-
Notifications
You must be signed in to change notification settings - Fork 198
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add fixed packages in vulnerabilities details in packages endpoint. #831
Add fixed packages in vulnerabilities details in packages endpoint. #831
Conversation
656708a
to
e20221d
Compare
e20221d
to
a029347
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks like you have included changes completely unrelated to the goal of this PR:
- Pagination
- Ordering
vulnerabilities/api.py
Outdated
serializer_class = PackageSerializer | ||
paginate_by = 50 | ||
pagination.PageNumberPagination.page_size = 10 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems very wrong plus it's unrelated to this PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not ideal to combine multiple un-merged and un-related branches for the code review process.
9de782b
to
bca4ad0
Compare
vulnerabilities/api.py
Outdated
fixed_packages = self.get_fixed_packages(package=package) | ||
qs = package.vulnerabilities.filter(packagerelatedvulnerability__fix=False) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a bit confusing, packagerelatedvulnerability__fix
is used with True in get_fixed_packages
then overridden with False here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This qs is to get those vulnerabilities on the package that affects this that' why packagerelatedvulnerability__fix
is set to False, whereas get_fixed_packages
sends all the packages that matches name, namespace, type, qualifiers of that package and also fixes the vulnerability that's why it is set to True
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I get that, the confusing part is your approach of reusing the same base qs and overriding an existing lookup.
bca4ad0
to
1909039
Compare
1909039
to
bf235bb
Compare
bf235bb
to
b3140dc
Compare
…-org#809 Reference: aboutcode-org#809 Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
b3140dc
to
050d580
Compare
No description provided.