Ingest Rust data through Github api (#1427)

* Modify github importer to ingest rust data Signed-off-by: Shenoy <[email protected]> * Add test data Signed-off-by: Shenoy <[email protected]> --------- Signed-off-by: Shenoy <[email protected]> Co-authored-by: Tushar Goel <[email protected]>
aboutcode-org · Jul 22, 2024 · d7b66fb · d7b66fb
1 parent 7e2a70a
commit d7b66fb
Show file tree

Hide file tree

Showing 4 changed files with 9,703 additions and 3 deletions.
diff --git a/vulnerabilities/importers/github.py b/vulnerabilities/importers/github.py
@@ -37,6 +37,7 @@
     "PIP": "pypi",
     "RUBYGEMS": "gem",
     "NPM": "npm",
+    "RUST": "cargo",
     # "GO": "golang",
 }
 
@@ -47,7 +48,7 @@
 # TODO: We will try to gather more info from GH API
 # Check https://github.com/nexB/vulnerablecode/issues/1039#issuecomment-1366458885
 # Check https://github.com/nexB/vulnerablecode/issues/645
-# set of all possible values of first '%s' = {'MAVEN','COMPOSER', 'NUGET', 'RUBYGEMS', 'PYPI', 'NPM'}
+# set of all possible values of first '%s' = {'MAVEN','COMPOSER', 'NUGET', 'RUBYGEMS', 'PYPI', 'NPM', 'RUST'}
 # second '%s' is interesting, it will have the value '' for the first request,
 GRAPHQL_QUERY_TEMPLATE = """
 query{
@@ -139,7 +140,7 @@ def get_purl(pkg_type: str, github_name: str) -> Optional[PackageURL]:
         vendor, _, name = github_name.partition("/")
         return PackageURL(type=pkg_type, namespace=vendor, name=name)
 
-    if pkg_type in ("nuget", "pypi", "gem", "golang", "npm"):
+    if pkg_type in ("nuget", "pypi", "gem", "golang", "npm", "cargo"):
         return PackageURL(type=pkg_type, name=github_name)
 
     logger.error(f"get_purl: Unknown package type {pkg_type}")