Avoid fresh database query on prefetched cache

Signed-off-by: Keshav Priyadarshi <[email protected]>

Author: keshav-space

vulnerabilities/pipelines/compute_package_risk.py

@@ -40,7 +40,11 @@ def add_package_risk_score(self):
 
         self.log(f"Calculating risk for {affected_packages.count():,d} affected package records")
 
-        progress = LoopProgress(total_iterations=affected_packages.count(), logger=self.log)
+        progress = LoopProgress(
+            total_iterations=affected_packages.count(),
+            logger=self.log,
+            progress_step=5,
+        )
 
         updatables = []
         updated_package_count = 0

vulnerabilities/risk.py

@@ -68,20 +68,17 @@ def get_exploitability_level(exploits, references, severities):
 
     elif severities:
         # high EPSS.
-        epss = severities.filter(
-            scoring_system=EPSS.identifier,
-        )
-        epss = any(float(epss.value) > 0.8 for epss in epss)
-        if epss:
-            exploit_level = 2
+        for severity in severities:
+            if severity.scoring_system == EPSS.identifier and float(severity.value) > 0.8:
+                exploit_level = 2
+                break
 
     elif references:
         # PoC/Exploit script published
-        ref_exploits = references.filter(
-            reference_type=VulnerabilityReference.EXPLOIT,
-        )
-        if ref_exploits:
-            exploit_level = 1
+        for reference in references:
+            if reference.reference_type == VulnerabilityReference.EXPLOIT:
+                exploit_level = 1
+                break
 
     return exploit_level
 

vulnerabilities/tests/test_risk.py

@@ -86,7 +86,7 @@ def high_epss_score():
     )
     vul.severities.add(severity)
 
-    return vul.severities
+    return vul.severities.all()
 
 
 @pytest.fixture
@@ -102,7 +102,7 @@ def low_epss_score():
     )
     vul.severities.add(severity)
 
-    return vul.severities
+    return vul.severities.all()
 
 
 @pytest.mark.django_db