MCPcopy Index your code
hub / github.com/npmx-dev/npmx.dev / parseRangeIntervals

Function parseRangeIntervals

server/utils/dependency-analysis.ts:158–181  ·  view source on GitHub ↗

* Parse OSV range events into introduced/fixed pairs. * OSV events form a timeline: [introduced, fixed, introduced, fixed, ...] * A single range can have multiple introduced/fixed pairs representing * periods where the vulnerability was active, was fixed, and was reintroduced. * @see https://oss

(range: OsvRange)

Source from the content-addressed store, hash-verified

156 * @see https://ossf.github.io/osv-schema/#affectedrangesevents-fields
157 */
158function parseRangeIntervals(range: OsvRange): Array<{ introduced: string; fixed?: string }> {
159 const intervals: Array<{ introduced: string; fixed?: string }> = []
160 let currentIntroduced: string | undefined
161
162 for (const event of range.events) {
163 if (event.introduced !== undefined) {
164 // Start a new interval (close previous open one if any)
165 if (currentIntroduced !== undefined) {
166 intervals.push({ introduced: currentIntroduced })
167 }
168 currentIntroduced = event.introduced
169 } else if (event.fixed !== undefined && currentIntroduced !== undefined) {
170 intervals.push({ introduced: currentIntroduced, fixed: event.fixed })
171 currentIntroduced = undefined
172 }
173 }
174
175 // Handle trailing introduced with no fixed (still vulnerable)
176 if (currentIntroduced !== undefined) {
177 intervals.push({ introduced: currentIntroduced })
178 }
179
180 return intervals
181}
182
183/**
184 * Extract the fixed version for a specific package version from vulnerability data.

Callers 1

getFixedVersionFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected