This PR updates EffectiveStatement to match those vulnerability formats as well. Also, it fixes test cases as vulnerability IDs must be IRIs, but names are used.
An Internationalized Resource Identifier (IRI) identifying the struct. Used to reference and link the vulnerability data.
Vulnerability IDs can be in various formats such as IRI now, and
Vulnerability.Matchestries to match all possible formats. https://github.com/openvex/go-vex/blob/af1694907e5e59529a5aa03b1a0c891059740812/pkg/vex/vulnerability.go#L32-L47This PR updates
EffectiveStatementto match those vulnerability formats as well. Also, it fixes test cases as vulnerability IDs must be IRIs, but names are used.https://github.com/openvex/spec/blob/fa5ba0c0afedb008dc5ebad418548cacf16a3ca7/OPENVEX-SPEC.md#vulnerability-struct-fields
P.S. If you will accept this change, I'm planning to apply the same change to products in
EffectiveStatementwithProduct.Matches. https://github.com/openvex/go-vex/blob/af1694907e5e59529a5aa03b1a0c891059740812/pkg/vex/product.go#L25-L45