From 892375745964db627494305fd605496454b5ad0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean-Pierre=20Bried=C3=A9?= Date: Wed, 13 Oct 2021 12:03:15 -0700 Subject: [PATCH] Sort package vulnerability advisories by severity in descending order (#4175) --- .../Models/DetailControlModel.cs | 17 +++-------------- .../ViewModels/PackageItemViewModel.cs | 2 +- .../PackageSearchMetadataContextInfo.cs | 4 +++- .../Models/V3DetailControlModelTests.cs | 11 +++++++++++ 4 files changed, 18 insertions(+), 16 deletions(-) diff --git a/src/NuGet.Clients/NuGet.PackageManagement.UI/Models/DetailControlModel.cs b/src/NuGet.Clients/NuGet.PackageManagement.UI/Models/DetailControlModel.cs index 9957dcd1d8b..74e2e5e6b72 100644 --- a/src/NuGet.Clients/NuGet.PackageManagement.UI/Models/DetailControlModel.cs +++ b/src/NuGet.Clients/NuGet.PackageManagement.UI/Models/DetailControlModel.cs @@ -415,27 +415,17 @@ public IReadOnlyCollection PackageVulne private set { _packageVulnerabilities = value; - PackageVulnerabilityMaxSeverity = value?.Max(v => v.Severity) ?? -1; OnPropertyChanged(nameof(PackageVulnerabilities)); + OnPropertyChanged(nameof(PackageVulnerabilityMaxSeverity)); OnPropertyChanged(nameof(IsPackageVulnerable)); OnPropertyChanged(nameof(PackageVulnerabilityCount)); } } - private int _packageVulnerabilityMaxSeverity = -1; public int PackageVulnerabilityMaxSeverity { - get => _packageVulnerabilityMaxSeverity; - private set - { - if (_packageVulnerabilityMaxSeverity != value) - { - _packageVulnerabilityMaxSeverity = value; - - OnPropertyChanged(nameof(PackageVulnerabilityMaxSeverity)); - } - } + get => PackageVulnerabilities?.FirstOrDefault()?.Severity ?? -1; } public bool IsPackageVulnerable @@ -509,8 +499,7 @@ public DetailedPackageMetadata PackageMetadata PackageDeprecationReasons = newDeprecationReasons; PackageDeprecationAlternatePackageText = newAlternatePackageText; - IEnumerable vulnerabilities = _packageMetadata?.Vulnerabilities; - PackageVulnerabilities = vulnerabilities?.ToList(); + PackageVulnerabilities = _packageMetadata?.Vulnerabilities?.ToList(); OnPropertyChanged(nameof(PackageMetadata)); OnPropertyChanged(nameof(IsPackageDeprecated)); diff --git a/src/NuGet.Clients/NuGet.PackageManagement.UI/ViewModels/PackageItemViewModel.cs b/src/NuGet.Clients/NuGet.PackageManagement.UI/ViewModels/PackageItemViewModel.cs index 67e89f52ec8..1d88d951e9a 100644 --- a/src/NuGet.Clients/NuGet.PackageManagement.UI/ViewModels/PackageItemViewModel.cs +++ b/src/NuGet.Clients/NuGet.PackageManagement.UI/ViewModels/PackageItemViewModel.cs @@ -668,7 +668,7 @@ private async Task ReloadPackageMetadataAsync() DeprecationMetadata = deprecationMetadata; IsPackageDeprecated = deprecationMetadata != null; - VulnerabilityMaxSeverity = packageMetadata?.Vulnerabilities?.Max(v => v.Severity) ?? -1; + VulnerabilityMaxSeverity = packageMetadata?.Vulnerabilities?.FirstOrDefault()?.Severity ?? -1; } catch (OperationCanceledException) when (cancellationToken.IsCancellationRequested) { diff --git a/src/NuGet.Clients/NuGet.VisualStudio.Internal.Contracts/ContextInfos/PackageSearchMetadataContextInfo.cs b/src/NuGet.Clients/NuGet.VisualStudio.Internal.Contracts/ContextInfos/PackageSearchMetadataContextInfo.cs index 1770f5aa035..5110e2386a9 100644 --- a/src/NuGet.Clients/NuGet.VisualStudio.Internal.Contracts/ContextInfos/PackageSearchMetadataContextInfo.cs +++ b/src/NuGet.Clients/NuGet.VisualStudio.Internal.Contracts/ContextInfos/PackageSearchMetadataContextInfo.cs @@ -73,7 +73,9 @@ public static PackageSearchMetadataContextInfo Create(IPackageSearchMetadata pac IsListed = packageSearchMetadata.IsListed, DependencySets = packageSearchMetadata.DependencySets?.ToList(), DownloadCount = packageSearchMetadata.DownloadCount, - Vulnerabilities = packageSearchMetadata.Vulnerabilities?.Select(vulnerability => new PackageVulnerabilityMetadataContextInfo(vulnerability.AdvisoryUrl, vulnerability.Severity)).ToArray(), + Vulnerabilities = packageSearchMetadata.Vulnerabilities? + .Select(vulnerability => new PackageVulnerabilityMetadataContextInfo(vulnerability.AdvisoryUrl, vulnerability.Severity)) + .OrderByDescending(v => v.Severity).ToArray(), }; } } diff --git a/test/NuGet.Clients.Tests/NuGet.PackageManagement.UI.Test/Models/V3DetailControlModelTests.cs b/test/NuGet.Clients.Tests/NuGet.PackageManagement.UI.Test/Models/V3DetailControlModelTests.cs index ddec71effe0..be5d18e3561 100644 --- a/test/NuGet.Clients.Tests/NuGet.PackageManagement.UI.Test/Models/V3DetailControlModelTests.cs +++ b/test/NuGet.Clients.Tests/NuGet.PackageManagement.UI.Test/Models/V3DetailControlModelTests.cs @@ -131,6 +131,17 @@ public void VulnerabilityCountWhenMetadataHasVulnerability_Calculated() Assert.Equal(_testInstance.PackageVulnerabilityCount, _testData.TestData.Vulnerabilities.Count()); } + [Fact] + public void PackageVulnerabilities_WhenMetadataHasVulnerability_IsOrderedBySeverityDescending() + { + IEnumerable sortedTestVulnerabilities = + _testData.TestData.Vulnerabilities + .OrderByDescending(v => v.Severity) + .Select(v => new PackageVulnerabilityMetadataContextInfo(v.AdvisoryUrl, v.Severity)); + + Assert.Equal(sortedTestVulnerabilities, _testInstance.PackageVulnerabilities); + } + [Fact] public async Task SetCurrentPackageAsync_SortsVersions_ByNuGetVersionDesc() {