tanaysethi
diff --git a/‎examples/print_vulnerability_affected_projects.py‎
Lines changed: 29 additions & 3 deletions b/‎examples/print_vulnerability_affected_projects.py‎
Lines changed: 29 additions & 3 deletions
@@ -2,8 +2,13 @@
 Created on Nov 11, 2018
 
 @author: gsnyder
+
+Given a CVE (or BDSA) identifier, find all affected project-versions and print out
+their names, version(s), development phase, distribution, and last BOM update date
 '''
 import argparse
+from beautifultable import BeautifulTable
+
 from blackduck.HubRestApi import HubInstance
 from pprint import pprint
 
@@ -13,6 +18,27 @@
 parser.add_argument("vulnerability", help="A CVE or BDSA number, e.g. CVE-2016-4009")
 args = parser.parse_args()
 
-affected_projects = hub.get_vulnerability_affected_projects(args.vulnerability)
-for project in affected_projects['items']:
-pprint(project)
+affected_projects = hub.get_vulnerability_affected_projects(args.vulnerability.upper())
+
+if 'totalCount' in affected_projects and affected_projects['totalCount'] > 0:
+table = BeautifulTable()
+table.column_headers = ["project-name", "version", "phase", "distribution", "last-bom-update"]
+for affected_project in affected_projects['items']:
+project_id = affected_project['project']['id']
+version_id = affected_project['release']['id']
+
+project_name = affected_project['project']['name']
+version = affected_project['release']['version']
+
+# Development phase does not appear to be in the payload returned by the affected projects
+# endpoint so we need to fetch it from the project-version endpoint
+project_version_info = hub.get_version_by_id(project_id, version_id)
+
+phase = project_version_info['phase']
+distribution = project_version_info['distribution']
+last_bom_update = project_version_info['lastBomUpdateDate']
+
+table.append_row([project_name, version, phase, distribution, last_bom_update])
+print(table)
+else:
+print("No affected projects found for this vulnerability {}".format(args.vulnerability.upper()))