Bug fix

Prabhu Subramanian · Prabhu Subramanian · commit d2d4c6b1df21 · 2021-03-04T21:18:25.000Z
diff --git a/setup.py b/setup.py
@@ -5,7 +5,7 @@
 
 setuptools.setup(
     name="appthreat-vulnerability-db",
-    version="1.6.6",
+    version="1.6.7",
     author="Team AppThreat",
     author_email="cloud@appthreat.com",
     description="AppThreat's vulnerability database and package search library with a built-in file based storage. CVE, GitHub, npm are the primary sources of vulnerabilities.",
diff --git a/test/test_utils.py b/test/test_utils.py
@@ -105,6 +105,8 @@ def test_version_compare():
     assert res
     res = utils.version_compare("2.0.27.Final", "*", "*", None, "2.0.29")
     assert res
+    res = utils.version_compare("2.0.27.RELEASE", "*", "2.0.27", None, None)
+    assert res
 
 
 def test_version_compare_go():
diff --git a/vdb/lib/nvd.py b/vdb/lib/nvd.py
@@ -120,6 +120,8 @@ def bulk_search():
     @staticmethod
     def convert_vuln(vuln):
         id = vuln["cve"]["CVE_data_meta"]["ID"]
+        if id == "CVE-2020-5408":
+            print(vuln)
         problem_type = ""
 
         if (
diff --git a/vdb/lib/utils.py b/vdb/lib/utils.py
@@ -284,8 +284,8 @@ def convert_to_semver(version):
         pre_str = ver.get("prerelease", "").lower()
         for s in KNOWN_PRERELEASE_STR:
             if s in pre_str:
-                ver["prerelease"] = None
-                ver["build"] = None
+                ver["prerelease"] = 0
+                ver["build"] = 0
                 break
 
     ver = VersionInfo(**ver)
@@ -304,7 +304,7 @@ def convert_to_semver(version):
             minor=0,
             patch=0,
             prerelease=int(f"{version.replace('-', '')[:8]}000000"),
-            build=None,
+            build=0,
         )
     if not number_part:
         rest = None
@@ -363,14 +363,7 @@ def version_compare(
             "0.0.0" if min_version == "*" else min_version
         )
         max_semver, maxrest = convert_to_semver(max_version)
-        if (
-            compare_semver
-            and min_semver
-            and max_semver
-            and not comprest
-            and not minrest
-            and not maxrest
-        ):
+        if compare_semver and min_semver and max_semver and not minrest and not maxrest:
             min_value = compare_semver.compare(min_semver)
             max_value = compare_semver.compare(max_semver)
             # If we are confident about the versions post upgrade then return True
