MCPcopy Create free account
hub / github.com/aboutcode-org/vulnerablecode / process_inferences

Function process_inferences

vulnerabilities/import_runner.py:153–259  ·  view source on GitHub ↗

Return number of inferences processed. An atomic transaction that updates both the Advisory (e.g. date_imported) and processes the given inferences to create or update corresponding database fields. This avoids failing the entire improver when only a single inference is err

(inferences: List[Inference], advisory: Advisory, improver_name: str)

Source from the content-addressed store, hash-verified

151
152@transaction.atomic
153def process_inferences(inferences: List[Inference], advisory: Advisory, improver_name: str):
154 """
155 Return number of inferences processed.
156 An atomic transaction that updates both the Advisory (e.g. date_imported)
157 and processes the given inferences to create or update corresponding
158 database fields.
159
160 This avoids failing the entire improver when only a single inference is
161 erroneous. Also, the atomic transaction for every advisory and its
162 inferences makes sure that date_imported of advisory is consistent.
163 """
164 from vulnerabilities.pipes.advisory import get_or_create_aliases
165
166 inferences_processed_count = 0
167
168 if not inferences:
169 logger.warning(f"Nothing to improve. Source: {improver_name} Advisory id: {advisory.id}")
170 return inferences_processed_count
171
172 logger.info(f"Improving advisory id: {advisory.id}")
173
174 for inference in inferences:
175 aliases = get_or_create_aliases(inference.aliases)
176 vulnerability = get_or_create_vulnerability_and_aliases(
177 vulnerability_id=inference.vulnerability_id,
178 aliases=aliases,
179 summary=inference.summary,
180 advisory=advisory,
181 )
182
183 if not vulnerability:
184 logger.warning(f"Unable to get vulnerability for inference: {inference!r}")
185 continue
186
187 for ref in inference.references:
188
189 reference = VulnerabilityReference.objects.get_or_none(
190 reference_id=ref.reference_id,
191 url=ref.url,
192 )
193
194 if not reference:
195 reference = create_valid_vulnerability_reference(
196 reference_id=ref.reference_id,
197 url=ref.url,
198 )
199
200 if reference:
201 VulnerabilityRelatedReference.objects.update_or_create(
202 reference=reference,
203 vulnerability=vulnerability,
204 )
205 updated = False
206 for severity in ref.severities:
207 try:
208 published_at = str(severity.published_at) if severity.published_at else None
209 (
210 vulnerability_severity,

Calls 10

get_or_create_aliasesFunction · 0.90
get_or_noneMethod · 0.80
update_or_createMethod · 0.80
addMethod · 0.80
saveMethod · 0.45