Skip to content

Export incremental updates on subsequent runs of FederatedCode pipeline #2183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
keshav-space wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Export incremental updates on subsequent runs of FederatedCode pipeline #2183

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
cf77530
Auto add date_collected in v2 advisory
keshav-space Feb 19, 2026
611867e
Add through model to track creation date of impact package relation
keshav-space Feb 19, 2026
3a1b3da
Use new through model to bulk create package impact relation
keshav-space Feb 19, 2026
5fc2008
Export incremental updates on subsequent runs
keshav-space Feb 23, 2026
a67ffd2
Move export serializers to the pipes module
keshav-space Feb 23, 2026
b9b8074
Include package commit patches in impact exports
keshav-space Feb 23, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
107 changes: 107 additions & 0 deletions vulnerabilities/migrations/0115_impactedpackageaffecting_and_more.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
# Generated by Django 5.2.11 on 2026-02-19 11:12

import django.db.models.deletion
from django.db import migrations, models


class Migration(migrations.Migration):

dependencies = [
("vulnerabilities", "0114_advisoryv2_related_advisory_severities"),
]

operations = [
migrations.RemoveField(
model_name="impactedpackage",
name="affecting_packages",
),
migrations.RemoveField(
model_name="impactedpackage",
name="fixed_by_packages",
),
migrations.AlterField(
model_name="advisoryv2",
name="date_collected",
field=models.DateTimeField(
auto_now_add=True,
db_index=True,
help_text="UTC Date on which the advisory was collected",
),
),
migrations.CreateModel(
name="ImpactedPackageAffecting",
fields=[
(
"id",
models.AutoField(
auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
),
),
("created_at", models.DateTimeField(auto_now_add=True, db_index=True)),
(
"impacted_package",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
to="vulnerabilities.impactedpackage",
),
),
(
"package",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE, to="vulnerabilities.packagev2"
),
),
],
options={
"unique_together": {("impacted_package", "package")},
},
),
migrations.AddField(
model_name="impactedpackage",
name="affecting_packages",
field=models.ManyToManyField(
help_text="Packages vulnerable to this impact.",
related_name="affected_in_impacts",
through="vulnerabilities.ImpactedPackageAffecting",
to="vulnerabilities.packagev2",
),
),
migrations.CreateModel(
name="ImpactedPackageFixedBy",
fields=[
(
"id",
models.AutoField(
auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
),
),
("created_at", models.DateTimeField(auto_now_add=True, db_index=True)),
(
"impacted_package",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
to="vulnerabilities.impactedpackage",
),
),
(
"package",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE, to="vulnerabilities.packagev2"
),
),
],
options={
"unique_together": {("impacted_package", "package")},
},
),
migrations.AddField(
model_name="impactedpackage",
name="fixed_by_packages",
field=models.ManyToManyField(
help_text="Packages fixing the vulnerable packages in this impact.",
related_name="fixed_in_impacts",
through="vulnerabilities.ImpactedPackageFixedBy",
to="vulnerabilities.packagev2",
),
),
]
52 changes: 49 additions & 3 deletions vulnerabilities/models.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2961,9 +2961,15 @@ class AdvisoryV2(models.Model):
)

date_published = models.DateTimeField(
blank=True, null=True, help_text="UTC Date of publication of the advisory"
blank=True,
null=True,
help_text="UTC Date of publication of the advisory",
)
date_collected = models.DateTimeField(
auto_now_add=True,
db_index=True,
help_text="UTC Date on which the advisory was collected",
)
date_collected = models.DateTimeField(help_text="UTC Date on which the advisory was collected")

original_advisory_text = models.TextField(
blank=True,
Expand Down Expand Up @@ -3137,13 +3143,15 @@ class ImpactedPackage(models.Model):
affecting_packages = models.ManyToManyField(
"PackageV2",
related_name="affected_in_impacts",
through="ImpactedPackageAffecting",
help_text="Packages vulnerable to this impact.",
)

fixed_by_packages = models.ManyToManyField(
"PackageV2",
related_name="fixed_in_impacts",
help_text="Packages vulnerable to this impact.",
through="ImpactedPackageFixedBy",
help_text="Packages fixing the vulnerable packages in this impact.",
)

introduced_by_package_commit_patches = models.ManyToManyField(
Expand Down Expand Up @@ -3491,6 +3499,44 @@ def current_version(self):
return self.version_class(self.version)


class ImpactedPackageAffecting(models.Model):
impacted_package = models.ForeignKey(
ImpactedPackage,
on_delete=models.CASCADE,
)
package = models.ForeignKey(
PackageV2,
on_delete=models.CASCADE,
)

created_at = models.DateTimeField(
auto_now_add=True,
db_index=True,
)

class Meta:
unique_together = ("impacted_package", "package")


class ImpactedPackageFixedBy(models.Model):
impacted_package = models.ForeignKey(
ImpactedPackage,
on_delete=models.CASCADE,
)
package = models.ForeignKey(
PackageV2,
on_delete=models.CASCADE,
)

created_at = models.DateTimeField(
auto_now_add=True,
db_index=True,
)

class Meta:
unique_together = ("impacted_package", "package")


class AdvisoryExploit(models.Model):
"""
A vulnerability exploit is code used to
Expand Down
Loading
Loading