Merge pull request #3338 from 'origin/int' into main

Author: alinh-mitre

public/images/news/CVEListSearchBox.png

@@ -19,6 +19,7 @@ import PrimaryNavigation from './components/PrimaryNavigation.vue';
 import NotificationBannerModule from './components/NotificationBannerModule.vue';
 import FoooterModule from './components/FooterModule.vue';
 import NotFound from './views/NotFound.vue';
+import { usePartnerStore } from '@/stores/partners';
 
 export default {
   components: {
@@ -31,6 +32,9 @@ export default {
     return {
       NavigationItems
     }
+  },
+  beforeMount() {
+    usePartnerStore().populatePartnerShortLongNameMap();
   }
 }
 </script>

src/App.vue

@@ -1,24 +1,24 @@
 {
-  "shouldDisplay":false,
-  "publishCount": 6,
+  "shouldDisplay":true,
+  "publishCount": 7,
   "collapsed": false,
   "notificationContents": [
     {
       "contentType": "paragraph",
-      "content": "<strong>NOTICE: </strong>"
+      "content": "<strong>Notice: </strong>"
     },
     {
       "contentType": "paragraph",
-      "content": "On December 4, 2024, CVE Services will be unavailable from 1:00 – 3:00 PM EST, UTC-5, to undergo maintenance and deployment of "
+      "content": "Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more "
     },
     {
-      "contentType": "externalLink",
-      "link": "https://github.com/CVEProject/cve-schema/releases/tag/v5.1.1-rc2",
-      "linkText": "CVE Record Format Version 5.1.1"
+      "contentType": "internalLink",
+      "link": "/Media/News/item/blog/2024/12/11/CVE-List-Keyword-Search-Now-Available",
+      "linkText": "here"
     },
     {
       "contentType": "paragraph",
-      "content": ", which adds new features for CVE Numbering Authorities (CNAs). The CVE ID Lookup on this website will also be unavailable during this timeframe."
+      "content": "."
     }
   ]
 }

src/assets/data/NotificationBanner.json

@@ -271,8 +271,8 @@
 				"questionId": "search_cve",
 				"questionText": "How do I search the CVE List",
 				"questionResponseParagraphs": [
-					"<strong>Keyword(s) Search of All CVE Records</strong>",
-					"<ul><li>Search by keyword(s) across <a href='https://github.com/CVEProject/cvelistV5' target='_blank'>ALL FIELDS of all CVE Records</a> in the cvelistV5 downloads repository using the main search box on GitHub.com.</li><li>Search by keyword(s) in the <a href='https://cve.mitre.org/cve/search_cve_list.html' target='_blank'>Description fields ONLY of all CVE Records</a> using the legacy search page on cve.mitre.org.</li></ul>"
+					"<b><i>Search Tips<i></b>",
+					"<ul><li>By CVE ID<ul><li>Must include only one CVE ID per search.</li><li>CVE ID must include all letters, numbers, and hyphens associated with the CVE ID, e.g., CVE-2024-12345678.</li><li>“CVE” may be entered as “cve”, “CVE”, or as a combination of uppercase and lowercase, as casing is ignored during search.</li></ul></li><li>By other keyword(s)<ul><li>Must contain only alphanumeric characters, e.g., letters or numbers.</li><li>May contain one or more keywords, separated by a space.</li><li>Keywords may be entered in lowercase, uppercase, or a combination of both. Casing is ignored during search, e.g., Vulnerabilities, vulnerabilities, VULNERABILITIES.</li></ul></li></ul>"
 				]
 			},
 			{

src/assets/data/faqs.json

@@ -1,5 +1,99 @@
 {
   "currentNews": [
+    {
+      "id": 452,
+      "displayOnHomepageOrder": 1,
+      "newsType": "blog",
+      "title": "“CVE List Keyword Search” Now Available on CVE.ORG Website",
+      "urlKeywords": "CVE List Keyword Search Now Available",
+      "date": "2024-12-11",
+      "author": {
+        "name": "CVE Program",
+        "organization": {
+          "name": "CVE Program",
+          "url": ""
+        },
+        "title": "",
+        "bio": ""
+      },
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "The ability to search <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> by keyword is now available on <a href='/'>CVE.ORG</a>. Keywords may include a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE ID</a> (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.)."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "The new <a href='/'>CVE List Keyword Search</a> box—shown below—is located at the top of every page of the website. Please try the new CVE List keyword search and provide your feedback <a href='https://forms.office.com/g/qmmTaYnr5y' target='_blank'>here</a>."
+        },
+        {
+          "contentnewsType": "image",
+          "imageWidth": "",
+          "href": "/news/CVEListSearchBox.png",
+          "altText": "CVE List Keyword Search box",
+          "captionText": "<a href='https://www.cve.org/' target='_blank'>CVE List Keyword Search box</a>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Please note that this search is for the CVE List only. It will only search CVE Records. To search the overall website, use the “Site Search” located to the right of the CVE List search box."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<h3>Continuous Improvement</h3>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "While Phase 1 brought CVE ID lookup to the new CVE.ORG website, Phase 2 of our search deployment brings keyword searching of the CVE List."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Users can now search by keywords with letters or numbers (e.g., vendor name, product name and version, vulnerability type, etc.), or by a CVE ID that must include all letters, numbers, and hyphens associated with the CVE ID, (e.g., CVE-2024-12345). Future phases will include adding the ability to search by special characters (e.g., dot (.), forward slash (/), etc. ), and other enhancements suggested by the community."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Community input is integral for our ability to continuously improve the search capability, so please provide your valuable feedback <a href='https://forms.office.com/g/qmmTaYnr5y' target='_blank'>here</a>."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "It is important to note that the new keyword search capability may be temporarily unavailable when enhancements are added. During these times, the <a href='https://cve.mitre.org/cve/search_cve_list.html' target='_blank'>CVE List legacy search</a> on CVE.MITRE.ORG will remain available for use as a fallback."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<h3>Search Tips</h3>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Enter keywords in the new keyword search box following the guidelines provided below."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<h4>By CVE ID:</h4>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<ul><li>Must include only one CVE ID per search.</li><li>CVE ID must include all letters, numbers, and hyphens associated with the CVE ID, e.g., CVE-2024-12345678.</li><li>“CVE” may be entered as “cve”, “CVE”, or as a combination of uppercase and lowercase, as casing is ignored during search.</li></ul>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<h4>By Other Keyword(s):</h4>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<ul><li>Must contain only alphanumeric characters, e.g., letters or numbers.</li><li>May contain one or more keywords, separated by a space.</li><li>Keywords may be entered in lowercase, uppercase, or a combination of both. Casing is ignored during search, e.g., the following variations are treated the same and would return the same results: Vulnerabilities, vulnerabilities, VULNERABILITIES.</li></ul>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<strong>Note:</strong> Newly published CVE Records are generally available to search within 30 minutes of publication."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<h3>Requesting Feedback</h3>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Thank you in advance for using the “CVE List Keyword Search” and providing your feedback, which will help us improve the capability for the community over time. The feedback form is available <a href='https://forms.office.com/g/qmmTaYnr5y' target='_blank'>here</a>."
+        }
+      ]
+    },
     {
       "id": 451,
       "newsType": "news",
@@ -780,7 +874,6 @@
     },
     {
       "id": 429,
-      "displayOnHomepageOrder": 1,
       "newsType": "blog",
       "title": "CVE Program Celebrates 25 Years of Impact!",
       "urlKeywords": "CVE Program Celebrates 25 Years",

src/assets/data/news.json

@@ -5,21 +5,21 @@
         <slot></slot>
         <button class="button message-header-button"
           :style="{'background-color': '#162e51 !important', 'color': 'white !important'}"
-          :aria-expanded="useCveRecordLookupStore.accordionState[organizationId] ? 'true' : 'false'"
+          :aria-expanded="usecveRecordStore.accordionState[organizationId] ? 'true' : 'false'"
           :aria-controls="`${organizationId}-panel`"
         >
           <span class="icon is-small">
             <p :id="`expandCollapseAltText-${organizationId}`" class="is-hidden">
-              {{useCveRecordLookupStore.accordionState[organizationId] ? 'expand' : 'collapse'}}
+              {{usecveRecordStore.accordionState[organizationId] ? 'expand' : 'collapse'}}
             </p>
-            <font-awesome-icon :icon="useCveRecordLookupStore.accordionState[organizationId] ? 'minus' : 'plus'"
+            <font-awesome-icon :icon="usecveRecordStore.accordionState[organizationId] ? 'minus' : 'plus'"
               aria-hidden="false" focusable="true" :aria-labelledby="`expandCollapseAltText-${organizationId}`"
             />
           </span>
         </button>
       </button>
       <!-- Panel content is conditionally determined by role -->
-      <div :id="`${organizationId}-panel`" v-if="useCveRecordLookupStore.accordionState[organizationId]"
+      <div :id="`${organizationId}-panel`" v-if="usecveRecordStore.accordionState[organizationId]"
         class="pl-3 pr-3 pt-2 pb-5 cve-container-accordion-panel"
       >
         <div>
@@ -210,7 +210,8 @@
 </template>
 
 <script>
-import { useCveRecordLookupStore } from '@/stores/cveRecordLookup.ts';
+import { usecveRecordStore } from '@/stores/cveRecord.ts';
+import { useGenericGlobalsStore } from '@/stores/genericGlobals';
 import ProductStatus from '@/components/ProductStatus.vue';
 import CveRecordReferences from './CveRecordReferences.vue';
 
@@ -255,13 +256,13 @@ export default {
       //to do
       adpShortName: this.containerObject.providerMetadata.shortName,
       dateUpdated: '',
-      cveServicesBaseUrl: import.meta.env.VITE_CVE_SERVICES_BASE_URL,
-      useCveRecordLookupStore: useCveRecordLookupStore(),
+      cveServicesBaseUrl: useGenericGlobalsStore().currentServicesUrl,
+      usecveRecordStore: usecveRecordStore(),
     }
   },
   methods: {
     togglePanel(){
-      useCveRecordLookupStore().accordionState[this.organizationId] = !useCveRecordLookupStore().accordionState[this.organizationId];
+      usecveRecordStore().accordionState[this.organizationId] = !usecveRecordStore().accordionState[this.organizationId];
     },
     hasEnrichmentData(){
       if (this.cwes.length > 0 || this.cvsss.length > 0 || this.kevs.length > 0 || this.ssvcs.length > 0) {
@@ -406,8 +407,8 @@ export default {
       }
     },
     getCveProgramReferences(){
-      if (this.containerObject.providerMetadata.shortName?.toLowerCase() !== useCveRecordLookupStore().cveProgramShortName) return;
-      this.cveProgramReferences = useCveRecordLookupStore().getReferences(this.containerObject.references);
+      if (this.containerObject.providerMetadata.shortName?.toLowerCase() !== usecveRecordStore().cveProgramShortName) return;
+      this.cveProgramReferences = usecveRecordStore().getReferences(this.containerObject.references);
     },
     getUpdatedDate() {
       if(this.containerObject.providerMetadata?.dateUpdated) {

src/components/AdpVulnerabilityEnrichment.vue

@@ -122,14 +122,16 @@
         <div class="navbar-start" style="flex-grow: 1 !important; align-items: center !important; justify-content: center !important;
           flex-direction: column !important">
           <div class="navbar-item cve-secondary-navbar-item">
-            <cveRecordLookup/>
+            <cveRecordSearch/>
           </div>
           <div class="navbar-item cve-secondary-navbar-item cve-keyword-search">
-            <span class="icon-text mr-2" style="font-size: 14px">
-              <router-link to="/ResourcesSupport/FAQs#pc_cve_list_basicssearch_cve" class="cve-dark-blue-text">
-                Find CVE Records by keyword on cve.mitre.org.
-              </router-link>
-            </span>
+            <div v-if="searchType">
+              <span class="icon-text mr-2" style="font-size: 14px">
+                <router-link to="/ResourcesSupport/FAQs#pc_cve_list_basicssearch_cve" class="cve-dark-blue-text">
+                  Access Search Tips
+                </router-link>
+              </span>
+            </div>
           </div>
         </div>
         <div class="navbar-end is-hidden-touch">
@@ -150,16 +152,21 @@
 </template>
 
 <script>
-import cveRecordLookup from './cveRecordLookupModule.vue';
+import cveRecordSearch from '@/components/cveRecordSearchModule.vue';
+import { useCveListSearchStore } from '@/stores/cveListSearch';
+import { mapState } from 'pinia'
 
 export default {
-  components: { cveRecordLookup },
+  components: { cveRecordSearch },
   props: {
     cvenavs: {
       type: Object,
       required: true,
     },
   },
+  computed: {
+    ...mapState(useCveListSearchStore, ['searchType'])
+  },
   data() {
     return {
       isOpen: false,
@@ -184,8 +191,6 @@ export default {
       } else {
         this.selectedTouchScreenMenu.push(menuOption);
       }
-
-      console.log('this.selectedTouchScreenMenu ', this.selectedTouchScreenMenu)
     },
     toggleTouchScreenBurgerMenu() {
       this.isOpen = !this.isOpen;

src/components/HelloWorld.vue

@@ -3,7 +3,7 @@
     <h4 class="title is-size-5 mb-0">Product Status</h4>
     <router-link to="/CVERecord/UserGuide/#cve-product-status" class="cve-learn-more-link">Learn more</router-link>
     <div class="mt-4">
-      <div v-if="useCveRecordLookupStore.emptyProductStatus[role]">
+      <div v-if="usecveRecordStore.emptyProductStatus[role]">
         <p class="is-italic cve-help-text">Information not provided</p>
       </div>
       <div v-else>
@@ -88,7 +88,7 @@
 </template>
 
 <script>
-import { useCveRecordLookupStore } from '@/stores/cveRecordLookup.ts';
+import { usecveRecordStore } from '@/stores/cveRecord.ts';
 
 export default {
   props: {
@@ -103,7 +103,7 @@ export default {
   },
   data() {
     return {
-      useCveRecordLookupStore: useCveRecordLookupStore()
+      usecveRecordStore: usecveRecordStore()
       
     }
   },
@@ -126,9 +126,9 @@ export default {
         }
 
         if (isVendorNa && isProductNa && isVersionNa && isDefaultStausNa) {
-          useCveRecordLookupStore().emptyProductStatus[this.role] = true;
+          usecveRecordStore().emptyProductStatus[this.role] = true;
         } else {
-          useCveRecordLookupStore().emptyProductStatus[this.role] = false;
+          usecveRecordStore().emptyProductStatus[this.role] = false;
         }
       }
     },