add alpine-linux importer to importer registry

Signed-off-by: Tushar Goel <[email protected]>

vulnerabilities/importers/__init__.py

@@ -20,7 +20,8 @@
 #  VulnerableCode is a free software code scanning tool from nexB Inc. and others.
 #  Visit https://github.com/nexB/vulnerablecode/ for support and download.
 from vulnerabilities.importers import nginx
+from vulnerabilities.importers import alpine_linux
 
-IMPORTERS_REGISTRY = [nginx.NginxImporter]
+IMPORTERS_REGISTRY = [nginx.NginxImporter, alpine_linux.AlpineImporter]
 
 IMPORTERS_REGISTRY = {x.qualified_name: x for x in IMPORTERS_REGISTRY}

vulnerabilities/importers/alpine_linux.py

@@ -20,20 +20,19 @@
 #  for any legal advice.
 #  VulnerableCode is a free software code scanning tool from nexB Inc. and others.
 #  Visit https://github.com/nexB/vulnerablecode/ for support and download.
-from typing import Any, Iterable
+from typing import Any
+from typing import Iterable
 from typing import List
 from typing import Mapping
 
 import requests
 import saneyaml
 from bs4 import BeautifulSoup
 
-from vulnerabilities.importer import AdvisoryData
+from vulnerabilities.helpers import is_cve
+from vulnerabilities.importer import AdvisoryData 
 from vulnerabilities.importer import Importer
 from vulnerabilities.importer import Reference
-from vulnerabilities.helpers import is_cve
-
-BASE_URL = "https://secdb.alpinelinux.org/"
 
 
 class AlpineImporter(Importer):
@@ -44,6 +43,7 @@ def advisory_data(self) -> Iterable[AdvisoryData]:
 
 
 def fetch_advisory_links():
+    BASE_URL = "https://secdb.alpinelinux.org/"
     index_page = BeautifulSoup(requests.get(BASE_URL).content, features="lxml")
 
     alpine_versions = [
@@ -52,34 +52,43 @@ def fetch_advisory_links():
 
     advisory_directory_links = [f"{BASE_URL}{version}" for version in alpine_versions]
 
+    advisory_links = []
     for advisory_directory_link in advisory_directory_links:
         advisory_directory_page = requests.get(advisory_directory_link).content
         advisory_directory_page = BeautifulSoup(
             advisory_directory_page, features="lxml"
         )
-        yield [
-            f"{advisory_directory_link}{anchore_tag.text}"
-            for anchore_tag in advisory_directory_page.find_all("a")
-            if anchore_tag.text.endswith("yaml")
-        ]
+        advisory_links.extend(
+            [
+                f"{advisory_directory_link}{anchore_tag.text}"
+                for anchore_tag in advisory_directory_page.find_all("a")
+                if anchore_tag.text.endswith("yaml")
+            ]
+        )
+
+    return advisory_links
 
 
-def process_link(link) -> List[AdvisoryData]:
+def process_link(link) -> Iterable[Iterable[AdvisoryData]]:
     yaml_response = requests.get(link).content
     record = saneyaml.load(yaml_response)
+    advisories: List[AdvisoryData] = []
 
     if record["packages"] is None:
-        return []
+        return advisories
 
     for package in record["packages"]:
-        yield load_advisories(
-            package["pkg"],
+        advisories.extend(
+            load_advisories(
+                package["pkg"],
+            )
         )
+    return advisories
 
 
 def load_advisories(
     pkg_infos: Mapping[str, Any],
-) -> List[AdvisoryData]:
+) -> Iterable[AdvisoryData]:
 
     assert isinstance(pkg_infos["secfixes"], Mapping[str, List])