Address straightforward PR comments

xmasoracle · xmasoracle · commit 04b963d19e0e · 2023-03-16T16:21:55.000+01:00
diff --git a/src/models/vulnerability/reference.ts b/src/models/vulnerability/reference.ts
@@ -52,5 +52,6 @@ export class Reference implements Comparable<Reference> {
   }
 }
 
+/** @beta */
 export class ReferenceRepository extends SortableComparables<Reference> {
 }
diff --git a/src/models/vulnerability/source.ts b/src/models/vulnerability/source.ts
@@ -36,12 +36,10 @@ export class Source implements Comparable<Source> {
   }
 
   compare (other: Source): number {
-    function normalizeUrl (u: URL | string): string {
-      return (typeof u === 'string') ? u : u.toString()
+    if (this.url !== undefined && other.url !== undefined) {
+      return (this.url.toString() ?? '').localeCompare(other.url.toString() ?? '')
     }
-    const urlCompare = normalizeUrl(this.url ?? '').localeCompare(normalizeUrl(other.url ?? ''))
-
     /* eslint-disable-next-line @typescript-eslint/strict-boolean-expressions -- run compares in weighted order */
-    return (this.name ?? '').localeCompare(other.name ?? '') || urlCompare
+    return (this.name ?? '').localeCompare(other.name ?? '')
   }
 }
diff --git a/src/models/vulnerability/vulnerability.ts b/src/models/vulnerability/vulnerability.ts
@@ -29,7 +29,7 @@ import type { Analysis } from './analysis'
 import type { Credits } from './credits'
 import { RatingRepository } from './rating'
 import { ReferenceRepository } from './reference'
-import { Source } from './source'
+import type { Source } from './source'
 
 /** @beta */
 export interface OptionalVulnerabilityProperties {
@@ -58,7 +58,7 @@ export class Vulnerability implements Comparable<Vulnerability> {
   /** @see bomRef */
   readonly #bomRef: BomRef
   id?: string
-  source: Source
+  source?: Source
   references: ReferenceRepository
   ratings: RatingRepository
   cwes: CweRepository
@@ -78,7 +78,7 @@ export class Vulnerability implements Comparable<Vulnerability> {
   constructor (op: OptionalVulnerabilityProperties = {}) {
     this.#bomRef = new BomRef(op.bomRef)
     this.id = op.id
-    this.source = op.source ?? new Source()
+    this.source = op.source
     this.references = op.references ?? new ReferenceRepository()
     this.ratings = op.ratings ?? new RatingRepository()
     this.cwes = op.cwes ?? new CweRepository()
@@ -105,9 +105,12 @@ export class Vulnerability implements Comparable<Vulnerability> {
     if (bomRefCompare !== 0) {
       return bomRefCompare
     }
+    if (this.source !== undefined && other.source !== undefined) {
+      return this.source.compare(other.source)
+    }
+
     /* eslint-disable @typescript-eslint/strict-boolean-expressions -- run compares in weighted order */
     return (this.id ?? '').localeCompare(other.id ?? '') ||
-      this.source.compare(other.source) ||
       (this.description ?? '').localeCompare(other.description ?? '') ||
       (this.detail ?? '').localeCompare(other.detail ?? '')
     /* eslint-enable  @typescript-eslint/strict-boolean-expressions */
diff --git a/src/serialize/json/normalize.ts b/src/serialize/json/normalize.ts
@@ -527,10 +527,10 @@ export class DependencyGraphNormalizer extends BaseJsonNormalizer<Models.Bom> {
 }
 
 export class VulnerabilityNormalizer extends BaseJsonNormalizer<Models.Vulnerability.Vulnerability> {
-  normalize (data: Models.Vulnerability.Vulnerability, options: NormalizerOptions): Normalized.Vulnerability | undefined {
-    const source = data.source !== undefined
-      ? this._factory.makeForVulnerabilitySource().normalize(data.source, options)
-      : undefined
+  normalize (data: Models.Vulnerability.Vulnerability, options: NormalizerOptions): Normalized.Vulnerability {
+    const source = data.source === undefined
+      ? undefined
+      : this._factory.makeForVulnerabilitySource().normalize(data.source, options)
     const references = data.references.size > 0
       ? this._factory.makeForVulnerabilityReference().normalizeIterable(data.references, options)
       : undefined
@@ -555,18 +555,15 @@ export class VulnerabilityNormalizer extends BaseJsonNormalizer<Models.Vulnerabi
         : Array.from(data)
     ).map(
       c => this.normalize(c, options)
-    ).filter(isNotUndefined)
+    )
   }
 }
 
 export class VulnerabilitySourceNormalizer extends BaseJsonNormalizer<Models.Vulnerability.Source> {
   normalize (data: Models.Vulnerability.Source, options: NormalizerOptions): Normalized.VulnerabilitySource {
-    const url = data.url !== undefined && typeof data.url !== 'string'
-      ? data.url.toString()
-      : data.url
     return {
       name: data.name,
-      url
+      url: data.url?.toString()
     }
   }
 }
@@ -575,9 +572,9 @@ export class VulnerabilityReferenceNormalizer extends BaseJsonNormalizer<Models.
   normalize (data: Models.Vulnerability.Reference, options: NormalizerOptions): Normalized.VulnerabilityReference {
     return {
       id: data.id,
-      source: data.source !== undefined
-        ? this._factory.makeForVulnerabilitySource().normalize(data.source, options)
-        : undefined
+      source: data.source === undefined
+        ? undefined
+        : this._factory.makeForVulnerabilitySource().normalize(data.source, options)
     }
   }
 
@@ -588,7 +585,7 @@ export class VulnerabilityReferenceNormalizer extends BaseJsonNormalizer<Models.
         : Array.from(data)
     ).map(
       c => this.normalize(c, options)
-    ).filter(isNotUndefined)
+    )
   }
 }
 
diff --git a/tests/_data/models.js b/tests/_data/models.js
@@ -201,8 +201,8 @@ module.exports.createComplexStructure = function () {
     id: '1',
     source: new Models.Vulnerability.Source({ name: 'manual' }),
     references: new Models.Vulnerability.ReferenceRepository([
-      new Models.Vulnerability.Reference('CVE-2042-42420'),
-      new Models.Vulnerability.Reference('CVE-2042-42421')
+      new Models.Vulnerability.Reference('CVE-2042-42421'),
+      new Models.Vulnerability.Reference('CVE-2042-42420')
     ]),
     description: 'description of 1',
     detail: 'detail of 1',
diff --git a/tests/unit/Models.Vulnerability.Vulnerability.spec.js b/tests/unit/Models.Vulnerability.Vulnerability.spec.js
@@ -58,7 +58,7 @@ suite('Models.Vulnerability.Vulnerability', () => {
 
     assert.strictEqual(vulnerability.bomRef.value, undefined)
     assert.strictEqual(vulnerability.id, undefined)
-    assert.ok(vulnerability.source instanceof Source)
+    assert.strictEqual(vulnerability.source, undefined)
     assert.ok(vulnerability.references instanceof ReferenceRepository)
     assert.strictEqual(vulnerability.references.size, 0)
     assert.ok(vulnerability.ratings instanceof RatingRepository)

Original file line number	Diff line number	Diff line change
`@@ -52,5 +52,6 @@ export class Reference implements Comparable<Reference> {`
`52`	`52`	`}`
`53`	`53`	`}`
`54`	`54`
	`55`	`+/** @beta */`
`55`	`56`	`export class ReferenceRepository extends SortableComparables<Reference> {`
`56`	`57`	`}`
Original file line number	Diff line number	Diff line change
`@@ -36,12 +36,10 @@ export class Source implements Comparable<Source> {`
`36`	`36`	`}`
`37`	`37`
`38`	`38`	`compare (other: Source): number {`
`39`		`- function normalizeUrl (u: URL \| string): string {`
`40`		`- return (typeof u === 'string') ? u : u.toString()`
	`39`	`+ if (this.url !== undefined && other.url !== undefined) {`
	`40`	`+ return (this.url.toString() ?? '').localeCompare(other.url.toString() ?? '')`
`41`	`41`	`}`
`42`		`- const urlCompare = normalizeUrl(this.url ?? '').localeCompare(normalizeUrl(other.url ?? ''))`
`43`		`-`
`44`	`42`	`/* eslint-disable-next-line @typescript-eslint/strict-boolean-expressions -- run compares in weighted order */`
`45`		`- return (this.name ?? '').localeCompare(other.name ?? '') \|\| urlCompare`
	`43`	`+ return (this.name ?? '').localeCompare(other.name ?? '')`
`46`	`44`	`}`
`47`	`45`	`}`
Original file line number	Diff line number	Diff line change
`@@ -527,10 +527,10 @@ export class DependencyGraphNormalizer extends BaseJsonNormalizer<Models.Bom> {`
`527`	`527`	`}`
`528`	`528`
`529`	`529`	`export class VulnerabilityNormalizer extends BaseJsonNormalizer<Models.Vulnerability.Vulnerability> {`
`530`		`- normalize (data: Models.Vulnerability.Vulnerability, options: NormalizerOptions): Normalized.Vulnerability \| undefined {`
`531`		`- const source = data.source !== undefined`
`532`		`- ? this._factory.makeForVulnerabilitySource().normalize(data.source, options)`
`533`		`- : undefined`
	`530`	`+ normalize (data: Models.Vulnerability.Vulnerability, options: NormalizerOptions): Normalized.Vulnerability {`
	`531`	`+ const source = data.source === undefined`
	`532`	`+ ? undefined`
	`533`	`+ : this._factory.makeForVulnerabilitySource().normalize(data.source, options)`
`534`	`534`	`const references = data.references.size > 0`
`535`	`535`	`? this._factory.makeForVulnerabilityReference().normalizeIterable(data.references, options)`
`536`	`536`	`: undefined`
`@@ -555,18 +555,15 @@ export class VulnerabilityNormalizer extends BaseJsonNormalizer<Models.Vulnerabi`
`555`	`555`	`: Array.from(data)`
`556`	`556`	`).map(`
`557`	`557`	`c => this.normalize(c, options)`
`558`		`- ).filter(isNotUndefined)`
	`558`	`+ )`
`559`	`559`	`}`
`560`	`560`	`}`
`561`	`561`
`562`	`562`	`export class VulnerabilitySourceNormalizer extends BaseJsonNormalizer<Models.Vulnerability.Source> {`
`563`	`563`	`normalize (data: Models.Vulnerability.Source, options: NormalizerOptions): Normalized.VulnerabilitySource {`
`564`		`- const url = data.url !== undefined && typeof data.url !== 'string'`
`565`		`- ? data.url.toString()`
`566`		`- : data.url`
`567`	`564`	`return {`
`568`	`565`	`name: data.name,`
`569`		`- url`
	`566`	`+ url: data.url?.toString()`
`570`	`567`	`}`
`571`	`568`	`}`
`572`	`569`	`}`
`@@ -575,9 +572,9 @@ export class VulnerabilityReferenceNormalizer extends BaseJsonNormalizer<Models.`
`575`	`572`	`normalize (data: Models.Vulnerability.Reference, options: NormalizerOptions): Normalized.VulnerabilityReference {`
`576`	`573`	`return {`
`577`	`574`	`id: data.id,`
`578`		`- source: data.source !== undefined`
`579`		`- ? this._factory.makeForVulnerabilitySource().normalize(data.source, options)`
`580`		`- : undefined`
	`575`	`+ source: data.source === undefined`
	`576`	`+ ? undefined`
	`577`	`+ : this._factory.makeForVulnerabilitySource().normalize(data.source, options)`
`581`	`578`	`}`
`582`	`579`	`}`
`583`	`580`
`@@ -588,7 +585,7 @@ export class VulnerabilityReferenceNormalizer extends BaseJsonNormalizer<Models.`
`588`	`585`	`: Array.from(data)`
`589`	`586`	`).map(`
`590`	`587`	`c => this.normalize(c, options)`
`591`		`- ).filter(isNotUndefined)`
	`588`	`+ )`
`592`	`589`	`}`
`593`	`590`	`}`
`594`	`591`