mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 21:47:20 +00:00
ba5f02f9ca
<!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> **Related issue:** Resolves #34500 and Resolves #33758 Video demo: https://www.youtube.com/watch?v=4HZlKG0G1B0 - Added a new aggregation table `operating_system_version_vulnerabilities` for faster queries. The table is currently used only for Linux vulnerabilities, but could be used for other OS vulnerabilities. - Added `max_vulnerabilities` parameter per [API doc](https://github.com/fleetdm/fleet/pull/33533) - Also added `max_vulnerabilities` parameter to `os_versions/{id}` endpoint, but not making it public since that endpoint is still slow and needs other API changes. bug #34974 - Removed `"kernels": []` from `os_versions` endpoint result # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) ## Testing - [x] Added/updated automated tests - [x] Where appropriate, [automated tests simulate multiple hosts and test for host isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing) (updates to one hosts's records do not affect another) - [x] QA'd all new/changed functionality manually ## Database migrations - [x] Checked schema for all modified table for columns that will auto-update timestamps during migration. - [x] Confirmed that updating the timestamps is acceptable, and will not cause unwanted side effects. - [x] Ensured the correct collation is explicitly set for character columns (`COLLATE utf8mb4_unicode_ci`). <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added ability to limit the number of vulnerabilities displayed for operating system versions via an optional parameter. * Introduced vulnerability count tracking for operating system versions, now visible in API responses and UI displays. * Enhanced operating system vulnerability visualization with improved count-based rendering. * **Tests** * Added comprehensive test coverage for vulnerability limiting behavior across multiple operating system versions and architectures. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
44 lines
1.3 KiB
TypeScript
44 lines
1.3 KiB
TypeScript
import { ISoftwareVulnerability } from "./software";
|
|
|
|
export interface IOperatingSystemKernels {
|
|
id: number; // the software version ID of the kernel
|
|
version: string;
|
|
vulnerabilities: string[] | null;
|
|
hosts_count: number;
|
|
}
|
|
export interface IOperatingSystemVersion {
|
|
os_version_id: number;
|
|
/** name often includes "<name> <version>" */
|
|
name: string;
|
|
name_only: string;
|
|
version: string;
|
|
platform: string; // TODO: More specific
|
|
hosts_count: number;
|
|
generated_cpes?: string[];
|
|
vulnerabilities: ISoftwareVulnerability[];
|
|
vulnerabilities_count?: number;
|
|
kernels: IOperatingSystemKernels[] | [];
|
|
}
|
|
|
|
export type IVulnerabilityOSVersion = Omit<
|
|
IOperatingSystemVersion,
|
|
"vulnerabilities"
|
|
> & { resolved_in_version: string };
|
|
|
|
export const OS_VENDOR_BY_PLATFORM: Record<string, string> = {
|
|
darwin: "Apple",
|
|
windows: "Microsoft",
|
|
} as const;
|
|
|
|
export const OS_END_OF_LIFE_LINK_BY_PLATFORM: Record<string, string> = {
|
|
darwin: "https://endoflife.date/macos",
|
|
windows: "https://endoflife.date/windows",
|
|
} as const;
|
|
|
|
export const formatOperatingSystemDisplayName = (name: string) => {
|
|
let displayName = name;
|
|
if (displayName.startsWith("Microsoft Windows")) {
|
|
displayName = displayName.replace("Microsoft Windows", "Windows");
|
|
}
|
|
return displayName;
|
|
};
|