Build CVE Autocomplete#1510
Draft
hawkishpolicy wants to merge 11 commits into
Draft
Conversation
- define CVE_INDEX - define cve_mapping - define sync_cve_index function - define update_cves function - define search_cves function
- modified cve_mapping in es_client.py to include organization. - modified cve.py to only return CVEs to Standard Users that match the organization of the user making the request. - modified CveSearchBody model to remove regions field since it is not used in the CVE search. - modified syncmdl.py to include a call to sync_es_cves() after syncing organizations in ES. This ensures that CVEs are synced after organizations, which is important for maintaining the correct relationships between CVEs and organizations in the ES index. - this may not be strictly necessary since sync_es_domains() already syncs CVEs, but it is included for completeness and to ensure that CVEs are always synced after organizations. - code comments have been added to indicate that this step may not be strictly necessary, but it is included for completeness. - added sync_es_cves() function to es_sync.py to sync CVEs from the database to the ES index. This function retrieves all CVEs from the database and indexes them in ES, ensuring that the ES index is up-to-date with the latest CVE data. - removed unnecessary fields from the CVE list dictionary in es_sync.py to only include the fields that are needed for the CVE ES index. This reduces the amount of data that is indexed in ES and improves performance when searching for CVEs. - added sync_es_cves to searchSync.py to ensure that CVEs are synced when the search index is updated. This ensures that the CVE data in ES is always up-to-date and consistent with the database.
hawkishpolicy
requested review from
aloftus23,
cduhn17,
nickviola,
rapidray12 and
schmelz21
as code owners
- Backend: - Updated the Elasticsearch mapping for CVEs to use "keyword" type for the "name" field instead of "text". This change allows for exact matching and better performance in autocomplete scenarios. - Added escape_wildcard_query to the CVE search query to handle special characters, but leave dashes, in the search term. - It also uppercases the search term to ensure case-insensitive matching, as CVE names are typically uppercase. - Frontend: - Updated the CVEFilter component to handle the new autocomplete functionality. - Changed the mapping of CVE names in the filter to use a number as the key instead of a string, which is more appropriate for list rendering in React. - Removed commented-out code related to domain and IP search, as it is not relevant to the CVE autocomplete feature. - Adjusted the useEffect hook to ensure that the searchCVEs function is called whenever the search term or filters change, ensuring that the displayed results are always up-to-date. - Added endpoint constants for the CVE search API to maintain consistency and avoid hardcoding URLs in the component. - Rendered CVEFilter component inside the DrawerInterior component, which is responsible for displaying the filter options in the UI. - Added a List component to display the filtered CVE results, allowing users to easily see and deselect CVEs chosen from the autocomplete suggestions.
- adding sync_es_cves to syncmdl command may be causing issues with github actions, so commenting it out for now. It may not be needed since sync_es_domains() already syncs CVEs, but keeping it for completeness.
- Moved call to sync_es_cves inside the populate block to ensure CVEs are synced inside the populate block to avoid erroring out when no Vulnerability Materialized Views exist yet.
- Moved call to sync_es_cves inside the populate block to ensure CVEs are synced inside the populate block to avoid erroring out when no Vulnerability Materialized Views exist yet.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🗣 Description
💭 Motivation and context
🧪 Testing
✅ Pre-approval checklist
bump_versionscript if this repository is versioned and the changes in this PR warrant a version bump.✅ Pre-merge checklist
✅ Post-merge checklist