Skip to content

Change architecture to import and marking advisories as usable #2287

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
TG1999 wants to merge 38 commits into
base: main
Choose a base branch
from
Open

Change architecture to import and marking advisories as usable #2287

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
1b9b3cf
Mark advisories as unfurled
TG1999 Jun 1, 2026
87b6eeb
Fix qs
TG1999 Jun 1, 2026
6b58173
Fix migration order
TG1999 Jun 1, 2026
d54a3cb
Only use latest impacts for checking pending unfurls
TG1999 Jun 1, 2026
ef611b2
Make search fast
TG1999 Jun 1, 2026
124f010
mark unfurl should be a step in unfurling version range pipeline
TG1999 Jun 2, 2026
3644b8b
Fix risk score pipeline
TG1999 Jun 2, 2026
8923705
Revert search code
TG1999 Jun 3, 2026
8ef2092
Refine search
TG1999 Jun 3, 2026
2061d0d
Fix views
TG1999 Jun 3, 2026
a74589b
Use latest advisories for impacts
TG1999 Jun 3, 2026
39b28fb
Fix tests
TG1999 Jun 3, 2026
ede5c36
Fix migration order
TG1999 Jun 3, 2026
5404bd1
Fix migration order
TG1999 Jun 3, 2026
be805ba
Change impacted package qs
TG1999 Jun 3, 2026
8d6f17b
Mark empty or null vers as unfurled
TG1999 Jun 4, 2026
9fba5a8
Fix tests
TG1999 Jun 4, 2026
a0299d2
Allow V1 pipelines
TG1999 Jun 4, 2026
532efd1
Compute ToDos for unfurled advisories only
TG1999 Jun 4, 2026
7eae034
Fix advisory todo tests
TG1999 Jun 4, 2026
f761a78
Add separate pipeline for marking unfurls
TG1999 Jun 4, 2026
4f035d7
Filter packages that do not have unfurled advisories
TG1999 Jun 4, 2026
4b32b91
Fix bug in SSVC tree pipeline
TG1999 Jun 4, 2026
c4f516c
Fix typos
TG1999 Jun 4, 2026
35d0776
Make marking pipeline efficient
TG1999 Jun 4, 2026
777f248
Add indexes for fast queries
TG1999 Jun 5, 2026
173b114
Fix formatting issues
TG1999 Jun 5, 2026
572db25
Try to improve speed for marking unfurl
TG1999 Jun 5, 2026
9cfdd83
Fix CI tests
TG1999 Jun 5, 2026
0b965cd
Enhance grouping algo
TG1999 Jun 7, 2026
1cb8890
Remove filtering for checking impacts
TG1999 Jun 8, 2026
a0c0e33
Use queries for SSVC
TG1999 Jun 8, 2026
d234918
Improve API speed
TG1999 Jun 8, 2026
85413c1
Optimize V3 API
TG1999 Jun 8, 2026
38c4c06
Increase advisories batch size
TG1999 Jun 8, 2026
bfd9eb6
Take small batch sizes to free the transaction quicker
TG1999 Jun 8, 2026
3c15415
Bulk load advisories for grouping
TG1999 Jun 8, 2026
0c1d074
Use bulk loader path only for advisories
TG1999 Jun 8, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion CHANGELOG.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,12 @@ next release
---------------------

- WARNING: Vulnerablecode V1 API and UI has stopped supporting Ubuntu OVAL advisories, please shift to V3 API for new Ubuntu advisories.
- Add attribute ``pipeline_id`` to AdvisoryV2 to track the pipeline that created the advisory, also rename existing ``datasource_id`` and AVIDs.
- WARNING: We will deprecate improver pipelines for calculating package version rank and grouping advisories for packages.
- Add attribute ``pipeline_id`` to AdvisoryV2 to track the pipeline that created the advisory, also rename existing ``datasource_id`` and AVIDs.
- We will group advisories for packages and calculate package risk score and advisory risk score only when an advisory is completely unfurled,
this will improve consistency of the data. In future if we change our grouping approach we have to make a migration to mark all advisories
as not unfurled, so they can be goruped again with the new algo.


Version v38.6.0
---------------------
Expand Down
Loading
Loading