From f0b1077c8a70b45e8c9a56cef6981e5b29c0067f Mon Sep 17 00:00:00 2001
From: Terri Oda <terri@toybox.ca>
Date: Fri, 6 Sep 2024 16:33:20 -0700
Subject: [PATCH 1/2] fix: triage experiment

We're getting a "comment" field from lib4vex and then trying to parse a "comments"
one.  this is an experiment to see if anything breaks if I "fix" it.

Signed-off-by: Terri Oda <terri.oda@intel.com>
---
 cve_bin_tool/vex_manager/parse.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cve_bin_tool/vex_manager/parse.py b/cve_bin_tool/vex_manager/parse.py
index 37eea3eb60..e339114097 100644
--- a/cve_bin_tool/vex_manager/parse.py
+++ b/cve_bin_tool/vex_manager/parse.py
@@ -113,7 +113,7 @@ def __process_vulnerabilities(self, vulnerabilities) -> None:
             remarks = self.analysis_state[self.vextype][vuln.get("status")]
             justification = vuln.get("justification")
             response = vuln.get("remediation")
-            comments = vuln.get("comments")
+            comments = vuln.get("comment")
             severity = vuln.get("severity")  # Severity is not available in Lib4VEX
             # Decode the bom reference for cyclonedx and purl for csaf and openvex
             product_info = None

From 04a0d751b1e600977edc9a102079667b84847358 Mon Sep 17 00:00:00 2001
From: Terri Oda <terri@toybox.ca>
Date: Mon, 9 Sep 2024 11:04:51 -0700
Subject: [PATCH 2/2] test: fix tests to include comments

Signed-off-by: Terri Oda <terri@toybox.ca>
---
 test/test_vex.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/test/test_vex.py b/test/test_vex.py
index 27fbbc68b9..a3d7861c37 100644
--- a/test/test_vex.py
+++ b/test/test_vex.py
@@ -173,7 +173,7 @@ class TestVexParse:
             },
             "CVE-1234-1005": {
                 "remarks": Remarks.NotAffected,
-                "comments": "",
+                "comments": "Detail field populated.",
                 "response": [],
             },
             "paths": {},
@@ -187,7 +187,7 @@ class TestVexParse:
         ): {
             "CVE-1234-1007": {
                 "remarks": Remarks.Mitigated,
-                "comments": "",
+                "comments": "Data field populated.",
                 "response": [],
             },
             "CVE-1234-1008": {
@@ -212,7 +212,7 @@ class TestVexParse:
             },
             "CVE-1234-1005": {
                 "remarks": Remarks.NotAffected,
-                "comments": "",
+                "comments": "NotAffected: Detail field populated.",
                 "response": "will_not_fix",
                 "justification": "code_not_reachable",
             },
@@ -226,7 +226,7 @@ class TestVexParse:
         ): {
             "CVE-1234-1007": {
                 "remarks": Remarks.Mitigated,
-                "comments": "",
+                "comments": "Data field populated.",
                 "response": [],
             },
             "CVE-1234-1008": {