Replaces the regex-based parsing with pattern matching. The new implementation is able to detect:
Missing mandatory metrics
Extraneous, unknown metrics
Invalid metric values
Invalid metric formats
In all above cases, a MalformedVectorException is thrown, containing details about the issue at hand. Previously, trying to parse an invalid vector merely resulted in a null return value.
Parsing is now able to properly detect whether the provided vector is CVSSv3.0 or CVSSv3.1, which addresses #56.
[!NOTE]
This implementation does not enforce metric order for CVSSv2.
Additionally, defaults optional metrics to "Not Defined".
Score calculation is not designed to deal with null values. If a metric is not provided, it is assumed to be "Not Defined" (ND for CVSSv2, X for CVSSv3). This ensures that score calculation continues to work, when only a subset of optional metrics is provided.
Metrics with "Not Defined" values are omitted when constructing a vector string. This is in line with how visual CVSS calculators operate.
Initialization of metrics with null is prevented via Objects#requireNonNull checks on setters.
Replaces the regex-based parsing with pattern matching. The new implementation is able to detect:
In all above cases, a
MalformedVectorException
is thrown, containing details about the issue at hand. Previously, trying to parse an invalid vector merely resulted in anull
return value.Parsing is now able to properly detect whether the provided vector is CVSSv3.0 or CVSSv3.1, which addresses #56.
Closes https://github.com/stevespringett/cvss-calculator/issues/49 Fixes https://github.com/stevespringett/cvss-calculator/issues/56
Additionally, defaults optional metrics to "Not Defined".
Score calculation is not designed to deal with
null
values. If a metric is not provided, it is assumed to be "Not Defined" (ND
for CVSSv2,X
for CVSSv3). This ensures that score calculation continues to work, when only a subset of optional metrics is provided.Metrics with "Not Defined" values are omitted when constructing a vector string. This is in line with how visual CVSS calculators operate.
Initialization of metrics with
null
is prevented viaObjects#requireNonNull
checks on setters.Fixes https://github.com/stevespringett/cvss-calculator/issues/65