diff --git a/app/models/sources/github.rb b/app/models/sources/github.rb
index 0a46889..36ac0e4 100644
--- a/app/models/sources/github.rb
+++ b/app/models/sources/github.rb
@@ -31,6 +31,8 @@ def map_advisories(advisories)
references: advisory[:node][:advisory][:references].map { |r| r[:url] },
source_kind: 'github',
identifiers: advisory[:node][:advisory][:identifiers].map { |i|i[:value] },
+ epss_percentage: advisory[:node][:advisory][:epss][:percentage],
+ epss_percentile: advisory[:node][:advisory][:epss][:percentile],
# advisories need to be grouped by uuid and the following fields added together
ecosystem: correct_ecosystem(advisory[:node][:package][:ecosystem]),
@@ -104,6 +106,10 @@ def fetch_advisories_page(cursor = 'null')
vectorString
}
classification
+ epss{
+ percentage
+ percentile
+ }
}
firstPatchedVersion {
identifier
diff --git a/app/views/advisories/show.html.erb b/app/views/advisories/show.html.erb
index 3aa3737..d2c797b 100644
--- a/app/views/advisories/show.html.erb
+++ b/app/views/advisories/show.html.erb
@@ -27,6 +27,11 @@
CVSS vector: <%= @advisory.cvss_vector %>
<% end %>
+ <% if @advisory.epss_percentage %>
+ EPSS Percentage: <%= @advisory.epss_percentage %>
+ EPSS Percentile: <%= @advisory.epss_percentile %>
+ <% end %>
+
Identifiers: <%= @advisory.identifiers.join(', ') %>
References:
diff --git a/app/views/api/v1/advisories/_advisory.json.jbuilder b/app/views/api/v1/advisories/_advisory.json.jbuilder
index f9f584a..89f53f2 100644
--- a/app/views/api/v1/advisories/_advisory.json.jbuilder
+++ b/app/views/api/v1/advisories/_advisory.json.jbuilder
@@ -1 +1 @@
-json.extract! advisory, :uuid, :url, :title, :description, :origin, :severity, :published_at, :withdrawn_at, :classification, :cvss_score, :cvss_vector, :references, :source_kind, :identifiers, :repository_url, :blast_radius, :packages, :created_at, :updated_at
+json.extract! advisory, :uuid, :url, :title, :description, :origin, :severity, :published_at, :withdrawn_at, :classification, :cvss_score, :cvss_vector, :references, :source_kind, :identifiers, :repository_url, :blast_radius, :packages, :created_at, :updated_at, :epss_percentage, :epss_percentile
diff --git a/db/migrate/20241203120748_add_epss_to_advisories.rb b/db/migrate/20241203120748_add_epss_to_advisories.rb
new file mode 100644
index 0000000..78838ae
--- /dev/null
+++ b/db/migrate/20241203120748_add_epss_to_advisories.rb
@@ -0,0 +1,6 @@
+class AddEpssToAdvisories < ActiveRecord::Migration[8.0]
+ def change
+ add_column :advisories, :epss_percentage, :float
+ add_column :advisories, :epss_percentile, :float
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 438aff9..788851a 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,9 +10,9 @@
#
# It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema[7.1].define(version: 2024_04_14_232918) do
+ActiveRecord::Schema[8.0].define(version: 2024_12_03_120748) do
# These are extensions that must be enabled in order to support this database
- enable_extension "plpgsql"
+ enable_extension "pg_catalog.plpgsql"
create_table "advisories", force: :cascade do |t|
t.bigint "source_id", null: false
@@ -35,6 +35,8 @@
t.datetime "updated_at", null: false
t.string "repository_url"
t.float "blast_radius", default: 0.0
+ t.float "epss_percentage"
+ t.float "epss_percentile"
t.index ["source_id"], name: "index_advisories_on_source_id"
end
diff --git a/openapi/api/v1/openapi.yaml b/openapi/api/v1/openapi.yaml
index 042cd85..b58cbf9 100644
--- a/openapi/api/v1/openapi.yaml
+++ b/openapi/api/v1/openapi.yaml
@@ -178,6 +178,10 @@ components:
type: string
updated_at:
type: string
+ epss_percentage:
+ type: number
+ epss_percentile:
+ type: number
Package:
type: object
properties: