如何在 Graphql 中获取特定的安全咨询存储库 [英] How To Get Particular Security Advisory Repository in Graphql

问题描述

我试过了

我试过这个代码

`# Type queries into this side of the screen, and you will 
# see intelligent typeaheads aware of the current GraphQL type schema, 
# live syntax, and validation errors highlighted within the text.

# We'll get you started with a simple query showing your username!


query {
  securityAdvisories(orderBy: {field: PUBLISHED_AT, direction: DESC}, first: 2) {
    nodes {
      description
      ghsaId
      summary
      publishedAt
    }
  }
}

并得到以下回复

{
  "data": {
    "securityAdvisories": {
      "nodes": [
        {
          "description": "In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection.",
          "ghsaId": "GHSA-pgwj-prpq-jpc2",
          "summary": "Critical severity vulnerability that affects symfony/dependency-injection",
          "publishedAt": "2019-11-18T17:27:31Z"
        },
        {
          "description": "Tapestry processes assets `/assets/ctx` using classes chain `StaticFilesFilter -> AssetDispatcher -> ContextResource`, which doesn't filter the character `\\`, so attacker can perform a path traversal attack to read any files on Windows platform.",
          "ghsaId": "GHSA-89r3-rcpj-h7w6",
          "summary": "Moderate severity vulnerability that affects org.apache.tapestry:tapestry-core",
          "publishedAt": "2019-11-18T17:19:03Z"
        }
      ]
    }
  }
}

但我想得到特定安全建议的响应像这样

But i want to get the response for specific security advisory like this

即我想获得特定 id 的 graphql 响应，例如以下示例 url ID 是 GHSA-wmx6-vxcf-c3gr

i.e i want to get graphql response for specific id for below example url ID is GHSA-wmx6-vxcf-c3gr

谢谢！

推荐答案

最简单的方法是使用 securityAdvisory() 查询.

The simplest way would be to use the securityAdvisory() query.

query {
securityAdvisory(ghsaId: "GHSA-wmx6-vxcf-c3gr") {
  ghsaId
  summary
    }
}

如果您出于某种原因需要使用 securityAdvisories() 查询，您只需添加一个 标识符:.以下查询应获取 GHSA-wmx6-vxcf-c3gr 的不同条目.

If you need to use the securityAdvisories() query for some reason, you simply have to add an identifier:. The following query should get the distinct entry for GHSA-wmx6-vxcf-c3gr.

query {
securityAdvisory(ghsaId: "GHSA-wmx6-vxcf-c3gr") {
  ghsaId
  summary
    }
}

这篇关于如何在 Graphql 中获取特定的安全咨询存储库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！