Add Archlinux severity system

TG1999 · TG1999 · commit 2e4318a3e25a · 2026-03-04T19:27:50.000+05:30
Signed-off-by: Tushar Goel &lt;tushar.goel.dav@gmail.com&gt;
diff --git a/vulnerabilities/pipelines/v2_importers/archlinux_importer.py b/vulnerabilities/pipelines/v2_importers/archlinux_importer.py
@@ -56,6 +56,7 @@ def collect_advisories(self) -> Iterable[AdvisoryDataV2]:
     def parse_advisory(self, record) -> AdvisoryDataV2:
         affected_packages = []
         references = []
+        severities = []
         avg_name = record.get("name")
         severity = record.get("severity")
         aliases = record.get("issues", [])
@@ -96,13 +97,17 @@ def parse_advisory(self, record) -> AdvisoryDataV2:
                 )
             )
 
-        severities = [
-            VulnerabilitySeverity(
-                system=severity_systems.ARCHLINUX,
-                value=severity,
-                url="https://security.archlinux.org/{avg_name}.json",
-            )
-        ]
+        if severity not in severity_systems.ARCHLINUX.choices:
+            self.log(f"Unknown severity {severity} for {avg_name}")
+            severity = None
+        if severity:
+            severities = [
+                VulnerabilitySeverity(
+                    system=severity_systems.ARCHLINUX,
+                    value=severity,
+                    url="https://security.archlinux.org/{avg_name}.json",
+                )
+            ]
 
         return AdvisoryDataV2(
             advisory_id=avg_name,
diff --git a/vulnerabilities/tests/test_data/archlinux/archlinux_advisoryv2-expected.json b/vulnerabilities/tests/test_data/archlinux/archlinux_advisoryv2-expected.json
@@ -29,13 +29,7 @@
       }
     ],
     "patches": [],
-    "severities": [
-      {
-        "system": "generic_textual",
-        "value": "Unknown",
-        "scoring_elements": ""
-      }
-    ],
+    "severities": [],
     "date_published": null,
     "weaknesses": [],
     "url": "https://security.archlinux.org/AVG-2781.json"
@@ -72,13 +66,7 @@
       }
     ],
     "patches": [],
-    "severities": [
-      {
-        "system": "generic_textual",
-        "value": "Unknown",
-        "scoring_elements": ""
-      }
-    ],
+    "severities": [],
     "date_published": null,
     "weaknesses": [],
     "url": "https://security.archlinux.org/AVG-2780.json"
@@ -121,7 +109,7 @@
     "patches": [],
     "severities": [
       {
-        "system": "generic_textual",
+        "system": "archlinux",
         "value": "Low",
         "scoring_elements": ""
       }
