Add data migration for VCIO API v3

tdruez · tdruez · commit cc7aa4ee08ac · 2026-04-14T15:32:55.000+04:00
Signed-off-by: tdruez &lt;tdruez@aboutcode.org&gt;
diff --git a/scanpipe/migrations/0080_vulnerablecode_v3_data.py b/scanpipe/migrations/0080_vulnerablecode_v3_data.py
@@ -0,0 +1,34 @@
+# Generated by Django 6.0.3 on 2026-04-14 11:10
+
+from django.db import migrations
+from django.db.models import Q
+
+
+def add_advisory_id(apps, schema_editor):
+    """Copy vulnerability_id to advisory_id in affected_by_vulnerabilities entries."""
+    DiscoveredPackage = apps.get_model("scanpipe", "DiscoveredPackage")
+    DiscoveredDependency = apps.get_model("scanpipe", "DiscoveredDependency")
+    EMPTY_VALUES = [None, [], ""]
+
+    vulnerable = ~Q(affected_by_vulnerabilities__in=EMPTY_VALUES)
+
+    for model in [DiscoveredPackage, DiscoveredDependency]:
+        for instance in model.objects.filter(vulnerable):
+            for entry in instance.affected_by_vulnerabilities:
+                if "advisory_id" not in entry:
+                    entry["advisory_id"] = entry.get("vulnerability_id", "")
+            instance.save(update_fields=["affected_by_vulnerabilities"])
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('scanpipe', '0079_apitoken_data'),
+    ]
+
+    operations = [
+        migrations.RunPython(
+            add_advisory_id,
+            reverse_code=migrations.RunPython.noop,
+        ),
+    ]
diff --git a/scanpipe/tests/pipes/test_vulnerablecode.py b/scanpipe/tests/pipes/test_vulnerablecode.py
@@ -79,10 +79,14 @@ def test_scanpipe_pipes_vulnerablecode_filter_vulnerabilities(self):
         vulnerability1 = vulnerability_data[0]
         self.assertEqual("PYSEC-2024-28", vulnerability1.get("advisory_id"))
         ignore_set = {vulnerability1.get("advisory_id")}
-        self.assertEqual(23, len(filter_vulnerabilities(vulnerability_data, ignore_set)))
+        self.assertEqual(
+            23, len(filter_vulnerabilities(vulnerability_data, ignore_set))
+        )
 
         ignore_set = {vulnerability1.get("aliases")[0]}
-        self.assertEqual(23, len(filter_vulnerabilities(vulnerability_data, ignore_set)))
+        self.assertEqual(
+            23, len(filter_vulnerabilities(vulnerability_data, ignore_set))
+        )
 
     def test_scanpipe_pipes_vulnerablecode_chunked(self):
         result = list(chunked([1, 2, 3, 4, 5], 2))
