From 56a76eae1ebef98a7b4340e01fcecc2046ca1237 Mon Sep 17 00:00:00 2001 From: Keshav Priyadarshi Date: Mon, 13 Jan 2025 21:32:05 +0530 Subject: [PATCH] Use proper purl type for Alpine in pipeline, models, and views Signed-off-by: Keshav Priyadarshi --- vulnerabilities/models.py | 4 +- .../pipelines/alpine_linux_importer.py | 6 +- .../test_alpine_linux_importer_pipeline.py | 112 +++++++++--------- .../default_improver/alpine-expected.json | 28 ++--- .../default_improver/alpine-input.json | 28 ++--- vulnerabilities/tests/test_models.py | 12 +- vulnerabilities/tests/test_view.py | 5 +- vulnerabilities/views.py | 2 +- 8 files changed, 95 insertions(+), 102 deletions(-) diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py index 1a58ec4dc..b2478b834 100644 --- a/vulnerabilities/models.py +++ b/vulnerabilities/models.py @@ -10,10 +10,8 @@ import hashlib import json import logging -import typing from contextlib import suppress from functools import cached_property -from typing import Optional from typing import Union from cwe2.database import Database @@ -56,7 +54,7 @@ models.CharField.register_lookup(Trim) # patch univers for missing entry -RANGE_CLASS_BY_SCHEMES["alpine"] = AlpineLinuxVersionRange +RANGE_CLASS_BY_SCHEMES["apk"] = AlpineLinuxVersionRange class BaseQuerySet(models.QuerySet): diff --git a/vulnerabilities/pipelines/alpine_linux_importer.py b/vulnerabilities/pipelines/alpine_linux_importer.py index d29f9bc9b..28736e507 100644 --- a/vulnerabilities/pipelines/alpine_linux_importer.py +++ b/vulnerabilities/pipelines/alpine_linux_importer.py @@ -254,7 +254,8 @@ def load_advisories( affected_packages.append( AffectedPackage( package=PackageURL( - type="alpine", + type="apk", + namespace="alpine", name=pkg_infos["name"], qualifiers=qualifiers, ), @@ -266,7 +267,8 @@ def load_advisories( affected_packages.append( AffectedPackage( package=PackageURL( - type="alpine", + type="apk", + namespace="alpine", name=pkg_infos["name"], qualifiers=qualifiers, ), diff --git a/vulnerabilities/tests/pipelines/test_alpine_linux_importer_pipeline.py b/vulnerabilities/tests/pipelines/test_alpine_linux_importer_pipeline.py index 386f239d8..49182b287 100644 --- a/vulnerabilities/tests/pipelines/test_alpine_linux_importer_pipeline.py +++ b/vulnerabilities/tests/pipelines/test_alpine_linux_importer_pipeline.py @@ -36,8 +36,8 @@ def test_process_record(): affected_packages=[ AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={ @@ -52,8 +52,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={"arch": "armhf", "distroversion": "v3.11", "reponame": "main"}, @@ -64,8 +64,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={"arch": "armv7", "distroversion": "v3.11", "reponame": "main"}, @@ -76,8 +76,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={ @@ -92,8 +92,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={"arch": "s390x", "distroversion": "v3.11", "reponame": "main"}, @@ -104,8 +104,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={"arch": "x86", "distroversion": "v3.11", "reponame": "main"}, @@ -116,8 +116,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={"arch": "x86_64", "distroversion": "v3.11", "reponame": "main"}, @@ -143,8 +143,8 @@ def test_process_record(): affected_packages=[ AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={ @@ -159,8 +159,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={"arch": "armhf", "distroversion": "v3.11", "reponame": "main"}, @@ -171,8 +171,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={"arch": "armv7", "distroversion": "v3.11", "reponame": "main"}, @@ -183,8 +183,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={ @@ -199,8 +199,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={"arch": "s390x", "distroversion": "v3.11", "reponame": "main"}, @@ -211,8 +211,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={"arch": "x86", "distroversion": "v3.11", "reponame": "main"}, @@ -223,8 +223,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="xen", version=None, qualifiers={"arch": "x86_64", "distroversion": "v3.11", "reponame": "main"}, @@ -250,8 +250,8 @@ def test_process_record(): affected_packages=[ AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={ @@ -266,8 +266,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={"arch": "armhf", "distroversion": "v3.11", "reponame": "main"}, @@ -278,8 +278,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={"arch": "armv7", "distroversion": "v3.11", "reponame": "main"}, @@ -290,8 +290,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={ @@ -306,8 +306,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={"arch": "s390x", "distroversion": "v3.11", "reponame": "main"}, @@ -318,8 +318,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={"arch": "x86", "distroversion": "v3.11", "reponame": "main"}, @@ -330,8 +330,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={"arch": "x86_64", "distroversion": "v3.11", "reponame": "main"}, @@ -351,8 +351,8 @@ def test_process_record(): affected_packages=[ AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={ @@ -367,8 +367,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={"arch": "armhf", "distroversion": "v3.11", "reponame": "main"}, @@ -379,8 +379,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={"arch": "armv7", "distroversion": "v3.11", "reponame": "main"}, @@ -391,8 +391,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={ @@ -407,8 +407,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={"arch": "s390x", "distroversion": "v3.11", "reponame": "main"}, @@ -419,8 +419,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={"arch": "x86", "distroversion": "v3.11", "reponame": "main"}, @@ -431,8 +431,8 @@ def test_process_record(): ), AffectedPackage( package=PackageURL( - type="alpine", - namespace=None, + type="apk", + namespace="alpine", name="apk-tools", version=None, qualifiers={"arch": "x86_64", "distroversion": "v3.11", "reponame": "main"}, diff --git a/vulnerabilities/tests/test_data/default_improver/alpine-expected.json b/vulnerabilities/tests/test_data/default_improver/alpine-expected.json index 5d8a84930..f9d3caf16 100644 --- a/vulnerabilities/tests/test_data/default_improver/alpine-expected.json +++ b/vulnerabilities/tests/test_data/default_improver/alpine-expected.json @@ -6,8 +6,8 @@ "summary": null, "affected_purls": [], "fixed_purl": { - "type": "alpine", - "namespace": "", + "type": "apk", + "namespace": "alpine", "name": "xen", "version": "4.10.0-r1", "qualifiers": "arch=aarch64&distroversion=v3.11&reponame=main", @@ -30,8 +30,8 @@ "summary": null, "affected_purls": [], "fixed_purl": { - "type": "alpine", - "namespace": "", + "type": "apk", + "namespace": "alpine", "name": "xen", "version": "4.10.0-r1", "qualifiers": "arch=armhf&distroversion=v3.11&reponame=main", @@ -54,8 +54,8 @@ "summary": null, "affected_purls": [], "fixed_purl": { - "type": "alpine", - "namespace": "", + "type": "apk", + "namespace": "alpine", "name": "xen", "version": "4.10.0-r1", "qualifiers": "arch=armv7&distroversion=v3.11&reponame=main", @@ -78,8 +78,8 @@ "summary": null, "affected_purls": [], "fixed_purl": { - "type": "alpine", - "namespace": "", + "type": "apk", + "namespace": "alpine", "name": "xen", "version": "4.10.0-r1", "qualifiers": "arch=ppc64le&distroversion=v3.11&reponame=main", @@ -102,8 +102,8 @@ "summary": null, "affected_purls": [], "fixed_purl": { - "type": "alpine", - "namespace": "", + "type": "apk", + "namespace": "alpine", "name": "xen", "version": "4.10.0-r1", "qualifiers": "arch=s390x&distroversion=v3.11&reponame=main", @@ -126,8 +126,8 @@ "summary": null, "affected_purls": [], "fixed_purl": { - "type": "alpine", - "namespace": "", + "type": "apk", + "namespace": "alpine", "name": "xen", "version": "4.10.0-r1", "qualifiers": "arch=x86&distroversion=v3.11&reponame=main", @@ -150,8 +150,8 @@ "summary": null, "affected_purls": [], "fixed_purl": { - "type": "alpine", - "namespace": "", + "type": "apk", + "namespace": "alpine", "name": "xen", "version": "4.10.0-r1", "qualifiers": "arch=x86_64&distroversion=v3.11&reponame=main", diff --git a/vulnerabilities/tests/test_data/default_improver/alpine-input.json b/vulnerabilities/tests/test_data/default_improver/alpine-input.json index 9ff37ecb8..f2143b32b 100644 --- a/vulnerabilities/tests/test_data/default_improver/alpine-input.json +++ b/vulnerabilities/tests/test_data/default_improver/alpine-input.json @@ -4,8 +4,8 @@ "affected_packages": [ { "package": { - "type": "alpine", - "namespace": null, + "type": "apk", + "namespace": "alpine", "name": "xen", "version": null, "qualifiers": { @@ -20,8 +20,8 @@ }, { "package": { - "type": "alpine", - "namespace": null, + "type": "apk", + "namespace": "alpine", "name": "xen", "version": null, "qualifiers": { @@ -36,8 +36,8 @@ }, { "package": { - "type": "alpine", - "namespace": null, + "type": "apk", + "namespace": "alpine", "name": "xen", "version": null, "qualifiers": { @@ -52,8 +52,8 @@ }, { "package": { - "type": "alpine", - "namespace": null, + "type": "apk", + "namespace": "alpine", "name": "xen", "version": null, "qualifiers": { @@ -68,8 +68,8 @@ }, { "package": { - "type": "alpine", - "namespace": null, + "type": "apk", + "namespace": "alpine", "name": "xen", "version": null, "qualifiers": { @@ -84,8 +84,8 @@ }, { "package": { - "type": "alpine", - "namespace": null, + "type": "apk", + "namespace": "alpine", "name": "xen", "version": null, "qualifiers": { @@ -100,8 +100,8 @@ }, { "package": { - "type": "alpine", - "namespace": null, + "type": "apk", + "namespace": "alpine", "name": "xen", "version": null, "qualifiers": { diff --git a/vulnerabilities/tests/test_models.py b/vulnerabilities/tests/test_models.py index 014754786..a5f8e251c 100644 --- a/vulnerabilities/tests/test_models.py +++ b/vulnerabilities/tests/test_models.py @@ -8,25 +8,17 @@ # import urllib.parse -from datetime import datetime from unittest import TestCase -from unittest import mock import pytest -from django.db import transaction -from django.db.models.query import QuerySet -from django.db.utils import IntegrityError -from freezegun import freeze_time from packageurl import PackageURL from univers import versions from univers.version_range import RANGE_CLASS_BY_SCHEMES -from univers.version_range import AlpineLinuxVersionRange from vulnerabilities import models from vulnerabilities.models import Alias from vulnerabilities.models import Package from vulnerabilities.models import Vulnerability -from vulnerabilities.models import VulnerabilityQuerySet class TestVulnerabilityModel(TestCase): @@ -397,7 +389,9 @@ def test_univers_version_class(self): pypi_package_version = RANGE_CLASS_BY_SCHEMES[pypi_package.type].version_class assert pypi_package_version == versions.PypiVersion - alpine_package = models.Package.objects.create(type="alpine", name="lxml", version="0.9") + alpine_package = models.Package.objects.create( + type="apk", namespace="alpine", name="lxml", version="0.9" + ) alpine_version = RANGE_CLASS_BY_SCHEMES[alpine_package.type].version_class assert alpine_version == versions.AlpineLinuxVersion diff --git a/vulnerabilities/tests/test_view.py b/vulnerabilities/tests/test_view.py index fd62e94a1..98a555294 100644 --- a/vulnerabilities/tests/test_view.py +++ b/vulnerabilities/tests/test_view.py @@ -16,7 +16,6 @@ from packageurl import PackageURL from univers import versions -from vulnerabilities import models from vulnerabilities.models import AffectedByPackageRelatedVulnerability from vulnerabilities.models import Alias from vulnerabilities.models import FixingPackageRelatedVulnerability @@ -249,8 +248,8 @@ class TestCustomFilters: "pkg%3Arpm/redhat/katello-client-bootstrap%401.1.0-2%3Farch%3Del6sat", ), ( - "pkg:alpine/nginx@1.10.3-r1?arch=armhf&distroversion=v3.5&reponame=main", - "pkg%3Aalpine/nginx%401.10.3-r1%3Farch%3Darmhf%26distroversion%3Dv3.5%26reponame%3Dmain", + "pkg:apk/alpine/nginx@1.10.3-r1?arch=armhf&distroversion=v3.5&reponame=main", + "pkg%3Aapk/alpine/nginx%401.10.3-r1%3Farch%3Darmhf%26distroversion%3Dv3.5%26reponame%3Dmain", ), ("pkg:nginx/nginx@0.9.0?os=windows", "pkg%3Anginx/nginx%400.9.0%3Fos%3Dwindows"), ( diff --git a/vulnerabilities/views.py b/vulnerabilities/views.py index fd57acea5..7d0911c64 100644 --- a/vulnerabilities/views.py +++ b/vulnerabilities/views.py @@ -54,7 +54,7 @@ def purl_sort_key(purl: models.Package): def get_purl_version_class(purl: models.Package): - RANGE_CLASS_BY_SCHEMES["alpine"] = AlpineLinuxVersionRange + RANGE_CLASS_BY_SCHEMES["apk"] = AlpineLinuxVersionRange purl_version_class = None check_version_class = RANGE_CLASS_BY_SCHEMES.get(purl.type, None) if check_version_class: