Shell scripting with JQ help

DSFX · January 18, 2020, 7:36pm

Evening all,

this is my first go at any bash scripting and i'm struggling with handling jquery. I've got the jq library installed and working. i'm working out of Ubuntu and my JQuery looks like this, some info is censored with #.

{
  "description": "some description 1",
  "fixed_version": "######",
  "link": "https://security-tracker.debian.org/tracker/CVE-#######",
  "name": "CVE-######",
  "package_name": "some package 1",
  "package_version": "####",
  "score": 4.6,
  "score_v3": 9.1,
  "severity": "Medium",
  "vectors": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
  "vectors_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
}
{
  "description": "some description 2",
  "fixed_version": "#######",
  "link": "https://security-tracker.debian.org/tracker/CVE-#######",
  "name": "CVE-######",
  "package_name": "some package 2",
  "package_version": "#####",
  "score": 4.6,
  "score_v3": 9.1,
  "severity": "Medium",
  "vectors": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
  "vectors_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
}

What i'd like to do is iterate through this so like so....

vulnerabilities=$(<"$WorkingDirectory"/vulnerabilities.txt) 
echo $vulnerabilities | $JSONParser -r '.[0].description'

This is the error i'm getting

jq: error (at <stdin>:1): Cannot index object with number

I've got a web dev background and a bit of PS. Dealing with JQuery in Shell so far has been a nightmare. Can anybody tell me what i'm doing wrong???

Thanks,
DSFX

Scrutinizer · January 18, 2020, 7:54pm

Try:

jq -r '.description'

--
It is best to put quotes around variable expansions:

echo "$vulnerabilities"

--
You do not need the intermediate step, you could also do this:

jq -r '.description' "$WorkingDirectory"/vulnerabilities.txt

DSFX · January 18, 2020, 10:05pm

Hey,

Thanks so much for getting back. I ran it with

echo $vulnerabilities | $JSONParser -r '.description'

it didn't error on me but it dumped both descriptions out. I need to compile an email to send out with several different fields in it and can't seem to do it with this out put. It's really odd, i wouldn't expect behavior like this for dealing with JSON.

I need to pull about 7 of these fields and compose an email that will get sent out to the teams that manage these projects. So things need to be ordered in a particular way. Normally i'd have an object and just reference that all the way through with an index but can't figure out how to do that in this case or if BASH supports objects.

Scrutinizer · January 19, 2020, 2:00am

Not sure what you are looking for. You could pipe the result into a while-read loop and use shell variables to compose your command.

jq -r '.name + ";" + .description' "$WorkingDirectory"/vulnerabilities.txt |  
while IFS=\; read name description
do
   printf "%s\n" "Name: '${name}' has description '${description}'"
done

or

jq -r '[.name, .description] | join(";")' "$WorkingDirectory"/vulnerabilities.txt |
...

Would produce:

Name: 'CVE-######' has description 'some description 1'
Name: 'CVE-######' has description 'some description 2'

DSFX · January 19, 2020, 11:49am

I used your first solution, worked a treat. Really appreciate your help with this! Shell scripting is not as intuitive as some of the other languages i've used.