Refactor ubuntu usn importer and tests

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
aboutcode-org · Apr 12, 2021 · 25c6972 · 25c6972
1 parent abbb3e2
commit 25c6972
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 145 deletions.
diff --git a/vulnerabilities/importers/ubuntu_usn.py b/vulnerabilities/importers/ubuntu_usn.py
@@ -67,10 +67,6 @@ def to_advisories(usn_db):
         advisories = []
         for usn in usn_db:
             reference = get_usn_references(usn_db[usn]["id"])
-            for release in usn_db[usn]["releases"]:
-                pkg_dict = usn_db[usn]["releases"][release]
-                safe_purls = get_purls(pkg_dict)
-
             for cve in usn_db[usn].get("cves", [""]):
                 # The db sometimes contains entries like
                 # {'cves': ['python-pgsql vulnerabilities', 'CVE-2006-2313', 'CVE-2006-2314']}
@@ -81,8 +77,6 @@ def to_advisories(usn_db):
                 advisories.append(
                     Advisory(
                         vulnerability_id=cve,
-                        impacted_package_urls=[],
-                        resolved_package_urls=safe_purls,
                         summary="",
                         references=[reference],
                     )
@@ -100,39 +94,3 @@ def fetch(url):
     raw_data = bz2.decompress(response)
 
     return json.loads(raw_data)
-
-
-def get_purls(pkg_dict):
-    purls = set()
-    for pkg_name in pkg_dict.get("sources", []):
-        version = pkg_dict["sources"][pkg_name]["version"]
-        # The db sometimes contains entries like {'postgresql': {'version': ''}}
-        # This `if` ignores such entries
-        if not version:
-            continue
-
-        purls.add(
-            PackageURL(
-                name=pkg_name,
-                version=version,
-                type="deb",
-                namespace="ubuntu",
-            )
-        )
-
-    for pkg_name in pkg_dict["binaries"]:
-        version = pkg_dict["binaries"][pkg_name]["version"]
-        # The db sometimes contains entries like {'postgresql': {'version': ''}}
-        # This `if` ignores such entries
-        if not version:
-            continue
-
-        purls.add(
-            PackageURL(
-                name=pkg_name,
-                version=version,
-                type="deb",
-                namespace="ubuntu",
-            )
-        )
-    return purls
diff --git a/vulnerabilities/tests/test_ubuntu_usn.py b/vulnerabilities/tests/test_ubuntu_usn.py
@@ -65,121 +65,18 @@ def test_fetch(self):
         with patch("vulnerabilities.importers.ubuntu_usn.requests.get", return_value=mock_response):
             assert ubuntu_usn.fetch("www.db.com") == self.db
 
-    def test_get_purls(self):
-
-        eg_pkg_dict_1 = self.db["763-1"]["releases"]["hardy"]
-        eg_pkg_dict_2 = self.db["763-1"]["releases"]["dapper"]
-        eg_pkg_dict_3 = self.db["763-1"]["releases"]["intrepid"]
-
-        exp_pkgs_1 = {
-            PackageURL(
-                type="deb",
-                namespace="ubuntu",
-                name="xine-lib",
-                version="1.1.11.1-1ubuntu3.4",
-                qualifiers=OrderedDict(),
-                subpath=None,
-            ),
-            PackageURL(
-                type="deb",
-                namespace="ubuntu",
-                name="libxine1",
-                version="1.1.11.1-1ubuntu3.4",
-                qualifiers=OrderedDict(),
-                subpath=None,
-            ),
-        }
-        exp_pkgs_2 = {
-            PackageURL(
-                type="deb",
-                namespace="ubuntu",
-                name="libxine-main1",
-                version="1.1.1+ubuntu2-7.12",
-                qualifiers=OrderedDict(),
-                subpath=None,
-            ),
-            PackageURL(
-                type="deb",
-                namespace="ubuntu",
-                name="xine-lib",
-                version="1.1.1+ubuntu2-7.12",
-                qualifiers=OrderedDict(),
-                subpath=None,
-            ),
-        }
-        exp_pkgs_3 = {
-            PackageURL(
-                type="deb",
-                namespace="ubuntu",
-                name="xine-lib",
-                version="1.1.15-0ubuntu3.3",
-                qualifiers=OrderedDict(),
-                subpath=None,
-            ),
-            PackageURL(
-                type="deb",
-                namespace="ubuntu",
-                name="libxine1",
-                version="1.1.15-0ubuntu3.3",
-                qualifiers=OrderedDict(),
-                subpath=None,
-            ),
-        }
-
-        assert exp_pkgs_1 == ubuntu_usn.get_purls(eg_pkg_dict_1)
-        assert exp_pkgs_2 == ubuntu_usn.get_purls(eg_pkg_dict_2)
-        assert exp_pkgs_3 == ubuntu_usn.get_purls(eg_pkg_dict_3)
-
     def test_to_advisories(self):
 
         expected_advisories = [
             Advisory(
                 summary="",
-                impacted_package_urls=[],
-                resolved_package_urls={
-                    PackageURL(
-                        type="deb",
-                        namespace="ubuntu",
-                        name="xine-lib",
-                        version="1.1.15-0ubuntu3.3",
-                        qualifiers=OrderedDict(),
-                        subpath=None,
-                    ),
-                    PackageURL(
-                        type="deb",
-                        namespace="ubuntu",
-                        name="libxine1",
-                        version="1.1.15-0ubuntu3.3",
-                        qualifiers=OrderedDict(),
-                        subpath=None,
-                    ),
-                },
                 references=[
                     Reference(url="https://usn.ubuntu.com/763-1/", reference_id="USN-763-1")
                 ],
                 vulnerability_id="CVE-2009-0698",
             ),
             Advisory(
                 summary="",
-                impacted_package_urls=[],
-                resolved_package_urls={
-                    PackageURL(
-                        type="deb",
-                        namespace="ubuntu",
-                        name="xine-lib",
-                        version="1.1.15-0ubuntu3.3",
-                        qualifiers=OrderedDict(),
-                        subpath=None,
-                    ),
-                    PackageURL(
-                        type="deb",
-                        namespace="ubuntu",
-                        name="libxine1",
-                        version="1.1.15-0ubuntu3.3",
-                        qualifiers=OrderedDict(),
-                        subpath=None,
-                    ),
-                },
                 references=[
                     Reference(url="https://usn.ubuntu.com/763-1/", reference_id="USN-763-1")
                 ],