|
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Text.Json.Serialization;
using Newtonsoft.Json;
namespace NuGet.Protocol
{
public class PackageVulnerabilityMetadata
{
/// <summary>
/// NULL_INC: The advisory URL for this vulnerability.
/// Guaranteed non-null by the protocol: https://learn.microsoft.com/en-us/nuget/api/registration-base-url-resource#vulnerabilities
/// </summary>
[JsonProperty(PropertyName = JsonProperties.AdvisoryUrl, ItemConverterType = typeof(SafeUriConverter))]
[JsonPropertyName(JsonProperties.AdvisoryUrl)]
[JsonInclude]
public Uri AdvisoryUrl { get; internal set; } = null!;
[JsonProperty(PropertyName = JsonProperties.Severity)]
[JsonPropertyName(JsonProperties.Severity)]
[JsonNumberHandling(JsonNumberHandling.AllowReadingFromString)]
[JsonInclude]
public int Severity { get; internal set; }
public PackageVulnerabilityMetadata(Uri advisoryUrl, int severity)
{
AdvisoryUrl = advisoryUrl ?? throw new ArgumentNullException(nameof(advisoryUrl));
Severity = severity;
}
// Parameterless constructor for JSON deserialization.
public PackageVulnerabilityMetadata()
{
}
}
}
|