bugfix: Vulnerability summary key error

zkarpinski · zkarpinski · commit 359e968aaa4c · 2024-01-16T14:46:59.000-05:00
diff --git a/codeinsight_sdk/experimental.py b/codeinsight_sdk/experimental.py
@@ -32,11 +32,21 @@ def get_project_vulnerabilities(
         item: ProjectInventoryItem
         vuln_items: list(ProjectInventoryItem) = []
         for item in inventory:
-            if item.vulnerabilitySummary is None:
+            if item.vulnerabilitySummary is None or len(item.vulnerabilitySummary) == 0:
                 continue
 
             # If the item has a vulnerability, get the vulnerability details for this item and append it
-            if sum(item.vulnerabilitySummary[0]["CvssV3"].values()) > 0:
+            item_vul_summary = item.vulnerabilitySummary[0]
+            k = ""
+            if "CvssV2" in item_vul_summary.keys():
+                k = "CvssV2"
+            elif "CvssV3" in item_vul_summary.keys():
+                k = "CvssV3"
+            else:
+                # If the item has no vulnerabilities, skip it
+                continue
+
+            if sum(item_vul_summary[k].values()) > 0:
                 vul_detail = self.client.inventories.get_inventory_vulnerabilities(
                     item.id
                 )
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "codeinsight_sdk"
-version = "0.0.9"
+version = "0.0.10"
 description = "A Python client for the Revenera Code Insight"
 authors = ["Zachary Karpinski <1206496+zkarpinski@users.noreply.github.com>"]
 readme = "README.md"
diff --git a/tests/test_experimental.py b/tests/test_experimental.py
@@ -40,7 +40,8 @@ def test_get_project_vulnerabilities(self, client):
                 "createdOn":"Today",
                 "updatedOn":"Tomorrow",
                 "componentName":"snakeyaml",
-                "componentVersionName":"2.0"
+                "componentVersionName":"2.0",
+                "vulnerabilitySummary": []
             },
             {
                 "itemNumber": 2,
