Skip to content

Commit

Permalink
Merge pull request #1654 from aboutcode-org/fix_api_error
Browse files Browse the repository at this point in the history
Fix API bug
  • Loading branch information
TG1999 authored Nov 15, 2024
2 parents bac2274 + fe4073f commit ef1df71
Show file tree
Hide file tree
Showing 6 changed files with 67 additions and 28 deletions.
6 changes: 4 additions & 2 deletions CHANGELOG.rst
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
Release notes
=============

Version (next)
-----------------------
Version v34.3.1
----------------

- HOTFIX: Fix API bug #1654


Version v34.3.0
Expand Down
2 changes: 1 addition & 1 deletion setup.cfg
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[metadata]
name = vulnerablecode
version = 34.3.0
version = 34.3.1
license = Apache-2.0 AND CC-BY-SA-4.0

# description must be on ONE line https://github.com/pypa/setuptools/issues/1390
Expand Down
2 changes: 1 addition & 1 deletion vulnerabilities/api.py
Original file line number Diff line number Diff line change
Expand Up @@ -323,7 +323,7 @@ def get_vulnerabilities_for_a_package(self, package, fix) -> dict:
otherwise return vulnerabilities fixed by the `package`.
"""
fixed_packages = self.get_fixed_packages(package=package)
if fix:
if not fix:
qs = package.affected_by_vulnerabilities.all()
else:
qs = package.fixing_vulnerabilities.all()
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# Generated by Django 4.2.16 on 2024-11-15 02:18

from django.db import migrations, models


class Migration(migrations.Migration):

dependencies = [
("vulnerabilities", "0079_alter_packagechangelog_software_version_and_more"),
]

operations = [
migrations.AlterField(
model_name="packagechangelog",
name="software_version",
field=models.CharField(
default="34.3.1",
help_text="Version of the software at the time of change",
max_length=100,
),
),
migrations.AlterField(
model_name="vulnerabilitychangelog",
name="software_version",
field=models.CharField(
default="34.3.1",
help_text="Version of the software at the time of change",
max_length=100,
),
),
]
52 changes: 29 additions & 23 deletions vulnerabilities/tests/test_api.py
Original file line number Diff line number Diff line change
Expand Up @@ -583,50 +583,56 @@ def test_api_with_lesser_and_greater_fixed_by_packages(self):
"next_non_vulnerable_version": "2.14.0-rc1",
"latest_non_vulnerable_version": "2.14.0-rc1",
"affected_by_vulnerabilities": [
{
"url": "http://testserver/api/vulnerabilities/{0}".format(self.vul3.id),
"vulnerability_id": "VCID-vul3-vul3-vul3",
"summary": "This is VCID-vul3-vul3-vul3",
"references": [],
"fixed_packages": [],
"aliases": ["CVE-2021-46877", "GHSA-3x8x-79m2-3w2w"],
"resource_url": "http://testserver/vulnerabilities/VCID-vul3-vul3-vul3",
}
],
"fixing_vulnerabilities": [
{
"url": "http://testserver/api/vulnerabilities/{0}".format(self.vul1.id),
"vulnerability_id": "VCID-vul1-vul1-vul1",
"summary": "This is VCID-vul1-vul1-vul1",
"references": [],
"fixed_packages": [
{
"url": "http://testserver/api/packages/{0}".format(
self.pkg_2_12_6_1.id
),
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.6.1",
"url": "http://testserver/api/packages/{0}".format(self.pkg_2_13_2.id),
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.2",
"is_vulnerable": True,
"affected_by_vulnerabilities": [
{"vulnerability": "VCID-vul2-vul2-vul2"}
],
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.6.1",
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.2",
}
],
"aliases": ["CVE-2020-36518", "GHSA-57j2-w4cx-62h2"],
"resource_url": "http://testserver/vulnerabilities/VCID-vul1-vul1-vul1",
}
],
"fixing_vulnerabilities": [
{
"url": "http://testserver/api/vulnerabilities/{0}".format(self.vul3.id),
"vulnerability_id": "VCID-vul3-vul3-vul3",
"summary": "This is VCID-vul3-vul3-vul3",
"references": [],
"fixed_packages": [
{
"url": "http://testserver/api/packages/{0}".format(self.pkg_2_12_6.id),
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.6",
"is_vulnerable": False,
"affected_by_vulnerabilities": [],
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.6",
},
{
"url": "http://testserver/api/packages/{0}".format(self.pkg_2_13_2.id),
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.2",
"url": "http://testserver/api/packages/{0}".format(self.pkg_2_13_1.id),
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.1",
"is_vulnerable": True,
"affected_by_vulnerabilities": [
{"vulnerability": "VCID-vul2-vul2-vul2"}
{"vulnerability": "VCID-vul1-vul1-vul1"}
],
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.2",
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.1",
},
],
"aliases": ["CVE-2020-36518", "GHSA-57j2-w4cx-62h2"],
"resource_url": "http://testserver/vulnerabilities/VCID-vul1-vul1-vul1",
"aliases": ["CVE-2021-46877", "GHSA-3x8x-79m2-3w2w"],
"resource_url": "http://testserver/vulnerabilities/VCID-vul3-vul3-vul3",
}
],
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.1",
"risk_score": None,
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.1",
}

assert response == expected
Expand Down
2 changes: 1 addition & 1 deletion vulnerablecode/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
import warnings
from pathlib import Path

__version__ = "34.3.0"
__version__ = "34.3.1"


def command_line():
Expand Down

0 comments on commit ef1df71

Please sign in to comment.