From 37a433588d91c7e937bd423ef2c563a6f9c003c6 Mon Sep 17 00:00:00 2001
From: mostlikelee <tim@mostlikelee.com>
Date: Wed, 30 Oct 2024 11:52:08 -0600
Subject: [PATCH 1/2] skip EAP versions

---
 server/vulnerabilities/nvd/cpe_test.go        | 11 +++++++
 .../vulnerabilities/nvd/cpe_translations.json |  8 +++++
 tools/nvd/nvdvuln/nvdvuln.go                  | 30 +++++++++++++++++++
 3 files changed, 49 insertions(+)

diff --git a/server/vulnerabilities/nvd/cpe_test.go b/server/vulnerabilities/nvd/cpe_test.go
index 386234d8ac58..bddc8c9a008a 100644
--- a/server/vulnerabilities/nvd/cpe_test.go
+++ b/server/vulnerabilities/nvd/cpe_test.go
@@ -1344,6 +1344,17 @@ func TestCPEFromSoftwareIntegration(t *testing.T) {
 			},
 			cpe: "cpe:2.3:a:jetbrains:intellij_idea:2023.3.2.233.13135.103:*:*:*:*:macos:*:*",
 		},
+		{
+			// Skip EAP JebBrains products
+			software: fleet.Software{
+				Name:             "IntelliJ IDEA 2024.3 EAP.app",
+				Source:           "apps",
+				Version:          "EAP IU-242.16677.21",
+				Vendor:           "",
+				BundleIdentifier: "com.jetbrains.intellij-EAP",
+			},
+			cpe: "",
+		},
 		{
 			software: fleet.Software{
 				Name:             "User PyCharm Custom Name.app", // 2023/10/31: The actual product name must be part of the app name per our code in CPEFromSoftware
diff --git a/server/vulnerabilities/nvd/cpe_translations.json b/server/vulnerabilities/nvd/cpe_translations.json
index ec03b2e26c35..ef4d5af7f9f4 100644
--- a/server/vulnerabilities/nvd/cpe_translations.json
+++ b/server/vulnerabilities/nvd/cpe_translations.json
@@ -120,6 +120,14 @@
       "vendor": ["flock"]
     }
   },
+  {
+    "software": {
+      "bundle_identifier": ["/^com.jetbrains.*EAP/"]
+    },
+    "filter": {
+      "skip": true
+    }
+  },
   {
     "software": {
       "bundle_identifier": ["/^com\\.jetbrains\\.intellij/"],
diff --git a/tools/nvd/nvdvuln/nvdvuln.go b/tools/nvd/nvdvuln/nvdvuln.go
index dfa9e4102291..b952758d49d2 100644
--- a/tools/nvd/nvdvuln/nvdvuln.go
+++ b/tools/nvd/nvdvuln/nvdvuln.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"flag"
 	"fmt"
+	"io"
 	"os"
 	"path/filepath"
 	"sort"
@@ -305,6 +306,35 @@ func vulnDBSync(vulnDBDir string, debug bool, logger log.Logger) error {
 	if err != nil {
 		return err
 	}
+
+	// copy dev CPE Translations file
+	src := "./server/vulnerabilities/nvd/cpe_translations.json"
+	dst := filepath.Join(vulnDBDir, "cpe_translations.json")
+	if err := copyFile(src, dst); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func copyFile(src, dst string) error {
+	srcFile, err := os.Open(src)
+	if err != nil {
+		return err
+	}
+	defer srcFile.Close()
+
+	dstFile, err := os.Create(dst)
+	if err != nil {
+		return err
+	}
+	defer dstFile.Close()
+
+	_, err = io.Copy(dstFile, srcFile)
+	if err != nil {
+		return err
+	}
+
 	return nil
 }
 

From e4962caafae4bd381f40d915e9c9e7dfb4dbb58b Mon Sep 17 00:00:00 2001
From: mostlikelee <tim@mostlikelee.com>
Date: Wed, 30 Oct 2024 11:55:13 -0600
Subject: [PATCH 2/2] changelog

---
 changes/22723-intellij-EAP | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changes/22723-intellij-EAP

diff --git a/changes/22723-intellij-EAP b/changes/22723-intellij-EAP
new file mode 100644
index 000000000000..2ea0c11a3f0e
--- /dev/null
+++ b/changes/22723-intellij-EAP
@@ -0,0 +1 @@
+- added translation rule to skip EAP versions of Jetbrains products in vulnerability processing
\ No newline at end of file