Merge pull request #1222 from TG1999/remove_old_fields

Drop duplicated fields from API response and add missing quotes for href values in template

Author: TG1999

CHANGELOG.rst

@@ -2,6 +2,13 @@ Release notes
 =============
 
 
+Version v33.0.0
+-----------------
+
+- We have dropped ``unresolved_vulnerabilities`` from /api/package endpoint API response.
+- We have added missing quotes for href values in template.
+
+
 Version v32.0.1
 -----------------
 

SOURCES.rst

@@ -13,7 +13,7 @@
 +----------------+------------------------------------------------------------------------------------------------------+----------------------------------------------------+
 |ruby            | https://github.com/rubysec/ruby-advisory-db.git                                                      |ruby gems                                           |
 +----------------+------------------------------------------------------------------------------------------------------+----------------------------------------------------+
-|ubuntu          | https://people.canonical.com/~ubuntu-security/oval/                                                  |ubuntu packages                                     |
+|ubuntu          |                                                                                                      |ubuntu packages                                     |
 +----------------+------------------------------------------------------------------------------------------------------+----------------------------------------------------+
 |retiredotnet    | https://github.com/RetireNet/Packages.git                                                            |.NET packages                                       |
 +----------------+------------------------------------------------------------------------------------------------------+----------------------------------------------------+

vulnerabilities/api.py

@@ -124,11 +124,6 @@ class PackageSerializer(serializers.HyperlinkedModelSerializer):
     Lookup software package using Package URLs
     """
 
-    def to_representation(self, instance):
-        data = super().to_representation(instance)
-        data["unresolved_vulnerabilities"] = data["affected_by_vulnerabilities"]
-        return data
-
     purl = serializers.CharField(source="package_url")
 
     affected_by_vulnerabilities = serializers.SerializerMethodField("get_affected_vulnerabilities")

vulnerabilities/templates/package_details.html

@@ -66,7 +66,7 @@
                                 <td>
                                     {% for alias in vulnerability.alias %}
                                         {% if alias.url %}
-                                            <a href={{ alias.url }} target="_blank">{{ alias }}<i class="fa fa-external-link fa_link_custom"></i></a>
+                                            <a href="{{ alias.url }}" target="_blank">{{ alias }}<i class="fa fa-external-link fa_link_custom"></i></a>
                                             <br />
                                         {% else %}
                                             {{ alias }}
@@ -113,7 +113,7 @@
                                 <td>
                                     {% for alias in vulnerability.alias %}
                                         {% if alias.url %}
-                                            <a href={{ alias.url }} target="_blank">{{ alias }}<i class="fa fa-external-link fa_link_custom"></i></a>
+                                            <a href="{{ alias.url }}" target="_blank">{{ alias }}<i class="fa fa-external-link fa_link_custom"></i></a>
                                             <br />
                                         {% else %}
                                             {{ alias }}

vulnerabilities/templates/vulnerabilities.html

@@ -48,7 +48,7 @@
                             <td>
                                 {% for alias in vulnerability.alias %}
                                     {% if alias.url %}
-                                        <a href={{ alias.url }} target="_blank">{{ alias }}
+                                        <a href="{{ alias.url }}" target="_blank">{{ alias }}
                                             <i class="fa fa-external-link fa_link_custom"></i>
                                         </a>
                                     {% else %}

vulnerabilities/templates/vulnerability_details.html

@@ -68,7 +68,7 @@
                                     <td class="two-col-right">
                                         {% for alias in aliases %}
                                             {% if alias.url %}
-                                                <a href={{ alias.url }} target="_blank">{{ alias }}<i class="fa fa-external-link fa_link_custom"></i></a>
+                                                <a href="{{ alias.url }}" target="_blank">{{ alias }}<i class="fa fa-external-link fa_link_custom"></i></a>
                                             {% else %}
                                                 {{ alias }}
                                             {% endif %}

vulnerabilities/tests/test_api.py

@@ -362,16 +362,6 @@ def test_api_with_single_vulnerability_and_fixed_package(self):
                     "aliases": ["CVE-2029-1234"],
                 },
             ],
-            "unresolved_vulnerabilities": [
-                {
-                    "url": f"http://testserver/api/vulnerabilities/{self.vuln1.id}",
-                    "vulnerability_id": self.vuln1.vulnerability_id,
-                    "summary": "test-vuln1",
-                    "references": [],
-                    "fixed_packages": [],
-                    "aliases": ["CVE-2019-1234", "GMS-1234-4321"],
-                }
-            ],
         }
 
     def test_api_with_single_vulnerability_and_vulnerable_package(self):
@@ -402,22 +392,6 @@ def test_api_with_single_vulnerability_and_vulnerable_package(self):
                 }
             ],
             "fixing_vulnerabilities": [],
-            "unresolved_vulnerabilities": [
-                {
-                    "url": f"http://testserver/api/vulnerabilities/{self.vuln.id}",
-                    "vulnerability_id": self.vuln.vulnerability_id,
-                    "summary": "test-vuln",
-                    "references": [],
-                    "fixed_packages": [
-                        {
-                            "url": f"http://testserver/api/packages/{self.package.id}",
-                            "purl": "pkg:generic/nginx/test@11",
-                            "is_vulnerable": True,
-                        }
-                    ],
-                    "aliases": ["CVE-2029-1234"],
-                }
-            ],
         }
 
     def test_api_with_all_vulnerable_packages(self):