jasnow/gist:c075a3ecbabed38640b93a171b5700bf

## gistfile1.txt
UNAFFECTED_VERSIONS (3 "single range" use cases + 2 others)

 -A- (vulnerableVersionRange number == identifier and is: "< number")
     -- gems/nokogiri/GHSA-fq42-c5rg-92c2.yml:  vulnerableVersionRange: "< 1.13.2"
     -- gems/nokogiri/GHSA-fq42-c5rg-92c2.yml:    identifier: 1.13.2
RAW:
vulnerabilities:
- package:
    name: nokogiri
    ecosystem: RUBYGEMS
  vulnerableVersionRange: "< 1.13.2"
  firstPatchedVersion:
    identifier: 1.13.2
     -- THEREFORE: "unaffected_version" should be omitted.
        -- CURRENTLY/[WIP] is "- 'OPTIONAL/MANUAL: ALL AFFECTED, OMIT FIELD'"

 -B- (vulnerableVersionRange number == (identifier - 0.0.1) and is: "= (number- 0.0.1) ")
     -- gems/spree_auth_devise/GHSA-8xfw-5q82-3652.yml:  vulnerableVersionRange: "= 4.1.0"
     -- gems/spree_auth_devise/GHSA-8xfw-5q82-3652.yml:    identifier: 4.1.1
RAW:
vulnerabilities:
- package:
    name: spree_auth_devise
    ecosystem: RUBYGEMS
  vulnerableVersionRange: "= 4.1.0"
  firstPatchedVersion:
    identifier: 4.1.1
     -- THEREFORE: "unaffected_version" should be "< number".
        -- CURRENTLY/[WIP] is "

 -C- Add vulnerableVersionRange to code.
gems/text_helpers/CVE-2020-36624.yml: ">= 1.1.0, < 1.2.0"
gems/actionpack/CVE-2012-3424.yml: ">= 2.3.5, <= 2.3.14"
RAW:

 -D- (vulnerableVersionRange number == (identifier - vvrNumber) > 0.0.1
     -- gems/webrick/CVE-2009-4492.yml:  vulnerableVersionRange: "<= 1.3.1"
     -- gems/webrick/CVE-2009-4492.yml:    identifier: 1.4.0
RAW:
vulnerabilities:
- package:
    name: webrick
    ecosystem: RUBYGEMS
  vulnerableVersionRange: "<= 1.3.1"
  firstPatchedVersion:
    identifier: 1.4.0
     -- THEREFORE: "unaffected_version" should be:
        -- "> lower_number, <= higher_number"
        -- "> 1.3.1, <= 1.4.0" for gems/webrick/CVE-2009-4492
        -- CURRENTLY/[WIP] is "- 'OPTIONAL/MANUAL: VULY COUNT IS: 4'"

 -E- Multiple patched_versions Ranges (no use cases yet; 3 examples in pm-testsuite file)
RAW:
        -- CURRENTLY/[WIP] is "- 'OPTIONAL/MANUAL: VULY COUNT IS: 4'"
EOF
	UNAFFECTED_VERSIONS (3 "single range" use cases + 2 others)

	-A- (vulnerableVersionRange number == identifier and is: "< number")
	-- gems/nokogiri/GHSA-fq42-c5rg-92c2.yml: vulnerableVersionRange: "< 1.13.2"
	-- gems/nokogiri/GHSA-fq42-c5rg-92c2.yml: identifier: 1.13.2
	RAW:
	vulnerabilities:
	- package:
	name: nokogiri
	ecosystem: RUBYGEMS
	vulnerableVersionRange: "< 1.13.2"
	firstPatchedVersion:
	identifier: 1.13.2
	-- THEREFORE: "unaffected_version" should be omitted.
	-- CURRENTLY/[WIP] is "- 'OPTIONAL/MANUAL: ALL AFFECTED, OMIT FIELD'"

	-B- (vulnerableVersionRange number == (identifier - 0.0.1) and is: "= (number- 0.0.1) ")
	-- gems/spree_auth_devise/GHSA-8xfw-5q82-3652.yml: vulnerableVersionRange: "= 4.1.0"
	-- gems/spree_auth_devise/GHSA-8xfw-5q82-3652.yml: identifier: 4.1.1
	RAW:
	vulnerabilities:
	- package:
	name: spree_auth_devise
	ecosystem: RUBYGEMS
	vulnerableVersionRange: "= 4.1.0"
	firstPatchedVersion:
	identifier: 4.1.1
	-- THEREFORE: "unaffected_version" should be "< number".
	-- CURRENTLY/[WIP] is "

	-C- Add vulnerableVersionRange to code.
	gems/text_helpers/CVE-2020-36624.yml: ">= 1.1.0, < 1.2.0"
	gems/actionpack/CVE-2012-3424.yml: ">= 2.3.5, <= 2.3.14"
	RAW:

	-D- (vulnerableVersionRange number == (identifier - vvrNumber) > 0.0.1
	-- gems/webrick/CVE-2009-4492.yml: vulnerableVersionRange: "<= 1.3.1"
	-- gems/webrick/CVE-2009-4492.yml: identifier: 1.4.0
	RAW:
	vulnerabilities:
	- package:
	name: webrick
	ecosystem: RUBYGEMS
	vulnerableVersionRange: "<= 1.3.1"
	firstPatchedVersion:
	identifier: 1.4.0
	-- THEREFORE: "unaffected_version" should be:
	-- "> lower_number, <= higher_number"
	-- "> 1.3.1, <= 1.4.0" for gems/webrick/CVE-2009-4492
	-- CURRENTLY/[WIP] is "- 'OPTIONAL/MANUAL: VULY COUNT IS: 4'"

	-E- Multiple patched_versions Ranges (no use cases yet; 3 examples in pm-testsuite file)
	RAW:
	-- CURRENTLY/[WIP] is "- 'OPTIONAL/MANUAL: VULY COUNT IS: 4'"
	EOF