MCPcopy Index your code
hub / github.com/aboutcode-org/vulnerablecode / bulk_lookup

Method bulk_lookup

vulnerabilities/api_v2.py:357–399  ·  view source on GitHub ↗

Return the response for exact PackageURLs requested for.

(self, request)

Source from the content-addressed store, hash-verified

355 pagination_class=None,
356 )
357 def bulk_lookup(self, request):
358 """
359 Return the response for exact PackageURLs requested for.
360 """
361 serializer = self.serializer_class(data=request.data)
362 if not serializer.is_valid():
363 return Response(
364 status=status.HTTP_400_BAD_REQUEST,
365 data={
366 "error": serializer.errors,
367 "message": "A non-empty 'purls' list of PURLs is required.",
368 },
369 )
370 validated_data = serializer.validated_data
371 purls = validated_data.get("purls")
372
373 # Fetch packages matching the provided purls
374 packages = Package.objects.for_purls(purls).with_is_vulnerable()
375
376 # Collect vulnerabilities associated with these packages
377 vulnerabilities = set()
378 for package in packages:
379 vulnerabilities.update(package.affected_by_vulnerabilities.all())
380 vulnerabilities.update(package.fixing_vulnerabilities.all())
381
382 # Serialize vulnerabilities with vulnerability_id as keys
383 vulnerability_data = {
384 vuln.vulnerability_id: VulnerabilityV2Serializer(vuln).data for vuln in vulnerabilities
385 }
386
387 # Serialize packages
388 package_data = PackageV2Serializer(
389 packages,
390 many=True,
391 context={"request": request},
392 ).data
393
394 return Response(
395 {
396 "vulnerabilities": vulnerability_data,
397 "packages": package_data,
398 }
399 )
400
401 @extend_schema(
402 request=PackageBulkSearchRequestSerializer,

Callers

nothing calls this directly

Calls 6

PackageV2SerializerClass · 0.85
getMethod · 0.45
with_is_vulnerableMethod · 0.45
for_purlsMethod · 0.45
allMethod · 0.45

Tested by

no test coverage detected