Use optimized queryset in risk pipeline

- Prefetch related vulnerability, severities, references, and exploits for better performance Signed-off-by: Keshav Priyadarshi <git@keshav.space>
aboutcode-org · Nov 11, 2024 · 84a3a93 · 84a3a93
1 parent 93cba92
commit 84a3a93
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/vulnerabilities/pipelines/compute_package_risk.py b/vulnerabilities/pipelines/compute_package_risk.py
@@ -29,8 +29,13 @@ def steps(cls):
         return (cls.add_package_risk_score,)
 
     def add_package_risk_score(self):
-        affected_packages = Package.objects.filter(
-            affected_by_vulnerabilities__isnull=False
+        affected_packages = (
+            Package.objects.filter(affected_by_vulnerabilities__isnull=False).prefetch_related(
+                "affectedbypackagerelatedvulnerability_set__vulnerability",
+                "affectedbypackagerelatedvulnerability_set__vulnerability__references",
+                "affectedbypackagerelatedvulnerability_set__vulnerability__severities",
+                "affectedbypackagerelatedvulnerability_set__vulnerability__exploits",
+            )
         ).distinct()
 
         self.log(f"Calculating risk for {affected_packages.count():,d} affected package records")