Fixed framework field method to work - which fixed 11 existing advisories (#652)

jasnow · web-flow · commit 9fe1efd478a8 · 2023-06-24T16:12:35.000-07:00
* Add missing `framework` field to advisories.
* Fixed bug in `framework` field method code.
diff --git a/gems/actionmailer/CVE-2013-4389.yml b/gems/actionmailer/CVE-2013-4389.yml
@@ -1,5 +1,6 @@
 ---
 gem: actionmailer
+framework: rails
 cve: 2013-4389
 osvdb: 98629
 ghsa: rg5m-3fqp-6px8
diff --git a/gems/actionpack/CVE-2012-2660.yml b/gems/actionpack/CVE-2012-2660.yml
@@ -1,5 +1,6 @@
 ---
 gem: actionpack
+framework: rails
 cve: 2012-2660
 ghsa: hgpp-pp89-4fgf
 url: https://groups.google.com/g/rubyonrails-security/c/8SA-M3as7A8/m/Mr9fi9X4kNgJ
diff --git a/gems/actionpack/CVE-2012-2694.yml b/gems/actionpack/CVE-2012-2694.yml
@@ -1,5 +1,6 @@
 ---
 gem: actionpack
+framework: rails
 cve: 2012-2694
 ghsa: q34c-48gc-m9g8
 url: https://groups.google.com/g/rubyonrails-security/c/jILZ34tAHF4/m/7x0hLH-o0-IJ
diff --git a/gems/actionpack/CVE-2023-22792.yml b/gems/actionpack/CVE-2023-22792.yml
@@ -1,5 +1,6 @@
 ---
 gem: actionpack
+framework: rails
 cve: 2023-22792
 ghsa: p84v-45xj-wwqj
 url: https://github.com/rails/rails/releases/tag/v7.0.4.1
diff --git a/gems/actionpack/CVE-2023-22795.yml b/gems/actionpack/CVE-2023-22795.yml
@@ -1,5 +1,6 @@
 ---
 gem: actionpack
+framework: rails
 cve: 2023-22795
 ghsa: 8xww-x3g3-6jcv
 url: https://github.com/rails/rails/releases/tag/v7.0.4.1
diff --git a/gems/actionpack/CVE-2023-22797.yml b/gems/actionpack/CVE-2023-22797.yml
@@ -1,5 +1,6 @@
 ---
 gem: actionpack
+framework: rails
 cve: 2023-22797
 ghsa: 9445-4cr6-336r
 url: https://github.com/rails/rails/releases/tag/v7.0.4.1
diff --git a/gems/activejob/CVE-2018-16476.yml b/gems/activejob/CVE-2018-16476.yml
@@ -1,5 +1,6 @@
 ---
 gem: activejob
+framework: rails
 cve: 2018-16476
 ghsa: q2qw-rmrh-vv42
 url: https://groups.google.com/forum/#!topic/rubyonrails-security/FL4dSdzr2zw
diff --git a/gems/activerecord/CVE-2012-2695.yml b/gems/activerecord/CVE-2012-2695.yml
@@ -1,5 +1,6 @@
 ---
 gem: activerecord
+framework: rails
 cve: 2012-2695
 ghsa: 76wq-xw4h-f8wj
 url: https://groups.google.com/g/rubyonrails-security/c/l4L0TEVAz1k/m/Vr84sD9B464J
diff --git a/gems/activerecord/CVE-2022-44566.yml b/gems/activerecord/CVE-2022-44566.yml
@@ -1,5 +1,6 @@
 ---
 gem: activerecord
+framework: rails
 cve: 2022-44566
 ghsa: 579w-22j4-4749
 url: https://github.com/rails/rails/releases/tag/v7.0.4.1
diff --git a/gems/activerecord/CVE-2023-22794.yml b/gems/activerecord/CVE-2023-22794.yml
@@ -1,5 +1,6 @@
 ---
 gem: activerecord
+framework: rails
 cve: 2023-22794
 ghsa: hq7p-j377-6v63
 url: https://github.com/rails/rails/releases/tag/v7.0.4.1
diff --git a/gems/activesupport/CVE-2023-22796.yml b/gems/activesupport/CVE-2023-22796.yml
@@ -1,5 +1,6 @@
 ---
 gem: activesupport
+framework: rails
 cve: 2023-22796
 ghsa: j6gc-792m-qgm2
 url: https://github.com/rails/rails/releases/tag/v7.0.4.1
diff --git a/lib/github_advisory_sync.rb b/lib/github_advisory_sync.rb
@@ -201,11 +201,10 @@ def filename
 
       def framework
         case name
-        when %w[
-          actioncable actionmailbox actionmailer actionpack actiontext
-          actionview activejob activemodel activerecord activestorage
-          activesupport railties
-        ]
+        when
+          "actioncable",  "actionmailbox", "actionmailer",  "actionpack",
+          "actiontext",   "actionview",    "activejob",     "activemodel",
+          "activerecord", "activestorage", "activesupport", "railties"
           "rails"
         end
       end
