search

jpmonette / feed

A RSS, Atom and JSON Feed generator for Node.js, making content syndication simple and intuitive! 🚀
https://github.com/jpmonette/feed
MIT License
1.18k stars 197 forks source link

Categories : is there a term/name inversion ? #178

Open AppSecAmael opened 2 years ago

AppSecAmael commented 2 years ago

Describe the bug Hello,

we are using your library to generate json and rss feeds about github security advisories. I tried to add the severity of each vulnerability to the feeds in the form of a "category" but get inconsistent results in rss VS json feeds.

Testing with name="severity" and term = "CRITICAL"

 feed.addCategory("CRITICAL");
feed.addCategory("HIGH");
...
 feed.addItem({
...
 category: [
                {
                    term: item.severity,
                    name: "severity"
                }
            ],
....

XML Result shows that the categories are taken in account in the feed with a term representing the level of criticity.

<feed xmlns="http://www.w3.org/2005/Atom">
    ...
    <category term="CRITICAL"/>
    <category term="HIGH"/>
    <category term="MODERATE"/>
    <category term="LOW"/>

And each entry gets a category with both a label and a term, consistent with the categories displayed in the flow.

<category label="severity" term="MODERATE"/>

But in the JSON flow this category is transformed to a "tag" and this one is displaying the "label" instead of the "term" : 

"tags": [
                "severity"
            ]

I expected to get the term here, not the label. Am I interpreting this wrongly ?

Versions :

Additional context

You can see the flows here : https://azu.github.io/github-advisory-database-rss/