From c26b52d45b115e83edae8cdc8bacc789b2f90391 Mon Sep 17 00:00:00 2001
From: bidaya0 <xianzelin@huoxian.cn>
Date: Wed, 14 Jun 2023 11:53:34 +0800
Subject: [PATCH 1/2] fix: scan utils typing check.

---
 .gitignore                                  |  1 +
 dongtai_web/dongtai_sca/common/dataclass.py | 20 ++++++++++----------
 dongtai_web/dongtai_sca/scan/utils.py       |  9 +++++++--
 3 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/.gitignore b/.gitignore
index 9f192d7a4..acaeb7100 100644
--- a/.gitignore
+++ b/.gitignore
@@ -32,3 +32,4 @@ celerybeat.pid
 *.mo
 *.o
 *.c
+*.prof
diff --git a/dongtai_web/dongtai_sca/common/dataclass.py b/dongtai_web/dongtai_sca/common/dataclass.py
index 226010052..21356765e 100644
--- a/dongtai_web/dongtai_sca/common/dataclass.py
+++ b/dongtai_web/dongtai_sca/common/dataclass.py
@@ -1,12 +1,12 @@
 from typing import Tuple
 from typing import Any
-from typing import Optional
+from typing import Optional, Union
 from dataclasses import dataclass, field
 from dataclasses_json import dataclass_json, config
 from datetime import datetime
 from dateutil.parser import parse
 
-# those Tuple[str] = () is not working
+# those Union[Tuple[str], Tuple[()]] = () is not working
 # Since https://github.com/lidatong/dataclasses-json/pull/409
 # Be careful with potentially nullable types when using them temporarily.
 
@@ -21,8 +21,8 @@ class Reference:
 @dataclass_json
 @dataclass
 class VulCodes:
-    CVE: Tuple[str] = ()
-    GHSA: Tuple[str] = ()
+    CVE: Union[Tuple[str], Tuple[()]] = ()
+    GHSA: Union[Tuple[str], Tuple[()]] = ()
 
 
 @dataclass_json
@@ -30,7 +30,7 @@ class VulCodes:
 class VulInfo:
     vul_id: str = ""
     cvss_v3: str = ""
-    cwe: Tuple[str] = ()
+    cwe: Union[Tuple[str], Tuple[()]] = ()
     title: str = ""
     description: str = ""
     references: Tuple[Reference] = ()
@@ -56,16 +56,16 @@ class VulInfo:
 class Vul:
     vul_info: VulInfo
     vul_codes: VulCodes
-    affected_versions: Tuple[str] = ()
-    unaffected_versions: Tuple[str] = ()
+    affected_versions: Union[Tuple[str], Tuple[()]] = ()
+    unaffected_versions: Union[Tuple[str], Tuple[()]] = ()
 
 
 @dataclass_json
 @dataclass
 class PackageVulData:
     vuls: Tuple[Vul] = ()
-    affected_versions: Tuple[str] = ()
-    unaffected_versions: Tuple[str] = ()
+    affected_versions: Union[Tuple[str], Tuple[()]] = ()
+    unaffected_versions: Union[Tuple[str], Tuple[()]] = ()
 
 
 @dataclass_json
@@ -77,7 +77,7 @@ class PackageInfo:
     version: str
     hash: str
     version_publish_time: str = ""
-    license: Tuple[str] = ()
+    license: Union[Tuple[str], Tuple[()]] = ()
 
 
 @dataclass_json
diff --git a/dongtai_web/dongtai_sca/scan/utils.py b/dongtai_web/dongtai_sca/scan/utils.py
index 8ce63f53f..291530e54 100644
--- a/dongtai_web/dongtai_sca/scan/utils.py
+++ b/dongtai_web/dongtai_sca/scan/utils.py
@@ -1070,6 +1070,11 @@ def new_update_one_sca(agent_id,
     )
     from dongtai_common.models.assetv2 import AssetV2, AssetV2Global, IastAssetLicense, IastPackageGAInfo
     agent = IastAgent.objects.filter(id=agent_id).first()
+    if not agent:
+        logger.info(
+            f'SCA检测找不到对应Agent [{agent_id} {package_path} {package_signature} {package_name} {package_algorithm} {package_version}]'
+        )
+        return 
     if not package_signature:
         package_signature = sha_1(package_signature)
     if agent.language == "JAVA":
@@ -1094,7 +1099,7 @@ def new_update_one_sca(agent_id,
             aql=aql,
             defaults={
                 "signature_algorithm": "SHA-1",
-                "language_id": get_language_id(agent.language),
+                "language_id": get_language_id(agent.language if agent.language else 'JAVA'),
                 "package_fullname": obj,
                 "package_name": package.name,
                 "signature_value": package.hash,
@@ -1279,7 +1284,7 @@ def stat_severity_v2(vul_infos: List[VulInfo]) -> dict:
     for key in ("critical", "high", "medium", "low", "info"):
         if key not in res:
             res[key] = 0
-    return dict(level=get_asset_level(res),
+    return dict(level=get_asset_level(dict(res)),
                 vul_count=sum(res.values()),
                 **{f"vul_{k}_count": v
                    for k, v in res.items()})

From 8e97e53ec3ba532a2e7c7398fb2d53afab56e872 Mon Sep 17 00:00:00 2001
From: bidaya0 <xianzelin@huoxian.cn>
Date: Wed, 14 Jun 2023 12:08:10 +0800
Subject: [PATCH 2/2] fix: scan utils typing check.

---
 dongtai_web/dongtai_sca/scan/utils.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dongtai_web/dongtai_sca/scan/utils.py b/dongtai_web/dongtai_sca/scan/utils.py
index 291530e54..159e36e7e 100644
--- a/dongtai_web/dongtai_sca/scan/utils.py
+++ b/dongtai_web/dongtai_sca/scan/utils.py
@@ -1074,7 +1074,7 @@ def new_update_one_sca(agent_id,
         logger.info(
             f'SCA检测找不到对应Agent [{agent_id} {package_path} {package_signature} {package_name} {package_algorithm} {package_version}]'
         )
-        return 
+        return
     if not package_signature:
         package_signature = sha_1(package_signature)
     if agent.language == "JAVA":