Using some --q-xxx options result in: TypeError: object of type 'NoneType' has no len()

[ryran]

$ rhsecapi --q-pagenum 7 --loglevel debug 
[INFO   ] rhsda: Getting https://access.redhat.com/labs/securitydataapi/cve.json?page=7
[DEBUG  ] rhsda: Return '.../cve.json?page=7': Status 200, Content-Type application/json
[NOTICE ] rhsda: 1000 CVEs found with search query
Traceback (most recent call last):
  File "/usr/bin/rhsecapi", line 420, in <module>
    main(opts)
  File "/usr/bin/rhsecapi", line 363, in main
    searchOutput = apiclient.cve_search_query(params=opts.searchParams, outFormat=opts.outFormat, urls=opts.printUrls)
  File "/usr/share/rhsecapi/rhsda.py", line 918, in cve_search_query
    return self._columnize(rows, sep="  ")
  File "/usr/share/rhsecapi/rhsda.py", line 924, in _columnize
    widths = [ max(map(len, col)) for col in zip(*rows) ]
TypeError: object of type 'NoneType' has no len()

[ryran]

Digging a little deeper, I see this is because of an erroneous assumption I made about the data returned by the API. In my initial investigation, I saw that CVE records would often lack an attribute (like CVSS2 or 3), but I didn't notice that sometimes an attribute will be present with a null value, e.g.:

{
  "CVE": "CVE-2014-9938", 
  "CWE": "CWE-78", 
  "advisories": [], 
  "affected_packages": [], 
  "bugzilla": "1434415", 
  "cvss3_score": 7.8, 
  "cvss_score": null, 
  "cvss_scoring_vector": null, 
  "public_date": "2014-04-22T00:00:00+00:00", 
  "resource_url": "https://access.redhat.com/labs/securitydataapi/cve/CVE-2014-9938.json", 
  "severity": "moderate"
}

This was not accounted for -- i.e., original code:

cvss2 = ""
if i.has_key('cvss_score'):
    cvss2 = str(i['cvss_score'])
...
line = [cve, date, bz, severity, cvss2, cvss3, rhsas, pkgs] 

In next version (hopefully release in the next 24 hours), this will be fixed as all fields will be checked, e.g.:

cvss2 = ""
if 'cvss_score' in i and i['cvss_score'] is not None:
    cvss2 = str(i['cvss_score'])

[ryran]

Fixed in v1.0.1 -- new rpm soon.