更新: 2 个文件 - 2026-03-21 17:49:36

2026-03-21 17:49:36 -07:00
--- a/scripts/intel/entities.py
+++ b/scripts/intel/entities.py
@@ -358,9 +358,17 @@ def build_advisory_extensions(advisory: Dict[str, Any], system: Dict[str, Any])
            }
        )

-    affected = list(advisory.get("affected_versions") or [])
-    fixed = list(advisory.get("fixed_versions") or [])
+    affected = unique(list(advisory.get("affected_version_ranges") or []) + list(advisory.get("affected_versions") or []))
+    fixed = unique(list(advisory.get("fixed_version_ranges") or []) + list(advisory.get("fixed_versions") or []))
    version_confidence, gap_reason, version_resolution_needed = _version_confidence(affected, fixed)
+    affected_version_refs = unique(list(advisory.get("affected_version_refs") or []))
+    fixed_version_refs = unique(list(advisory.get("fixed_version_refs") or []))
+    patched_version_refs = unique(list(advisory.get("patched_version_refs") or []))
+    version_sync_confidence = advisory.get("version_sync_confidence") or version_confidence
+    if version_sync_confidence in {"medium", "high"} and (affected_version_refs or fixed_version_refs or patched_version_refs):
+        version_confidence = version_sync_confidence
+        gap_reason = advisory.get("version_gap_reason") or ""
+        version_resolution_needed = False
    affected_components = [
        {
            "name": _display_name(package_name, system.get("display_name", root_system_id)),
@@ -372,7 +380,9 @@ def build_advisory_extensions(advisory: Dict[str, Any], system: Dict[str, Any])
    ]

    version_sources = unique(
-        [advisory.get("official_source_url")] + list(advisory.get("secondary_source_urls") or [])
+        list(advisory.get("version_evidence_sources") or [])
+        + [advisory.get("official_source_url")]
+        + list(advisory.get("secondary_source_urls") or [])
    )
    enriched = {
        "entity_refs": entity_refs,
@@ -380,8 +390,12 @@ def build_advisory_extensions(advisory: Dict[str, Any], system: Dict[str, Any])
        "affected_version_ranges": affected,
        "fixed_version_ranges": fixed,
        "introduced_version": _pick_version_boundary(affected),
-        "patched_version": _pick_version_boundary(fixed, prefer_fixed=True),
+        "patched_version": advisory.get("patched_version") or _pick_version_boundary(fixed, prefer_fixed=True),
        "version_evidence_sources": version_sources,
+        "affected_version_refs": affected_version_refs,
+        "fixed_version_refs": fixed_version_refs,
+        "patched_version_refs": patched_version_refs,
+        "version_sync_confidence": version_sync_confidence,
        "advisory_scope": advisory_scope,
        "version_confidence": version_confidence,
        "version_gap_reason": gap_reason,
--- a/scripts/intel/versioning.py
+++ b/scripts/intel/versioning.py