models: add repo in PackageVersion
The current JSON schema doesn't include repo info under state
, then we cannot know which repo is affected.
Before:
"state": [
{
"@context": "https://localhost:5000/static/context.jsonld",
"fixed": false,
"id": "https://localhost:5000/vuln/CVE-2021-31879#state/5318",
"packageVersion": "https://localhost:5000/srcpkg/wget/1.20.3-r1",
"type": "VulnerabilityState",
"vuln": "https://localhost:5000/vuln/CVE-2021-31879"
},
{
"@context": "https://localhost:5000/static/context.jsonld",
"fixed": false,
"id": "https://localhost:5000/vuln/CVE-2021-31879#state/5350",
"packageVersion": "https://localhost:5000/srcpkg/wget/1.21.1-r1",
"type": "VulnerabilityState",
"vuln": "https://localhost:5000/vuln/CVE-2021-31879"
}
],
After:
"state": [
{
"@context": "https://localhost:5000/static/context.jsonld",
"fixed": false,
"id": "https://localhost:5000/vuln/CVE-2021-31879#state/5318",
"packageVersion": "https://localhost:5000/srcpkg/wget/1.20.3-r1",
"repo": "3.12-main",
"type": "VulnerabilityState",
"vuln": "https://localhost:5000/vuln/CVE-2021-31879"
},
{
"@context": "https://localhost:5000/static/context.jsonld",
"fixed": false,
"id": "https://localhost:5000/vuln/CVE-2021-31879#state/5350",
"packageVersion": "https://localhost:5000/srcpkg/wget/1.21.1-r1",
"repo": "3.13-main",
"type": "VulnerabilityState",
"vuln": "https://localhost:5000/vuln/CVE-2021-31879"
}
],