From 1fcdc33cfa28ef873956113f4ca77fd1351682cf Mon Sep 17 00:00:00 2001
From: Christian Duerr <chris.durr@phylum.io>
Date: Tue, 8 Oct 2024 18:06:30 +0200
Subject: [PATCH 1/2] Fix failure in package subcommand

This fixes some compatibility issues between our current API and the
CLI's own internal data structures.

Closes #1512.
---
 CHANGELOG.md            |  1 +
 cli/src/types.rs        | 27 +++++++++++----------------
 extensions/CHANGELOG.md |  4 ++++
 extensions/phylum.d.ts  | 12 ------------
 4 files changed, 16 insertions(+), 28 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ec1cbc72e..5ee662c56 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -21,6 +21,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Fixed
 
 - Phylum project file paths on Windows
+- Package subcommand failing to parse API responses
 
 ## 7.0.0 - 2024-09-17
 
diff --git a/cli/src/types.rs b/cli/src/types.rs
index 64065da01..267c3ac5e 100644
--- a/cli/src/types.rs
+++ b/cli/src/types.rs
@@ -132,6 +132,14 @@ pub struct RevokeTokenRequest<'a> {
     pub name: &'a str,
 }
 
+#[derive(Serialize, Deserialize)]
+pub struct PackageSpecifier {
+    #[serde(alias = "type")]
+    pub registry: String,
+    pub name: String,
+    pub version: String,
+}
+
 /// Response body for `/data/packages/submit`.
 #[derive(Serialize, Deserialize)]
 #[serde(tag = "status", content = "data")]
@@ -156,33 +164,19 @@ pub struct Package {
     pub versions: Vec<ScoredVersion>,
     pub description: Option<String>,
     pub license: Option<String>,
-    pub dep_specs: Vec<PackageSpecifier>,
     pub dependencies: Option<Vec<Package>>,
-    pub download_count: u32,
     pub risk_scores: RiskScores,
-    pub total_risk_score_dynamics: Option<Vec<ScoreDynamicsPoint>>,
     pub issues: Vec<Issue>,
-    pub authors: Vec<Author>,
-    pub developer_responsiveness: Option<DeveloperResponsiveness>,
     pub complete: bool,
     pub release_data: Option<PackageReleaseData>,
     pub repo_url: Option<String>,
-    pub maintainers_recently_changed: Option<bool>,
-    pub is_abandonware: Option<bool>,
-}
-
-#[derive(Serialize, Deserialize)]
-pub struct PackageSpecifier {
-    #[serde(alias = "type")]
-    pub registry: String,
-    pub name: String,
-    pub version: String,
 }
 
 #[derive(Serialize, Deserialize)]
 pub struct ScoredVersion {
     pub version: String,
     pub total_risk_score: Option<f32>,
+    pub published_date: Option<String>,
 }
 
 /// Package risk scores, broken down by domain.
@@ -235,7 +229,7 @@ pub struct VulnDetails {
     /// The CVSS score assigned to this vuln.
     pub cvss: f32,
     /// The CVSS vector string assigned to this vuln.
-    pub cvss_vector: String,
+    pub cvss_vector: Option<String>,
 }
 
 /// The user-specified reason for an issue to be ignored.
@@ -277,6 +271,7 @@ pub struct DeveloperResponsiveness {
 pub struct PackageReleaseData {
     pub first_release_date: String,
     pub last_release_date: String,
+    pub total_releases: u32,
 }
 
 #[derive(Serialize, Deserialize, PartialEq, Eq, Copy, Clone, Debug, Hash)]
diff --git a/extensions/CHANGELOG.md b/extensions/CHANGELOG.md
index 12d80cf20..3822f4b21 100644
--- a/extensions/CHANGELOG.md
+++ b/extensions/CHANGELOG.md
@@ -8,6 +8,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## Unreleased
 
+### Changed
+
+- Return type fields of `PhylumApi::getPackageDetails`
+
 ## 7.0.0 - 2024-09-17
 
 ### Added
diff --git a/extensions/phylum.d.ts b/extensions/phylum.d.ts
index 796c5a3c9..69f79fa50 100644
--- a/extensions/phylum.d.ts
+++ b/extensions/phylum.d.ts
@@ -335,9 +335,7 @@ declare namespace Phylum {
    *   ],
    *   description: "TypeScript is a language for application scale JavaScript development",
    *   license: "Apache-2.0",
-   *   depSpecs: [],
    *   dependencies: [],
-   *   downloadCount: 134637844,
    *   riskScores: {
    *     total: 1,
    *     vulnerability: 1,
@@ -346,18 +344,8 @@ declare namespace Phylum {
    *     engineering: 1,
    *     license: 1
    *   },
-   *   totalRiskScoreDynamics: null,
    *   issuesDetails: [],
    *   issues: [],
-   *   authors: [],
-   *   developerResponsiveness: {
-   *     open_issue_count: 0,
-   *     total_issue_count: 0,
-   *     open_issue_avg_duration: null,
-   *     open_pull_request_count: 0,
-   *     total_pull_request_count: 0,
-   *     open_pull_request_avg_duration: null
-   *   },
    *   complete: true
    * }
    * ```

From c2995b903c9d73752cc26f549bba5597364a72b9 Mon Sep 17 00:00:00 2001
From: Christian Duerr <chris.durr@phylum.io>
Date: Tue, 8 Oct 2024 20:43:09 +0200
Subject: [PATCH 2/2] Fix changelog entry

---
 CHANGELOG.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5ee662c56..64fba6b4a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 - Use `suppression_reason` instead of deprecated `suppressed` field
 
+### Fixed
+
+- Package subcommand failing to parse API responses
+
 ## 7.1.0 - 2024-09-24
 
 ### Added
@@ -21,7 +25,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Fixed
 
 - Phylum project file paths on Windows
-- Package subcommand failing to parse API responses
 
 ## 7.0.0 - 2024-09-17