From a4a20585080db112b7460c3cca76d57db98c17e9 Mon Sep 17 00:00:00 2001
From: DJ Schleen <djschleen@gmail.com>
Date: Sun, 22 Sep 2024 22:00:08 +0000
Subject: [PATCH] fix: fixes case when there are no aliases

---
 providers/osv/osv.go | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/providers/osv/osv.go b/providers/osv/osv.go
index 1d9e073..37dc5d9 100644
--- a/providers/osv/osv.go
+++ b/providers/osv/osv.go
@@ -65,14 +65,24 @@ func (Provider) Scan(purls []string, credentials *m.Credentials) ([]m.Package, e
 					severity = "UNSPECIFIED"
 				}
 				vulnerability := m.Vulnerability{
-					ID:          vuln.ID,
+					ID: func() string {
+						if vuln.ID == "" {
+							return "NOT PROVIDED"
+						}
+						return vuln.ID
+					}(),
 					Title:       vuln.Summary,
 					Description: vuln.Details,
 					Severity:    severity,
-					Cve:         vuln.Aliases[0],
+					Cve: func() string {
+						if len(vuln.Aliases) > 0 {
+							return vuln.Aliases[0]
+						}
+						return "NOT PROVIDED"
+					}(),
 					CvssScore: func() float64 {
 						s, ok := vuln.DatabaseSpecific["cvss_score"].(string)
-						if !ok {
+						if ok {
 							score, _ := strconv.ParseFloat(s, 64)
 							return score
 						}
@@ -86,9 +96,6 @@ func (Provider) Scan(purls []string, credentials *m.Credentials) ([]m.Package, e
 					}
 					vulnerability.ID = strings.Join(cweIDs, ",")
 				}
-				if vulnerability.ID == "" {
-					vulnerability.ID = "NOT PROVIDED"
-				}
 				pkg.Vulnerabilities = append(pkg.Vulnerabilities, vulnerability)
 			}
 			packages = append(packages, pkg)