saves security_relevance to database for each commit candidate

SAP · Aug 16, 2024 · 058cd25 · 058cd25
1 parent 04ed627
commit 058cd25
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 7 deletions.
diff --git a/prospector/core/prospector.py b/prospector/core/prospector.py
@@ -245,7 +245,7 @@ def prospector(  # noqa: C901
         logger.warning("Preprocessed commits are not being sent to backend")
 
     ranked_candidates = evaluate_commits(
-        preprocessed_commits, advisory_record, enabled_rules
+        preprocessed_commits, advisory_record, backend_address, enabled_rules
     )
 
     # ConsoleWriter.print("Commit ranking and aggregation...")
@@ -288,7 +288,10 @@ def filter(commits: Dict[str, RawCommit]) -> Dict[str, RawCommit]:
 
 
 def evaluate_commits(
-    commits: List[Commit], advisory: AdvisoryRecord, enabled_rules: List[str]
+    commits: List[Commit],
+    advisory: AdvisoryRecord,
+    backend_address: str,
+    enabled_rules: List[str],
 ) -> List[Commit]:
     """This method applies the rule phases. Each phase is associated with a set of rules:
         - Phase 1: Original rules
@@ -308,7 +311,7 @@ def evaluate_commits(
     with ExecutionTimer(core_statistics.sub_collection("candidates analysis")):
         with ConsoleWriter("Candidate analysis") as _:
             ranked_commits = apply_rules(
-                commits, advisory, enabled_rules=enabled_rules
+                commits, advisory, backend_address, enabled_rules=enabled_rules
             )
 
     return ranked_commits

diff --git a/prospector/rules/rules.py b/prospector/rules/rules.py
@@ -52,6 +52,7 @@ def get_id(self):
 def apply_rules(
     candidates: List[Commit],
     advisory_record: AdvisoryRecord,
+    backend_address: str,
     enabled_rules: List[str] = [],
 ) -> List[Commit]:
     """Applies the selected set of rules and returns the ranked list of commits."""
@@ -83,7 +84,7 @@ def apply_rules(
 
         for candidate in candidates[:NUM_COMMITS_PHASE_2]:
             for rule in phase_2_rules:
-                if rule.apply(candidate):
+                if rule.apply(candidate, backend_address):
                     counter.increment("matches")
                     candidate.add_match(rule.as_dict())
             candidate.compute_relevance()
@@ -419,10 +420,38 @@ class CommitIsSecurityRelevant(Rule):
     def apply(
         self,
         candidate: Commit,
+        backend_address: str,
     ) -> bool:
-        return LLMService().classify_commit(
-            candidate.diff, candidate.repository, candidate.message
-        )
+
+        # Check if this commit is already in the database
+        try:
+            r = requests.get(
+                f"{backend_address}/commits/{candidate.repository}",
+                params={"commit_id": candidate.commit_id},
+                timeout=10
+            )
+            r.raise_for_status()
+            commit_data = r.json()[0]
+
+            is_security_relevant = commit_data.get('security_relevant')
+            if is_security_relevant is not None:
+                candidate.security_relevant = is_security_relevant
+                return is_security_relevant
+
+            candidate.security_relevant = LLMService().classify_commit(
+                candidate.diff, candidate.repository, candidate.message
+            )
+
+            update_response = requests.post(
+                backend_address + "/commits/",
+                json=[candidate.to_dict()],
+                headers={"content-type": "application/json"},
+            )
+            update_response.raise_for_status()
+
+        except requests.exceptions.RequestException as e:
+            error_type = type(e).__name__
+            print(f"Error communicating with backend: {error_type} - {str(e)}")
 
 
 RULES_PHASE_1: List[Rule] = [