Format code

TG1999 · TG1999 · commit 3a74be058581 · 2023-01-20T19:45:25.000+05:30
Signed-off-by: Tushar Goel &lt;tushar.goel.dav@gmail.com&gt;
diff --git a/vulnerabilities/importers/__init__.py b/vulnerabilities/importers/__init__.py
@@ -12,8 +12,8 @@
 from vulnerabilities.importers import archlinux
 from vulnerabilities.importers import debian
 from vulnerabilities.importers import debian_oval
-from vulnerabilities.importers import gentoo
 from vulnerabilities.importers import elixir_security
+from vulnerabilities.importers import gentoo
 from vulnerabilities.importers import github
 from vulnerabilities.importers import gitlab
 from vulnerabilities.importers import istio
diff --git a/vulnerabilities/importers/elixir_security.py b/vulnerabilities/importers/elixir_security.py
@@ -6,7 +6,6 @@
 # See https://github.com/nexB/vulnerablecode for support or download.
 # See https://aboutcode.org for more information about nexB OSS projects.
 #
-import logging
 from pathlib import Path
 from typing import Set
 
@@ -18,10 +17,9 @@
 from vulnerabilities.importer import AffectedPackage
 from vulnerabilities.importer import Importer
 from vulnerabilities.importer import Reference
+from vulnerabilities.utils import is_cve
 from vulnerabilities.utils import load_yaml
 
-logger = logging.getLogger(__name__)
-
 
 class ElixirSecurityImporter(Importer):
 
@@ -46,15 +44,18 @@ def process_file(self, path):
         cve_id = ""
         summary = yaml_file.get("description") or ""
         pkg_name = yaml_file.get("package") or ""
-        if not pkg_name:
-            return []
 
         cve = yaml_file.get("cve") or ""
 
         if cve and not cve.startswith("CVE-"):
-            cve = yaml_file["cve"]
             cve_id = f"CVE-{cve}"
 
+        if not cve_id:
+            return []
+
+        if not is_cve(cve_id):
+            return []
+
         references = []
         link = yaml_file.get("link") or ""
         if link:
@@ -82,18 +83,16 @@ def process_file(self, path):
                 VersionConstraint.from_string(version_class=vrc, string=version).invert()
             )
 
-        affected_packages.append(
-            AffectedPackage(
-                package=PackageURL(
-                    type="hex",
-                    name=pkg_name,
-                ),
-                affected_version_range=HexVersionRange(constraints=constraints),
+        if pkg_name:
+            affected_packages.append(
+                AffectedPackage(
+                    package=PackageURL(
+                        type="hex",
+                        name=pkg_name,
+                    ),
+                    affected_version_range=HexVersionRange(constraints=constraints),
+                )
             )
-        )
-
-        if not cve_id:
-            return []
 
         yield AdvisoryData(
             aliases=[cve_id],
