From 4a2151a9fba1db806086e630a5f556b1773438f4 Mon Sep 17 00:00:00 2001
From: Keshav Priyadarshi <git@keshav.space>
Date: Tue, 8 Oct 2024 23:16:38 +0530
Subject: [PATCH 1/3] Bump fetchcode to v0.6.0

Signed-off-by: Keshav Priyadarshi <git@keshav.space>
---
 requirements.txt | 2 +-
 setup.cfg        | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 7cebc77ef..94bf8f0df 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -39,7 +39,7 @@ docutils==0.17.1
 drf-spectacular==0.24.2
 drf-spectacular-sidecar==2022.10.1
 executing==0.8.3
-fetchcode==0.3.0
+fetchcode==0.6.0
 freezegun==1.2.1
 frozenlist==1.3.0
 gitdb==4.0.9
diff --git a/setup.cfg b/setup.cfg
index a2fae91ec..596dc5901 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -90,7 +90,7 @@ install_requires =
     # networking
     GitPython>=3.1.17
     requests>=2.25.1
-    fetchcode>=0.3.0
+    fetchcode>=0.6.0
 
     #pipeline
     aboutcode.pipeline>=0.1.0

From 46ace78cfd662eea714cebdbcb7a043fc629d309 Mon Sep 17 00:00:00 2001
From: Keshav Priyadarshi <git@keshav.space>
Date: Tue, 8 Oct 2024 23:44:40 +0530
Subject: [PATCH 2/3] Update GitHub importer test fixture

Signed-off-by: Keshav Priyadarshi <git@keshav.space>
---
 vulnerabilities/improvers/valid_versions.py              | 1 +
 .../tests/pipelines/test_github_importer_pipeline.py     | 9 +++++++++
 .../tests/pipelines/test_nginx_importer_pipeline.py      | 2 +-
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/vulnerabilities/improvers/valid_versions.py b/vulnerabilities/improvers/valid_versions.py
index 5d1e087ec..0940661b3 100644
--- a/vulnerabilities/improvers/valid_versions.py
+++ b/vulnerabilities/improvers/valid_versions.py
@@ -433,6 +433,7 @@ class GitHubBasicImprover(ValidVersionImprover):
             "3.0.0b3-",
             "3.0b6dev-r41684",
             "-class.-jw.util.version.Version-",
+            "vulnerabilities",
         ]
     )
 
diff --git a/vulnerabilities/tests/pipelines/test_github_importer_pipeline.py b/vulnerabilities/tests/pipelines/test_github_importer_pipeline.py
index d46e3ef19..29e869381 100644
--- a/vulnerabilities/tests/pipelines/test_github_importer_pipeline.py
+++ b/vulnerabilities/tests/pipelines/test_github_importer_pipeline.py
@@ -303,6 +303,13 @@ def test_get_package_versions(mock_response):
 
     improver = GitHubBasicImprover()
     valid_versions = [
+        "1.0.1",
+        "1.0.2",
+        "1.0.3",
+        "1.0.4",
+        "1.1",
+        "1.1.1",
+        "1.1.2",
         "1.1.3",
         "1.1.4",
         "1.10",
@@ -317,7 +324,9 @@ def test_get_package_versions(mock_response):
         "1.10a1",
         "1.10b1",
         "1.10rc1",
+        "vulnerabilities",
     ]
+
     result = sorted(
         improver.get_package_versions(package_url=PackageURL(type="pypi", name="django"))
     )
diff --git a/vulnerabilities/tests/pipelines/test_nginx_importer_pipeline.py b/vulnerabilities/tests/pipelines/test_nginx_importer_pipeline.py
index 8a71a11fd..c4bce99a6 100644
--- a/vulnerabilities/tests/pipelines/test_nginx_importer_pipeline.py
+++ b/vulnerabilities/tests/pipelines/test_nginx_importer_pipeline.py
@@ -195,7 +195,7 @@ def interesting_advisories(self) -> QuerySet:
         )
         assert interesting_advisories == advisories
 
-    @mock.patch("fetchcode.package_versions.github_response")
+    @mock.patch("fetchcode.utils.github_response")
     def test_NginxBasicImprover_fetch_nginx_version_from_git_tags(self, mock_fetcher):
         reponse_files = [
             "github-nginx-nginx-0.json",

From 37c6c7e69f71535dcaf8d8b9bbce98eb9fc062d9 Mon Sep 17 00:00:00 2001
From: Keshav Priyadarshi <git@keshav.space>
Date: Tue, 8 Oct 2024 23:46:37 +0530
Subject: [PATCH 3/3] Use updated github_response API in VulnTotal

Signed-off-by: Keshav Priyadarshi <git@keshav.space>
---
 vulntotal/datasources/github.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vulntotal/datasources/github.py b/vulntotal/datasources/github.py
index 154a31fe6..57293f3cb 100644
--- a/vulntotal/datasources/github.py
+++ b/vulntotal/datasources/github.py
@@ -11,7 +11,7 @@
 from typing import Iterable
 
 from dotenv import load_dotenv
-from fetchcode.package_versions import github_response
+from fetchcode.utils import github_response
 from packageurl import PackageURL
 
 from vulntotal.validator import DataSource