| 19 | ) |
| 20 | |
| 21 | func ListGlobalSecurityAdvisories(t translations.TranslationHelperFunc) inventory.ServerTool { |
| 22 | return NewTool( |
| 23 | ToolsetMetadataSecurityAdvisories, |
| 24 | mcp.Tool{ |
| 25 | Name: "list_global_security_advisories", |
| 26 | Description: t("TOOL_LIST_GLOBAL_SECURITY_ADVISORIES_DESCRIPTION", "List global security advisories from GitHub."), |
| 27 | Annotations: &mcp.ToolAnnotations{ |
| 28 | Title: t("TOOL_LIST_GLOBAL_SECURITY_ADVISORIES_USER_TITLE", "List global security advisories"), |
| 29 | ReadOnlyHint: true, |
| 30 | }, |
| 31 | InputSchema: &jsonschema.Schema{ |
| 32 | Type: "object", |
| 33 | Properties: map[string]*jsonschema.Schema{ |
| 34 | "ghsaId": { |
| 35 | Type: "string", |
| 36 | Description: "Filter by GitHub Security Advisory ID (format: GHSA-xxxx-xxxx-xxxx).", |
| 37 | }, |
| 38 | "type": { |
| 39 | Type: "string", |
| 40 | Description: "Advisory type.", |
| 41 | Enum: []any{"reviewed", "malware", "unreviewed"}, |
| 42 | Default: json.RawMessage(`"reviewed"`), |
| 43 | }, |
| 44 | "cveId": { |
| 45 | Type: "string", |
| 46 | Description: "Filter by CVE ID.", |
| 47 | }, |
| 48 | "ecosystem": { |
| 49 | Type: "string", |
| 50 | Description: "Filter by package ecosystem.", |
| 51 | Enum: []any{"actions", "composer", "erlang", "go", "maven", "npm", "nuget", "other", "pip", "pub", "rubygems", "rust"}, |
| 52 | }, |
| 53 | "severity": { |
| 54 | Type: "string", |
| 55 | Description: "Filter by severity.", |
| 56 | Enum: []any{"unknown", "low", "medium", "high", "critical"}, |
| 57 | }, |
| 58 | "cwes": { |
| 59 | Type: "array", |
| 60 | Description: "Filter by Common Weakness Enumeration IDs (e.g. [\"79\", \"284\", \"22\"]).", |
| 61 | Items: &jsonschema.Schema{ |
| 62 | Type: "string", |
| 63 | }, |
| 64 | }, |
| 65 | "isWithdrawn": { |
| 66 | Type: "boolean", |
| 67 | Description: "Whether to only return withdrawn advisories.", |
| 68 | }, |
| 69 | "affects": { |
| 70 | Type: "string", |
| 71 | Description: "Filter advisories by affected package or version (e.g. \"package1,package2@1.0.0\").", |
| 72 | }, |
| 73 | "published": { |
| 74 | Type: "string", |
| 75 | Description: "Filter by publish date or date range (ISO 8601 date or range).", |
| 76 | }, |
| 77 | "updated": { |
| 78 | Type: "string", |