TC-3753 advisory’s query and pruning functionality

etc/trustify-cli/README.md

@@ -44,6 +44,8 @@ trustify sbom duplicates delete
   - [`sbom duplicates find`](#sbom-duplicates-find)
   - [`sbom duplicates delete`](#sbom-duplicates-delete)
   - [`sbom prune`](#sbom-prune)
+  - [`advisory list`](#advisory-list)
+  - [`advisory prune`](#advisory-prune)
 
 - [API Reference](#api-reference)
 - [License](#license)
@@ -228,4 +230,63 @@ trustify sbom prune --output results.json --quiet            # Save results to f
   "failed_total": 2,
   "total": 4
 }
+```
+
+---
+
+### `advisory list`
+
+List advisories with filtering, pagination, and output formatting.
+
+```bash
+trustify advisory list                              # Full JSON
+trustify advisory list --query "title=CVE-2024-1234"      # Filter by advisory title
+trustify advisory list --limit 10 --offset 20       # Pagination
+```
+
+---
+
+### `advisory prune`
+
+Prune advisories based on various criteria like age or labels. Always preview with `--dry-run` first!
+
+```bash
+trustify advisory prune --dry-run                                # Preview what will be pruned
+trustify advisory prune --older-than 90                          # Delete advisories older than 90 days
+trustify advisory prune --published-before 2026-01-15T10:30:45Z  # Delete advisories published before the specified date
+trustify advisory prune --label type=csaf --label importer=run   # Delete advisories with specific labels
+trustify advisory prune --keep-latest 5                          # Keep only 5 most recent per identifier
+trustify advisory prune --query "title=CVE-2024-1234"                       # Custom query filter
+trustify advisory prune --limit 1000                             # Limit results and increase concurrency
+trustify advisory prune --output results.json --quiet            # Save results to file, suppress output
+```
+
+**Output file format:**
+
+```json
+{
+  "deleted": [
+    {
+      "id": "urn:uuid:7f774d1f-bd19-425c-aa7d-1e35e6d527dc",
+      "identifier": "CVE-2019-7589"
+    }
+  ],
+  "deleted_total": 1,
+  "skipped": [
+    {
+      "id": "urn:uuid:3ab23f78-4bf0-44a7-9f1e-2e2bd672643a",
+      "identifier": "CVE-2019-7304"
+    }
+  ],
+  "skipped_total": 1,
+  "failed": [
+    {
+      "id": "urn:uuid:abc123",
+      "identifier": "CVE-2024-1234",
+      "error": "HTTP 408: Server timeout"
+    }
+  ],
+  "failed_total": 1,
+  "total": 3
+}
 ```

etc/trustify-cli/src/api/advisory.rs

@@ -0,0 +1,55 @@
+use super::client::{ApiClient, ApiError};
+use crate::common::{
+    DeleteEntry, DeleteResult, ListParams, PruneParams, build_prune_query, delete_entries,
+    new_delete_result,
+};
+
+const ADVISORY_PATH: &str = "/v2/advisory";
+
+pub async fn list(client: &ApiClient, params: &ListParams) -> Result<String, ApiError> {
+    client.get_with_query(ADVISORY_PATH, params).await
+}
+
+pub async fn prune(client: &ApiClient, params: &PruneParams) -> Result<DeleteResult, ApiError> {
+    let (_query, list_params) = build_prune_query(params);
+
+    log::info!(
+        "Pruning advisories with query: {}",
+        list_params.q.as_deref().unwrap_or("")
+    );
+
+    let response = list(client, &list_params).await?;
+    let parsed: serde_json::Value = serde_json::from_str(&response)
+        .map_err(|e| ApiError::InternalError(format!("Failed to parse response: {}", e)))?;
+
+    let items = parsed
+        .get("items")
+        .and_then(|v| v.as_array())
+        .ok_or_else(|| ApiError::InternalError("No items in response".to_string()))?;
+
+    let total = items.len() as u32;
+
+    let entries: Vec<DeleteEntry> = items
+        .iter()
+        .filter_map(|item| {
+            let id = item.get("uuid").and_then(|v| v.as_str())?;
+
+            let identifier = item
+                .get("identifier")
+                .and_then(|v| v.as_str())
+                .unwrap_or("unknown")
+                .to_string();
+
+            Some(DeleteEntry {
+                id: id.to_string(),
+                identifier: identifier.to_string(),
+            })
+        })
+        .collect();
+
+    if params.dry_run {
+        return Ok(new_delete_result(total));
+    }
+
+    delete_entries(client, ADVISORY_PATH, entries, params.concurrency).await
+}

etc/trustify-cli/src/api/mod.rs

@@ -1,3 +1,4 @@
+pub mod advisory;
 pub mod auth;
 pub mod client;
 pub mod sbom;