus">>; +msg_name_to_fqbin('SecurityAdvisory') -> <<"SecurityAdvisory">>; msg_name_to_fqbin('Dependency') -> <<"Dependency">>; msg_name_to_fqbin(E) -> error({gpb_error, {badmsg, E}}). fqbin_to_enum_name(<<"RetirementReason">>) -> 'RetirementReason'; +fqbin_to_enum_name(<<"AdvisorySeverity">>) -> 'AdvisorySeverity'; fqbin_to_enum_name(E) -> error({gpb_error, {badenum, E}}). enum_name_to_fqbin('RetirementReason') -> <<"RetirementReason">>; +enum_name_to_fqbin('AdvisorySeverity') -> <<"AdvisorySeverity">>; enum_name_to_fqbin(E) -> error({gpb_error, {badenum, E}}). @@ -1179,7 +1537,7 @@ get_all_source_basenames() -> ["mix_hex_pb_package.proto"]. get_all_proto_names() -> ["mix_hex_pb_package"]. -get_msg_containment("mix_hex_pb_package") -> ['Dependency', 'Package', 'Release', 'RetirementStatus']; +get_msg_containment("mix_hex_pb_package") -> ['Dependency', 'Package', 'Release', 'RetirementStatus', 'SecurityAdvisory']; get_msg_containment(P) -> error({gpb_error, {badproto, P}}). @@ -1195,13 +1553,14 @@ get_rpc_containment("mix_hex_pb_package") -> []; get_rpc_containment(P) -> error({gpb_error, {badproto, P}}). -get_enum_containment("mix_hex_pb_package") -> ['RetirementReason']; +get_enum_containment("mix_hex_pb_package") -> ['AdvisorySeverity', 'RetirementReason']; get_enum_containment(P) -> error({gpb_error, {badproto, P}}). get_proto_by_msg_name_as_fqbin(<<"RetirementStatus">>) -> "mix_hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"Release">>) -> "mix_hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"Package">>) -> "mix_hex_pb_package"; +get_proto_by_msg_name_as_fqbin(<<"SecurityAdvisory">>) -> "mix_hex_pb_package"; get_proto_by_msg_name_as_fqbin(<<"Dependency">>) -> "mix_hex_pb_package"; get_proto_by_msg_name_as_fqbin(E) -> error({gpb_error, {badmsg, E}}). @@ -1210,6 +1569,7 @@ get_proto_by_msg_name_as_fqbin(E) -> error({gpb_error, {badmsg, E}}). get_proto_by_service_name_as_fqbin(E) -> error({gpb_error, {badservice, E}}). +get_proto_by_enum_name_as_fqbin(<<"AdvisorySeverity">>) -> "mix_hex_pb_package"; get_proto_by_enum_name_as_fqbin(<<"RetirementReason">>) -> "mix_hex_pb_package"; get_proto_by_enum_name_as_fqbin(E) -> error({gpb_error, {badenum, E}}). diff --git a/src/mix_hex_pb_signed.erl b/src/mix_hex_pb_signed.erl index 0a1ecefa..d39d05af 100644 --- a/src/mix_hex_pb_signed.erl +++ b/src/mix_hex_pb_signed.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% -*- coding: utf-8 -*- %% % this file is @generated diff --git a/src/mix_hex_pb_versions.erl b/src/mix_hex_pb_versions.erl index e9649979..d9e0d2fe 100644 --- a/src/mix_hex_pb_versions.erl +++ b/src/mix_hex_pb_versions.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% -*- coding: utf-8 -*- %% % this file is @generated @@ -63,7 +63,8 @@ -type 'Package'() :: #{name => unicode:chardata(), % = 1, required versions => [unicode:chardata()], % = 2, repeated - retired => [integer()] % = 3, repeated, 32 bits + retired => [integer()], % = 3, repeated, 32 bits + with_advisories => [integer()] % = 5, repeated, 32 bits }. -export_type(['Versions'/0, 'Package'/0]). @@ -117,13 +118,21 @@ encode_msg_Package(#{name := F1} = M, Bin, TrUserData) -> end; _ -> B1 end, + B3 = case M of + #{retired := F3} -> + TrF3 = id(F3, TrUserData), + if TrF3 == [] -> B2; + true -> e_field_Package_retired(TrF3, B2, TrUserData) + end; + _ -> B2 + end, case M of - #{retired := F3} -> - TrF3 = id(F3, TrUserData), - if TrF3 == [] -> B2; - true -> e_field_Package_retired(TrF3, B2, TrUserData) + #{with_advisories := F4} -> + TrF4 = id(F4, TrUserData), + if TrF4 == [] -> B3; + true -> e_field_Package_with_advisories(TrF4, B3, TrUserData) end; - _ -> B2 + _ -> B3 end. e_mfield_Versions_packages(Msg, Bin, TrUserData) -> @@ -155,6 +164,18 @@ e_pfield_Package_retired([Value | Rest], Bin, TrUserData) -> e_pfield_Package_retired(Rest, Bin2, TrUserData); e_pfield_Package_retired([], Bin, _TrUserData) -> Bin. +e_field_Package_with_advisories(Elems, Bin, TrUserData) when Elems =/= [] -> + SubBin = e_pfield_Package_with_advisories(Elems, <<>>, TrUserData), + Bin2 = <>, + Bin3 = e_varint(byte_size(SubBin), Bin2), + <>; +e_field_Package_with_advisories([], Bin, _TrUserData) -> Bin. + +e_pfield_Package_with_advisories([Value | Rest], Bin, TrUserData) -> + Bin2 = e_type_int32(id(Value, TrUserData), Bin, TrUserData), + e_pfield_Package_with_advisories(Rest, Bin2, TrUserData); +e_pfield_Package_with_advisories([], Bin, _TrUserData) -> Bin. + -compile({nowarn_unused_function,e_type_sint/3}). e_type_sint(Value, Bin, _TrUserData) when Value >= 0 -> e_varint(Value * 2, Bin); e_type_sint(Value, Bin, _TrUserData) -> e_varint(Value * -2 - 1, Bin). @@ -341,55 +362,59 @@ skip_32_Versions(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> df skip_64_Versions(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, TrUserData) -> dfp_read_field_def_Versions(Rest, Z1, Z2, F, F@_1, F@_2, TrUserData). -decode_msg_Package(Bin, TrUserData) -> dfp_read_field_def_Package(Bin, 0, 0, 0, id('$undef', TrUserData), id([], TrUserData), id([], TrUserData), TrUserData). +decode_msg_Package(Bin, TrUserData) -> dfp_read_field_def_Package(Bin, 0, 0, 0, id('$undef', TrUserData), id([], TrUserData), id([], TrUserData), id([], TrUserData), TrUserData). -dfp_read_field_def_Package(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> d_field_Package_name(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData); -dfp_read_field_def_Package(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> d_field_Package_versions(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData); -dfp_read_field_def_Package(<<26, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> d_pfield_Package_retired(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData); -dfp_read_field_def_Package(<<24, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> d_field_Package_retired(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData); -dfp_read_field_def_Package(<<>>, 0, 0, _, F@_1, R1, R2, TrUserData) -> #{name => F@_1, versions => lists_reverse(R1, TrUserData), retired => lists_reverse(R2, TrUserData)}; -dfp_read_field_def_Package(Other, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> dg_read_field_def_Package(Other, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData). +dfp_read_field_def_Package(<<10, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_field_Package_name(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +dfp_read_field_def_Package(<<18, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_field_Package_versions(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +dfp_read_field_def_Package(<<26, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_pfield_Package_retired(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +dfp_read_field_def_Package(<<24, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_field_Package_retired(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +dfp_read_field_def_Package(<<42, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_pfield_Package_with_advisories(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +dfp_read_field_def_Package(<<40, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> d_field_Package_with_advisories(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +dfp_read_field_def_Package(<<>>, 0, 0, _, F@_1, R1, R2, R3, TrUserData) -> #{name => F@_1, versions => lists_reverse(R1, TrUserData), retired => lists_reverse(R2, TrUserData), with_advisories => lists_reverse(R3, TrUserData)}; +dfp_read_field_def_Package(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> dg_read_field_def_Package(Other, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData). -dg_read_field_def_Package(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) when N < 32 - 7 -> dg_read_field_def_Package(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, TrUserData); -dg_read_field_def_Package(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, TrUserData) -> +dg_read_field_def_Package(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 32 - 7 -> dg_read_field_def_Package(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +dg_read_field_def_Package(<<0:1, X:7, Rest/binary>>, N, Acc, _, F@_1, F@_2, F@_3, F@_4, TrUserData) -> Key = X bsl N + Acc, case Key of - 10 -> d_field_Package_name(Rest, 0, 0, 0, F@_1, F@_2, F@_3, TrUserData); - 18 -> d_field_Package_versions(Rest, 0, 0, 0, F@_1, F@_2, F@_3, TrUserData); - 26 -> d_pfield_Package_retired(Rest, 0, 0, 0, F@_1, F@_2, F@_3, TrUserData); - 24 -> d_field_Package_retired(Rest, 0, 0, 0, F@_1, F@_2, F@_3, TrUserData); + 10 -> d_field_Package_name(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); + 18 -> d_field_Package_versions(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); + 26 -> d_pfield_Package_retired(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); + 24 -> d_field_Package_retired(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); + 42 -> d_pfield_Package_with_advisories(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); + 40 -> d_field_Package_with_advisories(Rest, 0, 0, 0, F@_1, F@_2, F@_3, F@_4, TrUserData); _ -> case Key band 7 of - 0 -> skip_varint_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, TrUserData); - 1 -> skip_64_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, TrUserData); - 2 -> skip_length_delimited_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, TrUserData); - 3 -> skip_group_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, TrUserData); - 5 -> skip_32_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, TrUserData) + 0 -> skip_varint_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData); + 1 -> skip_64_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData); + 2 -> skip_length_delimited_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData); + 3 -> skip_group_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData); + 5 -> skip_32_Package(Rest, 0, 0, Key bsr 3, F@_1, F@_2, F@_3, F@_4, TrUserData) end end; -dg_read_field_def_Package(<<>>, 0, 0, _, F@_1, R1, R2, TrUserData) -> #{name => F@_1, versions => lists_reverse(R1, TrUserData), retired => lists_reverse(R2, TrUserData)}. +dg_read_field_def_Package(<<>>, 0, 0, _, F@_1, R1, R2, R3, TrUserData) -> #{name => F@_1, versions => lists_reverse(R1, TrUserData), retired => lists_reverse(R2, TrUserData), with_advisories => lists_reverse(R3, TrUserData)}. -d_field_Package_name(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) when N < 57 -> d_field_Package_name(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, TrUserData); -d_field_Package_name(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, F@_3, TrUserData) -> +d_field_Package_name(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_field_Package_name(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +d_field_Package_name(<<0:1, X:7, Rest/binary>>, N, Acc, F, _, F@_2, F@_3, F@_4, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_Package(RestF, 0, 0, F, NewFValue, F@_2, F@_3, TrUserData). + dfp_read_field_def_Package(RestF, 0, 0, F, NewFValue, F@_2, F@_3, F@_4, TrUserData). -d_field_Package_versions(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) when N < 57 -> d_field_Package_versions(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, TrUserData); -d_field_Package_versions(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, Prev, F@_3, TrUserData) -> +d_field_Package_versions(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_field_Package_versions(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +d_field_Package_versions(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, Prev, F@_3, F@_4, TrUserData) -> {NewFValue, RestF} = begin Len = X bsl N + Acc, <> = Rest, Bytes2 = binary:copy(Bytes), {id(Bytes2, TrUserData), Rest2} end, - dfp_read_field_def_Package(RestF, 0, 0, F, F@_1, cons(NewFValue, Prev, TrUserData), F@_3, TrUserData). + dfp_read_field_def_Package(RestF, 0, 0, F, F@_1, cons(NewFValue, Prev, TrUserData), F@_3, F@_4, TrUserData). -d_field_Package_retired(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) when N < 57 -> d_field_Package_retired(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, TrUserData); -d_field_Package_retired(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, Prev, TrUserData) -> +d_field_Package_retired(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_field_Package_retired(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +d_field_Package_retired(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, Prev, F@_4, TrUserData) -> {NewFValue, RestF} = {begin <> = <<(X bsl N + Acc):32/unsigned-native>>, id(Res, TrUserData) end, Rest}, - dfp_read_field_def_Package(RestF, 0, 0, F, F@_1, F@_2, cons(NewFValue, Prev, TrUserData), TrUserData). + dfp_read_field_def_Package(RestF, 0, 0, F, F@_1, F@_2, cons(NewFValue, Prev, TrUserData), F@_4, TrUserData). -d_pfield_Package_retired(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) when N < 57 -> d_pfield_Package_retired(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, TrUserData); -d_pfield_Package_retired(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, E, TrUserData) -> +d_pfield_Package_retired(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_pfield_Package_retired(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +d_pfield_Package_retired(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, E, F@_4, TrUserData) -> Len = X bsl N + Acc, <> = Rest, NewSeq = d_packed_field_Package_retired(PackedBytes, 0, 0, F, E, TrUserData), - dfp_read_field_def_Package(Rest2, 0, 0, F, F@_1, F@_2, NewSeq, TrUserData). + dfp_read_field_def_Package(Rest2, 0, 0, F, F@_1, F@_2, NewSeq, F@_4, TrUserData). d_packed_field_Package_retired(<<1:1, X:7, Rest/binary>>, N, Acc, F, AccSeq, TrUserData) when N < 57 -> d_packed_field_Package_retired(Rest, N + 7, X bsl N + Acc, F, AccSeq, TrUserData); d_packed_field_Package_retired(<<0:1, X:7, Rest/binary>>, N, Acc, F, AccSeq, TrUserData) -> @@ -397,22 +422,40 @@ d_packed_field_Package_retired(<<0:1, X:7, Rest/binary>>, N, Acc, F, AccSeq, TrU d_packed_field_Package_retired(RestF, 0, 0, F, [NewFValue | AccSeq], TrUserData); d_packed_field_Package_retired(<<>>, 0, 0, _, AccSeq, _) -> AccSeq. -skip_varint_Package(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> skip_varint_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData); -skip_varint_Package(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> dfp_read_field_def_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData). +d_field_Package_with_advisories(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_field_Package_with_advisories(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +d_field_Package_with_advisories(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, Prev, TrUserData) -> + {NewFValue, RestF} = {begin <> = <<(X bsl N + Acc):32/unsigned-native>>, id(Res, TrUserData) end, Rest}, + dfp_read_field_def_Package(RestF, 0, 0, F, F@_1, F@_2, F@_3, cons(NewFValue, Prev, TrUserData), TrUserData). -skip_length_delimited_Package(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) when N < 57 -> skip_length_delimited_Package(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, TrUserData); -skip_length_delimited_Package(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, TrUserData) -> +d_pfield_Package_with_advisories(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> d_pfield_Package_with_advisories(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +d_pfield_Package_with_advisories(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, E, TrUserData) -> + Len = X bsl N + Acc, + <> = Rest, + NewSeq = d_packed_field_Package_with_advisories(PackedBytes, 0, 0, F, E, TrUserData), + dfp_read_field_def_Package(Rest2, 0, 0, F, F@_1, F@_2, F@_3, NewSeq, TrUserData). + +d_packed_field_Package_with_advisories(<<1:1, X:7, Rest/binary>>, N, Acc, F, AccSeq, TrUserData) when N < 57 -> d_packed_field_Package_with_advisories(Rest, N + 7, X bsl N + Acc, F, AccSeq, TrUserData); +d_packed_field_Package_with_advisories(<<0:1, X:7, Rest/binary>>, N, Acc, F, AccSeq, TrUserData) -> + {NewFValue, RestF} = {begin <> = <<(X bsl N + Acc):32/unsigned-native>>, id(Res, TrUserData) end, Rest}, + d_packed_field_Package_with_advisories(RestF, 0, 0, F, [NewFValue | AccSeq], TrUserData); +d_packed_field_Package_with_advisories(<<>>, 0, 0, _, AccSeq, _) -> AccSeq. + +skip_varint_Package(<<1:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> skip_varint_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +skip_varint_Package(<<0:1, _:7, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> dfp_read_field_def_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData). + +skip_length_delimited_Package(<<1:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) when N < 57 -> skip_length_delimited_Package(Rest, N + 7, X bsl N + Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData); +skip_length_delimited_Package(<<0:1, X:7, Rest/binary>>, N, Acc, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> Length = X bsl N + Acc, <<_:Length/binary, Rest2/binary>> = Rest, - dfp_read_field_def_Package(Rest2, 0, 0, F, F@_1, F@_2, F@_3, TrUserData). + dfp_read_field_def_Package(Rest2, 0, 0, F, F@_1, F@_2, F@_3, F@_4, TrUserData). -skip_group_Package(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, TrUserData) -> +skip_group_Package(Bin, _, Z2, FNum, F@_1, F@_2, F@_3, F@_4, TrUserData) -> {_, Rest} = read_group(Bin, FNum), - dfp_read_field_def_Package(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, TrUserData). + dfp_read_field_def_Package(Rest, 0, Z2, FNum, F@_1, F@_2, F@_3, F@_4, TrUserData). -skip_32_Package(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> dfp_read_field_def_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData). +skip_32_Package(<<_:32, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> dfp_read_field_def_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData). -skip_64_Package(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData) -> dfp_read_field_def_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, TrUserData). +skip_64_Package(<<_:64, Rest/binary>>, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData) -> dfp_read_field_def_Package(Rest, Z1, Z2, F, F@_1, F@_2, F@_3, F@_4, TrUserData). read_group(Bin, FieldNum) -> {NumBytes, EndTagLen} = read_gr_b(Bin, 0, 0, 0, 0, FieldNum), @@ -500,11 +543,17 @@ merge_msg_Package(#{} = PMsg, #{name := NFname} = NMsg, TrUserData) -> {#{versions := PFversions}, _} -> S1#{versions => PFversions}; {_, _} -> S1 end, + S3 = case {PMsg, NMsg} of + {#{retired := PFretired}, #{retired := NFretired}} -> S2#{retired => 'erlang_++'(PFretired, NFretired, TrUserData)}; + {_, #{retired := NFretired}} -> S2#{retired => NFretired}; + {#{retired := PFretired}, _} -> S2#{retired => PFretired}; + {_, _} -> S2 + end, case {PMsg, NMsg} of - {#{retired := PFretired}, #{retired := NFretired}} -> S2#{retired => 'erlang_++'(PFretired, NFretired, TrUserData)}; - {_, #{retired := NFretired}} -> S2#{retired => NFretired}; - {#{retired := PFretired}, _} -> S2#{retired => PFretired}; - {_, _} -> S2 + {#{with_advisories := PFwith_advisories}, #{with_advisories := NFwith_advisories}} -> S3#{with_advisories => 'erlang_++'(PFwith_advisories, NFwith_advisories, TrUserData)}; + {_, #{with_advisories := NFwith_advisories}} -> S3#{with_advisories => NFwith_advisories}; + {#{with_advisories := PFwith_advisories}, _} -> S3#{with_advisories => PFwith_advisories}; + {_, _} -> S3 end. @@ -567,9 +616,19 @@ v_msg_Package(#{name := F1} = M, Path, TrUserData) -> end; _ -> ok end, + case M of + #{with_advisories := F4} -> + if is_list(F4) -> + _ = [v_type_int32(Elem, [with_advisories | Path], TrUserData) || Elem <- F4], + ok; + true -> mk_type_error({invalid_list_of, int32}, F4, [with_advisories | Path]) + end; + _ -> ok + end, lists:foreach(fun (name) -> ok; (versions) -> ok; (retired) -> ok; + (with_advisories) -> ok; (OtherKey) -> mk_type_error({extraneous_key, OtherKey}, M, Path) end, maps:keys(M)), @@ -636,7 +695,8 @@ get_msg_defs() -> {{msg, 'Package'}, [#{name => name, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => versions, fnum => 2, rnum => 3, type => string, occurrence => repeated, opts => []}, - #{name => retired, fnum => 3, rnum => 4, type => int32, occurrence => repeated, opts => [packed]}]}]. + #{name => retired, fnum => 3, rnum => 4, type => int32, occurrence => repeated, opts => [packed]}, + #{name => with_advisories, fnum => 5, rnum => 5, type => int32, occurrence => repeated, opts => [packed]}]}]. get_msg_names() -> ['Versions', 'Package']. @@ -666,7 +726,8 @@ find_msg_def('Versions') -> [#{name => packages, fnum => 1, rnum => 2, type => { find_msg_def('Package') -> [#{name => name, fnum => 1, rnum => 2, type => string, occurrence => required, opts => []}, #{name => versions, fnum => 2, rnum => 3, type => string, occurrence => repeated, opts => []}, - #{name => retired, fnum => 3, rnum => 4, type => int32, occurrence => repeated, opts => [packed]}]; + #{name => retired, fnum => 3, rnum => 4, type => int32, occurrence => repeated, opts => [packed]}, + #{name => with_advisories, fnum => 5, rnum => 5, type => int32, occurrence => repeated, opts => [packed]}]; find_msg_def(_) -> error. diff --git a/src/mix_hex_registry.erl b/src/mix_hex_registry.erl index b361e9ab..54c03f1d 100644 --- a/src/mix_hex_registry.erl +++ b/src/mix_hex_registry.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Functions for encoding and decoding Hex registries. diff --git a/src/mix_hex_repo.erl b/src/mix_hex_repo.erl index aadf5374..0ecfd2e1 100644 --- a/src/mix_hex_repo.erl +++ b/src/mix_hex_repo.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Repo API. @@ -12,7 +12,9 @@ get_docs/3, get_docs_to_file/4, get_public_key/1, - get_hex_installs/1 + get_hex_installs/1, + fingerprint/1, + fingerprint_equal/2 ]). %%==================================================================== @@ -208,6 +210,66 @@ get_hex_installs(Config) -> Other end. +%% @doc +%% Computes a SHA256 fingerprint of a PEM-encoded public key. +%% +%% Returns a string in the format "SHA256:" followed by base64, which can be used +%% to verify public keys out-of-band. +%% +%% Examples: +%% +%% ``` +%% > mix_hex_repo:fingerprint(PublicKeyPem). +%% "SHA256:abc123..." +%% ''' +%% @end +-spec fingerprint(binary()) -> string(). +fingerprint(PublicKeyPem) when is_binary(PublicKeyPem) -> + [PemEntry] = public_key:pem_decode(PublicKeyPem), + PublicKey = public_key:pem_entry_decode(PemEntry), + application:ensure_all_started(ssh), + ssh:hostkey_fingerprint(sha256, PublicKey). + +%% @doc +%% Compares a PEM-encoded public key against an expected fingerprint. +%% +%% Uses constant-time comparison to prevent timing attacks. +%% +%% Examples: +%% +%% ``` +%% > mix_hex_repo:fingerprint_equal(PublicKeyPem, "SHA256:abc123..."). +%% true +%% ''' +%% @end +-spec fingerprint_equal(binary(), iodata()) -> boolean(). +fingerprint_equal(PublicKeyPem, ExpectedFingerprint) when is_binary(PublicKeyPem) -> + ActualFingerprint = fingerprint(PublicKeyPem), + constant_time_compare( + list_to_binary(ActualFingerprint), + iolist_to_binary(ExpectedFingerprint) + ). + +%% @private +%% Constant-time comparison to prevent timing attacks. +%% Uses crypto:hash_equals/2 on OTP 25+, falls back to manual comparison on older versions. +-if(?OTP_RELEASE >= 25). +constant_time_compare(A, B) when byte_size(A) =/= byte_size(B) -> + false; +constant_time_compare(A, B) -> + crypto:hash_equals(A, B). +-else. +constant_time_compare(A, B) when byte_size(A) =:= byte_size(B) -> + constant_time_compare(A, B, 0); +constant_time_compare(_, _) -> + false. + +constant_time_compare(<>, <>, Acc) -> + constant_time_compare(RestA, RestB, Acc bor (X bxor Y)); +constant_time_compare(<<>>, <<>>, Acc) -> + Acc =:= 0. +-endif. + %%==================================================================== %% Internal functions %%==================================================================== diff --git a/src/mix_hex_safe_binary_to_term.erl b/src/mix_hex_safe_binary_to_term.erl index 1e7e308f..fb2aca38 100644 --- a/src/mix_hex_safe_binary_to_term.erl +++ b/src/mix_hex_safe_binary_to_term.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (90f9f59), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @hidden %% Safe deserialization of Erlang terms from binary. diff --git a/src/mix_hex_tarball.erl b/src/mix_hex_tarball.erl index 92c0f484..89f99a52 100644 --- a/src/mix_hex_tarball.erl +++ b/src/mix_hex_tarball.erl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (4a6a1e9), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %% @doc %% Functions for creating and unpacking Hex tarballs. @@ -69,7 +69,7 @@ create(Metadata, Files, Config) -> tarball_max_size := TarballMaxSize, tarball_max_uncompressed_size := TarballMaxUncompressedSize } = Config, - FilesRoot = maps:get(tarball_files_root, Config, undefined), + FilesRoot = maps:get(tarball_files_root, Config, "."), MetadataBinary = encode_metadata(Metadata), @@ -143,7 +143,7 @@ create_docs(Files, Config) -> docs_tarball_max_size := TarballMaxSize, docs_tarball_max_uncompressed_size := TarballMaxUncompressedSize } = Config, - FilesRoot = maps:get(tarball_files_root, Config, undefined), + FilesRoot = maps:get(tarball_files_root, Config, "."), case validate_create_files(Files, FilesRoot) of {ok, ValidatedFiles} -> @@ -356,8 +356,6 @@ format_error({tarball, {too_big_compressed, Size}}) -> io_lib:format("package exceeds max compressed size ~w ~s", [format_byte_size(Size), "MB"]); format_error({tarball, {missing_files, Files}}) -> io_lib:format("missing files: ~p", [Files]); -format_error({tarball, missing_files_root}) -> - "tarball files root is required when creating tarballs from filesystem paths"; format_error({tarball, {bad_version, Vsn}}) -> io_lib:format("unsupported version: ~p", [Vsn]); format_error({tarball, invalid_checksum}) -> @@ -581,7 +579,6 @@ decode_metadata(#{files := #{"metadata.config" := Binary}, config := Config} = S end. -ifdef(TEST). -%% @private do_decode_metadata(Binary) -> do_decode_metadata(Binary, all). -endif. @@ -941,25 +938,69 @@ validate_archive_path(Filename) -> end. validate_source_file(ArchiveName, SourcePath, FilesRoot) -> - case validate_source_path(SourcePath) of - ok -> validate_source_file_root(ArchiveName, SourcePath, FilesRoot); - {error, _} = Error -> Error + case source_file_paths(SourcePath, FilesRoot) of + {ok, DiskPath, RelativePath, Root} -> + validate_source_file_root(ArchiveName, DiskPath, RelativePath, Root); + outside_root -> + {error, {tarball, {unsafe_path, ArchiveName}}} end. -validate_source_path(SourcePath) -> - case safe_relative_archive_path(SourcePath) of - false -> {error, {tarball, {unsafe_path, SourcePath}}}; - true -> ok +source_file_paths(SourcePath, FilesRoot) -> + Root = normalize_root(filename:absname(FilesRoot)), + case source_relative_path(SourcePath, Root) of + {ok, RelativePath} -> + {ok, source_disk_path(SourcePath, Root), RelativePath, Root}; + outside_root -> + outside_root + end. + +normalize_root(Path) -> + filename:join(normalize_root_parts(filename:split(Path), [])). + +normalize_root_parts([], Acc) -> + lists:reverse(Acc); +normalize_root_parts(["." | Parts], Acc) -> + normalize_root_parts(Parts, Acc); +normalize_root_parts([".." | Parts], Acc) -> + normalize_root_parent(Parts, Acc); +normalize_root_parts([Part | Parts], Acc) -> + normalize_root_parts(Parts, [Part | Acc]). + +normalize_root_parent(Parts, [Root] = Acc) -> + case filename:pathtype(Root) of + relative -> normalize_root_parts(Parts, []); + _ -> normalize_root_parts(Parts, Acc) + end; +normalize_root_parent(Parts, [_Part | Acc]) -> + normalize_root_parts(Parts, Acc); +normalize_root_parent(Parts, []) -> + normalize_root_parts(Parts, []). + +source_disk_path(SourcePath, Root) -> + case filename:pathtype(SourcePath) of + absolute -> SourcePath; + _ -> filename:join(Root, SourcePath) end. -validate_source_file_root(_ArchiveName, _SourcePath, undefined) -> - {error, {tarball, missing_files_root}}; -validate_source_file_root(ArchiveName, SourcePath, FilesRoot) -> - Root = filename:absname(FilesRoot), - DiskPath = filename:join(Root, SourcePath), +source_relative_path(SourcePath, Root) -> + case filename:pathtype(SourcePath) of + absolute -> strip_root_path(filename:split(SourcePath), filename:split(Root)); + _ -> {ok, SourcePath} + end. + +strip_root_path([], []) -> + {ok, "."}; +strip_root_path(PathParts, []) -> + {ok, filename:join(PathParts)}; +strip_root_path([Part | PathParts], [Part | RootParts]) -> + strip_root_path(PathParts, RootParts); +strip_root_path(_PathParts, _RootParts) -> + outside_root. + +validate_source_file_root(ArchiveName, DiskPath, RelativePath, Root) -> case file:read_link_info(DiskPath, []) of {ok, #file_info{type = Type}} when Type =:= regular; Type =:= directory -> - case validate_source_root(ArchiveName, SourcePath, Root) of + case validate_source_root(ArchiveName, RelativePath, Root) of ok -> {ok, {ArchiveName, DiskPath}}; {error, _} = Error -> Error end; @@ -970,7 +1011,7 @@ validate_source_file_root(ArchiveName, SourcePath, FilesRoot) -> false -> {error, {tarball, {unsafe_symlink, ArchiveName, LinkTarget}}}; true -> - case validate_source_root(ArchiveName, SourcePath, Root) of + case validate_source_root(ArchiveName, RelativePath, Root) of ok -> {ok, {ArchiveName, DiskPath}}; {error, _} = Error -> Error end @@ -978,7 +1019,10 @@ validate_source_file_root(ArchiveName, SourcePath, FilesRoot) -> {ok, #file_info{type = Type}} -> {error, {tarball, {unsupported_file_type, ArchiveName, Type}}}; _ -> - {ok, {ArchiveName, DiskPath}} + case validate_source_root(ArchiveName, RelativePath, Root) of + ok -> {ok, {ArchiveName, DiskPath}}; + {error, _} = Error -> Error + end end. validate_source_root(ArchiveName, SourcePath, FilesRoot) -> diff --git a/src/mix_safe_erl_term.xrl b/src/mix_safe_erl_term.xrl index b019b936..768e9fc5 100644 --- a/src/mix_safe_erl_term.xrl +++ b/src/mix_safe_erl_term.xrl @@ -1,4 +1,4 @@ -%% Vendored from hex_core v0.15.0 (4a6a1e9), do not edit manually +%% Vendored from hex_core v0.16.0 (0e332e5), do not edit manually %%% Author : Robert Virding %%% Purpose : Token definitions for Erlang. diff --git a/test/hex/tarball_test.exs b/test/hex/tarball_test.exs index 07c3be0a..6fa4d76c 100644 --- a/test/hex/tarball_test.exs +++ b/test/hex/tarball_test.exs @@ -17,38 +17,18 @@ defmodule Hex.TarballTest do :mix_hex_tarball.create_docs([{~c"/README.md", "README"}]) end - test "create requires root-relative filesystem source paths" do + test "create rejects symlinks whose disk target escapes the files root" do metadata = %{name: "foo", version: "1.0.0"} in_tmp(fn -> - File.write!("README.md", "README") - - root = File.cwd!() |> String.to_charlist() - config = :mix_hex_core.default_config() |> Map.put(:tarball_files_root, root) - absolute_readme = Path.expand("README.md") |> String.to_charlist() - - assert {:error, {:tarball, :missing_files_root}} = - :mix_hex_tarball.create(metadata, [{~c"README.md", ~c"README.md"}]) - - assert {:error, {:tarball, :missing_files_root}} = - :mix_hex_tarball.create_docs([{~c"README.md", ~c"README.md"}]) - - assert {:error, {:tarball, {:unsafe_path, ^absolute_readme}}} = - :mix_hex_tarball.create(metadata, [{~c"README.md", absolute_readme}], config) - - assert {:error, {:tarball, {:unsafe_path, ^absolute_readme}}} = - :mix_hex_tarball.create_docs([{~c"README.md", absolute_readme}], config) - - assert {:ok, _} = - :mix_hex_tarball.create(metadata, [{~c"README.md", ~c"README.md"}], config) - - assert {:ok, _} = - :mix_hex_tarball.create_docs([{~c"README.md", ~c"README.md"}], config) - File.mkdir!("../outside") File.write!("../outside/secret.txt", "outside") File.ln_s!("../outside/secret.txt", "mismatch_link") + config = + :mix_hex_core.default_config() + |> Map.put(:tarball_files_root, File.cwd!() |> String.to_charlist()) + assert {:error, {:tarball, {:unsafe_path, ~c"nested/mismatch_link"}}} = :mix_hex_tarball.create( metadata, diff --git a/test/mix/tasks/hex.registry_test.exs b/test/mix/tasks/hex.registry_test.exs index 598f0863..79ec5b04 100644 --- a/test/mix/tasks/hex.registry_test.exs +++ b/test/mix/tasks/hex.registry_test.exs @@ -56,7 +56,7 @@ defmodule Mix.Tasks.Hex.RegistryTest do assert {:ok, {200, _, versions}} = :mix_hex_repo.get_versions(config) assert versions == %{ - packages: [%{name: "foo", retired: [], versions: ["0.10.0"]}], + packages: [%{name: "foo", retired: [], versions: ["0.10.0"], with_advisories: []}], repository: "acme" } @@ -87,7 +87,9 @@ defmodule Mix.Tasks.Hex.RegistryTest do assert {:ok, {200, _, versions}} = :mix_hex_repo.get_versions(config) assert versions == %{ - packages: [%{name: "foo", retired: [], versions: ["0.9.0", "0.10.0"]}], + packages: [ + %{name: "foo", retired: [], versions: ["0.9.0", "0.10.0"], with_advisories: []} + ], repository: "acme" } @@ -114,7 +116,14 @@ defmodule Mix.Tasks.Hex.RegistryTest do assert {:ok, {200, _, versions}} = :mix_hex_repo.get_versions(config) assert versions == %{ - packages: [%{name: "foo", retired: [], versions: ["0.9.0", "0.10.0", "1.0.0-rc"]}], + packages: [ + %{ + name: "foo", + retired: [], + versions: ["0.9.0", "0.10.0", "1.0.0-rc"], + with_advisories: [] + } + ], repository: "acme" }