From b82fdc4bfc6eb6b6f1cbaa1218a8383fb3a8e6c2 Mon Sep 17 00:00:00 2001 From: Tushar Goel Date: Mon, 5 Sep 2022 18:14:06 +0530 Subject: [PATCH] Migrate from VULCOID to VCID #811 Use uuid instead of base36 Reference: https://github.com/nexB/vulnerablecode/issues/811 Signed-off-by: Tushar Goel --- ...20_alter_vulnerability_vulnerability_id.py | 20 ++++++++++++++++++ .../migrations/0021_vcid_migration.py | 21 +++++++++++++++++++ vulnerabilities/models.py | 16 +++++++------- vulnerabilities/templates/index.html | 8 +++---- .../templates/vulnerabilities.html | 8 +++---- vulnerabilities/templates/vulnerability.html | 8 +++---- vulnerabilities/tests/test_fix_api.py | 14 ++++++------- 7 files changed, 67 insertions(+), 28 deletions(-) create mode 100644 vulnerabilities/migrations/0020_alter_vulnerability_vulnerability_id.py create mode 100644 vulnerabilities/migrations/0021_vcid_migration.py diff --git a/vulnerabilities/migrations/0020_alter_vulnerability_vulnerability_id.py b/vulnerabilities/migrations/0020_alter_vulnerability_vulnerability_id.py new file mode 100644 index 000000000..d62da9ba6 --- /dev/null +++ b/vulnerabilities/migrations/0020_alter_vulnerability_vulnerability_id.py @@ -0,0 +1,20 @@ +# Generated by Django 4.0.4 on 2022-09-05 11:40 + +from django.db import migrations +from django.db import models +import vulnerabilities.models + + +class Migration(migrations.Migration): + + dependencies = [ + ('vulnerabilities', '0019_alter_vulnerabilityreference_options'), + ] + + operations = [ + migrations.AlterField( + model_name='vulnerability', + name='vulnerability_id', + field=models.CharField(blank=True, default=vulnerabilities.models.get_vcid, help_text='Unique identifier for a vulnerability in the external representation. It is prefixed with VCID-', max_length=45, unique=True), + ), + ] diff --git a/vulnerabilities/migrations/0021_vcid_migration.py b/vulnerabilities/migrations/0021_vcid_migration.py new file mode 100644 index 000000000..715001e04 --- /dev/null +++ b/vulnerabilities/migrations/0021_vcid_migration.py @@ -0,0 +1,21 @@ +from django.db import migrations +from django.db.models import Q + +from vulnerabilities.models import get_vcid + + +class Migration(migrations.Migration): + + dependencies = [ + ('vulnerabilities', '0020_alter_vulnerability_vulnerability_id'), + ] + + def save_vulnerability_id(apps, schema_editor): + Vulnerabilities = apps.get_model("vulnerabilities", "Vulnerability") + for vulnerability in Vulnerabilities.objects.filter(~Q(vulnerability_id__startswith="VCID-")): + vulnerability.vulnerability_id = get_vcid() + vulnerability.save() + + operations = [ + migrations.RunPython(save_vulnerability_id, migrations.RunPython.noop) + ] diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py index 457391fae..6c04751c8 100644 --- a/vulnerabilities/models.py +++ b/vulnerabilities/models.py @@ -18,7 +18,6 @@ from django.core.validators import MinValueValidator from django.db import models from django.dispatch import receiver -from django.utils.http import int_to_base36 from packageurl import PackageURL from packageurl.contrib.django.models import PackageURLMixin from rest_framework.authtoken.models import Token @@ -32,6 +31,10 @@ logger = logging.getLogger(__name__) +def get_vcid(): + return f"VCID-{uuid.uuid4()}" + + class Vulnerability(models.Model): """ A software vulnerability with minimal information. Unique identifiers are @@ -41,9 +44,10 @@ class Vulnerability(models.Model): vulnerability_id = models.CharField( unique=True, blank=True, - max_length=20, + max_length=45, + default=get_vcid, help_text="Unique identifier for a vulnerability in the external representation. " - "It is prefixed with VULCOID-", + "It is prefixed with VCID-", ) summary = models.TextField( @@ -59,12 +63,6 @@ class Vulnerability(models.Model): through="PackageRelatedVulnerability", ) - def save(self, *args, **kwargs): - super().save(*args, **kwargs) - if not self.vulnerability_id: - self.vulnerability_id = f"VULCOID-{int_to_base36(self.id).upper()}" - super().save(update_fields=["vulnerability_id"]) - @property def vulnerable_to(self): """ diff --git a/vulnerabilities/templates/index.html b/vulnerabilities/templates/index.html index dbe122ebb..ee67279d3 100644 --- a/vulnerabilities/templates/index.html +++ b/vulnerabilities/templates/index.html @@ -84,16 +84,16 @@