def get_package_data(pkgname):
entries = (db.session.query(
Package, CVEGroup, CVE,
Advisory).filter(Package.name == pkgname).outerjoin(
CVEGroupPackage, CVEGroupPackage.pkgname ==
Package.name).outerjoin(CVEGroup, CVEGroupPackage.group).outerjoin(
CVEGroupEntry,
CVEGroup.issues).outerjoin(CVE, CVEGroupEntry.cve).outerjoin(
Advisory,
and_(
Advisory.group_package_id == CVEGroupPackage.id,
Advisory.publication == Publication.published))).all()
# fallback for dropped packages
if not entries:
entries = (db.session.query(
CVEGroupPackage, CVEGroup, CVE,
Advisory).filter(CVEGroupPackage.pkgname == pkgname).join(
CVEGroup, CVEGroupPackage.group).join(
CVEGroupEntry,
CVEGroup.issues).join(CVE, CVEGroupEntry.cve).outerjoin(
Advisory,
and_(Advisory.group_package_id == CVEGroupPackage.id,
Advisory.publication == Publication.published))
).all()
if not entries:
return None
groups = set()
issues = set()
advisories = set()
versions = set()
for package, group, cve, advisory in entries:
if isinstance(package, Package):
versions.add(package)
if group:
groups.add(group)
if cve:
issues.add((cve, group))
if advisory:
advisories.add(advisory)
issues = [{'issue': e[0], 'group': e[1]} for e in issues]
issues = sorted(issues, key=lambda item: item['issue'], reverse=True)
issues = sorted(issues, key=lambda item: item['group'].status)
groups = sorted(groups, key=lambda item: item.id, reverse=True)
groups = sorted(groups, key=lambda item: item.status)
advisories = sorted(advisories, key=lambda item: item.id, reverse=True)
versions = filter_duplicate_packages(sort_packages(list(versions)), True)
package = versions[0] if versions else None
return {
'package': package,
'pkgname': pkgname,
'versions': versions,
'groups': groups,
'issues': issues,
'advisories': advisories
}
def get_group_data(avg):
avg_id = int(avg.replace('AVG-', ''))
entries = (db.session.query(
CVEGroup, CVE, CVEGroupPackage,
Advisory, Package).filter(CVEGroup.id == avg_id).join(
CVEGroupEntry, CVEGroup.issues).join(CVE, CVEGroupEntry.cve).join(
CVEGroupPackage, CVEGroup.packages).outerjoin(
Package,
Package.name == CVEGroupPackage.pkgname).outerjoin(
Advisory,
Advisory.group_package_id == CVEGroupPackage.id)
).all()
if not entries:
return None
group = None
issues = set()
packages = set()
advisories = set()
issue_types = set()
versions = set()
for group_entry, cve, pkg, advisory, package in entries:
group = group_entry
issues.add(cve)
issue_types.add(cve.issue_type)
packages.add(pkg)
if package:
versions.add(package)
if advisory:
advisories.add(advisory)
advisories = sorted(advisories, key=lambda item: item.id, reverse=True)
issue_types = list(issue_types)
issues = sorted(issues, key=lambda item: item, reverse=True)
packages = sorted(packages, key=lambda item: item.pkgname)
versions = filter_duplicate_packages(sort_packages(list(versions)), True)
advisories_pending = group.status == Status.fixed and group.advisory_qualified and len(
advisories) <= 0
return {
'group': group,
'packages': packages,
'versions': versions,
'issues': issues,
'issue_types': issue_types,
'advisories': advisories,
'advisories_pending': advisories_pending
}
