Use optimized queryset in risk pipeline

keshav-space · keshav-space · commit b2d1e20b0ce5 · 2024-11-11T19:52:47.000+05:30
- Prefetch related vulnerability, severities, references, and exploits
  for better performance

Signed-off-by: Keshav Priyadarshi &lt;git@keshav.space&gt;
diff --git a/vulnerabilities/pipelines/compute_package_risk.py b/vulnerabilities/pipelines/compute_package_risk.py
@@ -29,8 +29,13 @@ def steps(cls):
         return (cls.add_package_risk_score,)
 
     def add_package_risk_score(self):
-        affected_packages = Package.objects.filter(
-            affected_by_vulnerabilities__isnull=False
+        affected_packages = (
+            Package.objects.filter(affected_by_vulnerabilities__isnull=False).prefetch_related(
+                "affectedbypackagerelatedvulnerability_set__vulnerability",
+                "affectedbypackagerelatedvulnerability_set__vulnerability__references",
+                "affectedbypackagerelatedvulnerability_set__vulnerability__severities",
+                "affectedbypackagerelatedvulnerability_set__vulnerability__exploits",
+            )
         ).distinct()
 
         self.log(f"Calculating risk for {affected_packages.count():,d} affected package records")
