MCPcopy Create free account
hub / github.com/aboutcode-org/vulnerablecode / PackageSerializer

Class PackageSerializer

vulnerabilities/api.py:302–412  ·  view source on GitHub ↗

Lookup software package using Package URLs

Source from the content-addressed store, hash-verified

300
301
302class PackageSerializer(BaseResourceSerializer):
303 """
304 Lookup software package using Package URLs
305 """
306
307 next_non_vulnerable_version = serializers.CharField(read_only=True)
308 latest_non_vulnerable_version = serializers.CharField(read_only=True)
309
310 purl = serializers.CharField(source="package_url")
311
312 affected_by_vulnerabilities = serializers.SerializerMethodField("get_affected_vulnerabilities")
313
314 fixing_vulnerabilities = serializers.SerializerMethodField("get_fixing_vulnerabilities")
315
316 qualifiers = serializers.SerializerMethodField()
317
318 is_vulnerable = serializers.BooleanField()
319
320 def get_qualifiers(self, package):
321 return normalize_qualifiers(package.qualifiers, encode=False)
322
323 def get_fixed_packages(self, package):
324 """
325 Return a queryset of all packages that fix a vulnerability with
326 same type, namespace, name, subpath and qualifiers of the `package`
327 """
328 return (
329 Package.objects.filter(
330 name=package.name,
331 namespace=package.namespace,
332 type=package.type,
333 qualifiers=package.qualifiers,
334 subpath=package.subpath,
335 fixingpackagerelatedvulnerability__isnull=False,
336 )
337 .with_is_vulnerable()
338 .distinct()
339 )
340
341 def get_vulnerabilities_for_a_package(self, package, fix) -> dict:
342 """
343 Return a mapping of vulnerabilities data related to the given `package`.
344 Return vulnerabilities that affect the `package` if given `fix` flag is False,
345 otherwise return vulnerabilities fixed by the `package`.
346 """
347 fixed_packages = self.get_fixed_packages(package=package)
348 if not fix:
349 qs = package.affected_by_vulnerabilities.all()
350 else:
351 qs = package.fixing_vulnerabilities.all()
352 qs = qs.prefetch_related(
353 Prefetch(
354 "fixed_by_packages",
355 queryset=fixed_packages,
356 to_attr="filtered_fixed_packages",
357 )
358 )
359 return VulnSerializerRefsAndSummary(

Callers 3

bulk_searchMethod · 0.85
lookupMethod · 0.85
bulk_lookupMethod · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected