Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
The web versions of advisories provide a label and calculated risk score, where the API only provides type and criticality.
E.g. for: https://www.drupal.org/sa-contrib-2018-002
In HTML:
"Security risk: Moderately critical 14∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Default"
In API JSON:
"field_sa_criticality": "AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Default",
⋮
"field_sa_type": "Access Bypass",
Suggested additions:
"field_sa_criticality": "AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Default",
⋮
"field_sa_risk_label": "Moderately critical",
"field_sa_risk_score": "14/25",
⋮
"field_sa_type": "Access Bypass",
(The field_sa_risk_label
field is more of a "nice to have", to avoid needing a look-up table for risk score descriptions.)
Comments
Comment #2
DrCuriosity CreditAttribution: DrCuriosity at Catalyst IT commentedActually, now that I think about it, maybe just
risk_score
andrisk_label
, since they would likely be derived attributes rather than explicit fields in the sa node type.Comment #3
jhodgdonLike the related issue, I'm not sure which project these come from, but it isn't this one. This project only contains a little code for customizations on the api.drupal.org web site. I think what you're posting about probably belongs in the Project project, so moving there. Good luck...
Comment #4
drummThis would need to be altered into the RestWS API, or Entity API which RestWS uses heavily.
Comment #5
DrCuriosity CreditAttribution: DrCuriosity at Catalyst IT commentedIf these things are available in the HTML view but not in the API, is there some other API-exposed entity/source that the information is coming from? If so, it might be a case of documenting how to get from one to the other.
Comment #20
drummThis has been deployed to Drupal.org. I added a note about where to find the new property to https://www.drupal.org/drupalorg/docs/api
Comment #21
DrCuriosity CreditAttribution: DrCuriosity at Catalyst IT commentedExcellent, thank you kindly for the work.