英文:
JQ and adding keys with other key values and string interpolation
问题
以下是您要翻译的内容:
"I am using JQ with bash and looking to add a URL for a vulnerability output and I am building the string based on one of the JSON object keys. Been pretty stumped figuring out how to get this to work.
Sample of the data looks like this:
{
"count": 2,
"os": "Debian GNU 11",
"vulnerabilities": [
{
"CVEID": "CVE-2023-29491",
"Product": "ncurses-base",
"Severity": "HIGH",
"Version": "6.2+20201114-2+deb11u1",
"Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.\n"
},
{
"CVEID": "CVE-2022-29458",
"Product": "ncurses-base",
"Severity": "HIGH",
"Version": "6.2+20201114-2+deb11u1",
"Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.\n"
}
]
}
Basically what I am looking to do is have the data come out looking like this with a MITRE and NIST URL built based on the "CVEID" value:
{
"count": 2,
"os": "Debian GNU 11",
"vulnerabilities": [
{
"CVEID": "CVE-2023-29491",
"Product": "ncurses-base",
"Severity": "HIGH",
"Version": "6.2+20201114-2+deb11u1",
"Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.\n",
"MITRE_URL": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491",
"NIST_URL": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491"
},
{
"CVEID": "CVE-2022-29458",
"Product": "ncurses-base",
"Severity": "HIGH",
"Version": "6.2+20201114-2+deb11u1",
"Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.\n",
"MITRE_URL": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458",
"NIST_URL": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458"
}
]
}
Doing something like this does work, but it extracts the objects from .vulnerabilities[] so I cannot pipe them to TSV for my final output:
jq -r \
--arg MITRE_URL "https://cve.mitre.org/cgi-bin/cvename.cgi?name=" \
--arg NIST_URL "https://nvd.nist.gov/vuln/detail/" \
''.vulnerabilities[] | select(.CVEID) += {MITRE_URL: "\($MITRE_URL)\(.CVEID)", NIST_URL: "\($NIST_URL)\(.CVEID)"}'' <<<<<"$ASSESSMENT_RESULTS"
Output of above ^ :
{
"CVEID": "CVE-2023-29491",
"Product": "ncurses-base",
"Severity": "HIGH",
"Version": "6.2+20201114-2+deb11u1",
"Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.\n",
"MITRE_URL": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491",
"NIST_URL": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491"
}
{
"CVEID": "CVE-2022-29458",
"Product": "ncurses-base",
"Severity": "HIGH",
"Version": "6.2+20201114-2+deb11u1",
"Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.\n",
"MITRE_URL": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458",
"NIST_URL": "https://nvd
<details>
<summary>英文:</summary>
I am using JQ with bash and looking to add a URL for a vulnerability output and I am building the string based on one of the JSON object keys. Been pretty stumped figuring out how to get this to work.
Sample of the data looks like this:
{
"count": 2,
"os": "Debian GNU 11",
"vulnerabilities": [
{
"CVEID": "CVE-2023-29491",
"Product": "ncurses-base",
"Severity": "HIGH",
"Version": "6.2+20201114-2+deb11u1",
"Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.\n"
},
{
"CVEID": "CVE-2022-29458",
"Product": "ncurses-base",
"Severity": "HIGH",
"Version": "6.2+20201114-2+deb11u1",
"Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.\n"
}
]
}
Basically what I am looking to do is have the data come out looking like this with a MITRE and NIST URL built based on the "CVEID" value:
{
"count": 2,
"os": "Debian GNU 11",
"vulnerabilities": [
{
"CVEID": "CVE-2023-29491",
"Product": "ncurses-base",
"Severity": "HIGH",
"Version": "6.2+20201114-2+deb11u1",
"Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.\n"
"MITRE_URL": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491",
"NIST_URL": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491"
},
{
"CVEID": "CVE-2022-29458",
"Product": "ncurses-base",
"Severity": "HIGH",
"Version": "6.2+20201114-2+deb11u1",
"Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.\n"
"MITRE_URL": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458",
"NIST_URL": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458"
}
]
}
Doing something like this does work, but it extracts the objects from .vulnerabilities[] so I cannot pipe them to TSV for my final output:
jq -r
--arg MITRE_URL "https://cve.mitre.org/cgi-bin/cvename.cgi?name="
--arg NIST_URL "https://nvd.nist.gov/vuln/detail/"
'.vulnerabilities[] | select(.CVEID) += {MITRE_URL: "($MITRE_URL)(.CVEID)", NIST_URL: "($NIST_URL)(.CVEID)"}' <<<"$ASSESSMENT_RESULTS"
Output of above ^ :
{
"CVEID": "CVE-2023-29491",
"Product": "ncurses-base",
"Severity": "HIGH",
"Version": "6.2+20201114-2+deb11u1",
"Description": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.\n",
"MITRE_URL": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29491",
"NIST_URL": "https://nvd.nist.gov/vuln/detail/CVE-2023-29491"
}
{
"CVEID": "CVE-2022-29458",
"Product": "ncurses-base",
"Severity": "HIGH",
"Version": "6.2+20201114-2+deb11u1",
"Description": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.\n",
"MITRE_URL": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29458",
"NIST_URL": "https://nvd.nist.gov/vuln/detail/CVE-2022-29458"
}
Thank you!
</details>
# 答案1
**得分**: 1
`|=` 可以用来用新值替换元素,而不删除树中先前的部分。因此,请考虑:
```jq
.vulnerabilities |= map(
if .CVEID? != null then
. + {MITRE_URL: "\($MITRE_URL)\(.CVEID)",
NIST_URL: "\($NIST_URL)\(.CVEID)"}
else . end
)
英文:
|= can be used to replace an element with a new value without deleting prior parts of the tree. Thus, consider:
.vulnerabilities |= map(
if .CVEID? != null then
. + {MITRE_URL: "\($MITRE_URL)\(.CVEID)",
NIST_URL: "\($NIST_URL)\(.CVEID)"}
else . end
)
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论