🤖 Merge PR #63531 Add cvss types by @himynameisdave

* ✅ Add types for cvss package * Update types/cvss/tsconfig.json Co-authored-by: Piotr Błażejewicz (Peter Blazejewicz) <peterblazejewicz@users.noreply.github.com> * Update types/cvss/tsconfig.json Co-authored-by: Piotr Błażejewicz (Peter Blazejewicz) <peterblazejewicz@users.noreply.github.com> Co-authored-by: Piotr Błażejewicz (Peter Blazejewicz) <peterblazejewicz@users.noreply.github.com>
2026-05-18 01:49:01 +00:00 · 2022-12-08 12:03:15 -08:00
parent b159ecdcfa
commit a4693031ed
4 changed files with 155 additions and 0 deletions
--- a/types/cvss/cvss-tests.ts
+++ b/types/cvss/cvss-tests.ts
@@ -0,0 +1,44 @@
+import cvss = require('cvss');
+
+const CVSS_EXAMPLE = 'CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L';
+
+const OPTIONS_EXAMPLE: cvss.CVSSOptions = {
+    throw: false,
+    baseOnly: false,
+    temporal: false,
+    env: false,
+};
+
+let result: number;
+result = cvss.getScore(CVSS_EXAMPLE);
+result = cvss.getScore(CVSS_EXAMPLE, OPTIONS_EXAMPLE);
+result = cvss.getBaseScore(CVSS_EXAMPLE, {
+    ...OPTIONS_EXAMPLE,
+    // baseOnly: false, // <- throws up a type error
+});
+result = cvss.getTemporalScore(CVSS_EXAMPLE, {
+    ...OPTIONS_EXAMPLE,
+    // temporal: false, // <- throws up a type error
+});
+result = cvss.getTemporalScore(CVSS_EXAMPLE, {
+    ...OPTIONS_EXAMPLE,
+    // temporal: false, // <- throws up a type error
+});
+result = cvss.getEnvironmentalScore(CVSS_EXAMPLE, {
+    ...OPTIONS_EXAMPLE,
+    // env: false, // <- throws up a type error
+});
+
+let rating: cvss.CVSSRating;
+rating = cvss.getRating(5.5);
+
+let base: cvss.CVSSBase;
+base = cvss.getBase(CVSS_EXAMPLE);
+base = cvss.getBase(CVSS_EXAMPLE, OPTIONS_EXAMPLE);
+base = cvss.getTemporal(CVSS_EXAMPLE, OPTIONS_EXAMPLE);
+base = cvss.getEnvironmental(CVSS_EXAMPLE, OPTIONS_EXAMPLE);
+
+const all = cvss.getAll(CVSS_EXAMPLE);
+all.base;
+all.temporal;
+all.environmental;
--- a/types/cvss/index.d.ts
+++ b/types/cvss/index.d.ts
@@ -0,0 +1,86 @@
+// Type definitions for cvss 1.0
+// Project: https://github.com/aaronmccall/cvss
+// Definitions by: Dave Lunny <https://github.com/himynameisdave>
+// Definitions: https://github.com/DefinitelyTyped/DefinitelyTyped
+
+export interface CVSSOptions {
+    //  If validation returns an error, throw the error
+    throw?: boolean;
+    //  Only consider base metrics when calculating score
+    baseOnly?: boolean;
+    //  Include temporal metrics when calculating score
+    temporal?: boolean;
+    //  Include temporal AND environmental metrics when calculating score (both are included per CVSS3 spec)
+    env?: boolean;
+}
+
+export type CVSSRating = 'None' | 'Low' | 'Medium' | 'High' | 'Critical';
+
+export interface CVSSBase {
+    score: number;
+    rating: CVSSRating;
+}
+
+/**
+ * This is the main scoring method.
+ * It may be called with either a valid CVSS3 vector string ('CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L'),
+ * or an object containing the key/value pairs ({ AV: 'P', AC: 'H', PR: 'N', UI:'R', S: 'C', C: 'L', I: 'H', A: 'L' })
+ * corresponding to one as its input parameter.
+ */
+export function getScore(input: string, options?: CVSSOptions): number;
+
+//  Accepts the same arguments as getScore above, but enforces the baseOnly option.
+export function getBaseScore(input: string, options?: Omit<CVSSOptions, 'baseOnly'>): number;
+
+//  Accepts the same arguments as getScore above, but enforces the temporal option.
+export function getTemporalScore(input: string, options?: Omit<CVSSOptions, 'temporal'>): number;
+
+//  Accepts the same arguments as getScore above, but enforces the temporal option.
+export function getEnvironmentalScore(input: string, options?: Omit<CVSSOptions, 'env'>): number;
+
+/**
+ * Given a numeric score, returns the appropriate CVSS3 severity rating for that number:
+ *  - None for scores < 0.1,
+ *  - Low for scores >= 0.1 and < 4,
+ *  - Medium for scores >=4 and < 7, High for scores >= 7 and < 9, Critical for scores >= 9.
+ */
+export function getRating(score: number): CVSSRating;
+
+/**
+ * Returns an object with the base score and its rating.
+ * Equivalent to:
+ * {
+ *   score: getBaseScore(input),
+ *   rating: getRating(getBaseScore(input))
+ * }
+ */
+export function getBase(input: string, options?: Omit<CVSSOptions, 'baseOnly'>): CVSSBase;
+
+/**
+ * Returns an object with the environmental score and its rating.
+ * Equivalent to:
+ * {
+ *   score: getEnvironmentalScore(input),
+ *   rating: getRating(getBaseScore(input))
+ * }
+ */
+export function getTemporal(input: string, options?: Omit<CVSSOptions, 'temporal'>): CVSSBase;
+
+/**
+ * Returns an object with the environmental score and its rating.
+ * Equivalent to:
+ * {
+ *   score: getEnvironmentalScore(input),
+ *   rating: getRating(getBaseScore(input))
+ * }
+ */
+export function getEnvironmental(input: string, options?: Omit<CVSSOptions, 'env'>): CVSSBase;
+
+/**
+ * Returns object with the score and rating for all three scores:
+ */
+export function getAll(input: string): {
+    base: number;
+    temporal: number;
+    environmental: number;
+};
--- a/types/cvss/tsconfig.json
+++ b/types/cvss/tsconfig.json
@@ -0,0 +1,24 @@
+{
+  "compilerOptions": {
+      "module": "commonjs",
+      "lib": [
+          "es6"
+      ],
+      "allowSyntheticDefaultImports": true,
+      "noImplicitAny": true,
+      "noImplicitThis": true,
+      "strictFunctionTypes": true,
+      "strictNullChecks": true,
+      "baseUrl": "../",
+      "typeRoots": [
+          "../"
+      ],
+      "types": [],
+      "noEmit": true,
+      "forceConsistentCasingInFileNames": true
+  },
+  "files": [
+      "index.d.ts",
+      "cvss-tests.ts"
+  ]
+}
--- a/types/cvss/tslint.json
+++ b/types/cvss/tslint.json
@@ -0,0 +1 @@
+{ "extends": "@definitelytyped/dtslint/dt.json" }
				`@@ -0,0 +1 @@`
				`{ "extends": "@definitelytyped/dtslint/dt.json" }`