Resolve migration conflicts

Rename the pipeline name
Add the missing pygithub dependency

Signed-off-by: ziad hany <ziadhany2016@gmail.com>

Author: ziadhany

requirements.txt

@@ -126,3 +126,4 @@ wcwidth==0.2.5
 websocket-client==0.59.0
 yarl==1.7.2
 zipp==3.19.1
+PyGithub==2.8.1

vulnerabilities/importers/__init__.py

@@ -48,9 +48,9 @@
 from vulnerabilities.pipelines.v2_importers import (
     elixir_security_importer as elixir_security_importer_v2,
 )
-from vulnerabilities.pipelines.v2_importers import github_issue_pr as github_issue_pr_v2
 from vulnerabilities.pipelines.v2_importers import epss_importer_v2
 from vulnerabilities.pipelines.v2_importers import fireeye_importer_v2
+from vulnerabilities.pipelines.v2_importers import github_issue_pr as github_issue_pr_v2
 from vulnerabilities.pipelines.v2_importers import github_osv_importer as github_osv_importer_v2
 from vulnerabilities.pipelines.v2_importers import gitlab_importer as gitlab_importer_v2
 from vulnerabilities.pipelines.v2_importers import istio_importer as istio_importer_v2
@@ -101,6 +101,7 @@
         epss_importer_v2.EPSSImporterPipeline,
         nginx_importer_v2.NginxImporterPipeline,
         mattermost_importer_v2.MattermostImporterPipeline,
+        github_issue_pr_v2.GithubPipelineIssuePRPipeline,
         nvd_importer.NVDImporterPipeline,
         github_importer.GitHubAPIImporterPipeline,
         gitlab_importer.GitLabImporterPipeline,
@@ -136,6 +137,5 @@
         ubuntu_usn.UbuntuUSNImporter,
         fireeye.FireyeImporter,
         oss_fuzz.OSSFuzzImporter,
-        github_issue_pr_v2.GithubPipelineIssuePR,
     ]
 )

vulnerabilities/pipelines/v2_importers/github_issue_pr.py

@@ -20,12 +20,12 @@
 GITHUB_TOKEN = env.str("GITHUB_TOKEN")
 
 
-class GithubPipelineIssuePR(VulnerableCodeBaseImporterPipelineV2):
+class GithubPipelineIssuePRPipeline(VulnerableCodeBaseImporterPipelineV2):
     """
     Pipeline to collect GitHub issues and PRs related to vulnerabilities.
     """
 
-    pipeline_id = "collect_issues_pr"
+    pipeline_id = "collect_github_issues_pr"
 
     @classmethod
     def steps(cls):
@@ -86,7 +86,7 @@ def collect_advisories(self):
 
             yield AdvisoryData(
                 advisory_id=vuln_id,
-                aliases=[vuln_id],
+                aliases=[],
                 references_v2=references,
                 url=self.repo_url,
             )

vulnerabilities/tests/pipelines/v2_importers/test_github_issue_pr.py

@@ -14,13 +14,15 @@
 
 import pytest
 
-from vulnerabilities.pipelines.v2_importers.github_issue_pr import GithubPipelineIssuePR
+from vulnerabilities.pipelines.v2_importers.github_issue_pr import GithubPipelineIssuePRPipeline
 from vulnerabilities.tests import util_tests
 
+TEST_DATA = Path(__file__).parent.parent.parent / "test_data" / "github_issue_pr"
+
 
 @pytest.fixture
 def pipeline():
-    pipeline = GithubPipelineIssuePR()
+    pipeline = GithubPipelineIssuePRPipeline()
     pipeline.repo_url = "https://github.com/test/repo"
     pipeline.log = MagicMock()
     return pipeline
@@ -32,44 +34,41 @@ def test_collect_issues_and_prs(pipeline):
         SimpleNamespace(
             title="Fix for CVE-2023-1234 found",
             body="This resolves a security issue",
-            html_url="http://example.com/issue1",
+            html_url="https://example.com/issue1",
         ),
         SimpleNamespace(
             title="No vulnerability mentioned",
             body="This is unrelated",
-            html_url="http://example.com/issue2",
+            html_url="https://example.com/issue2",
         ),
     ]
 
     pipeline.pull_requestes = [
         SimpleNamespace(
             title="Patch addressing GHSA-zzz-111",
             body="Also fixes PYSEC-2024-5678",
-            html_url="http://example.com/pr1",
+            html_url="https://example.com/pr1",
         )
     ]
 
     result = pipeline.collect_issues_and_prs()
     expected = {
-        "CVE-2023-1234": [("Issue", "http://example.com/issue1")],
-        "GHSA-zzz-111": [("PR", "http://example.com/pr1")],
-        "PYSEC-2024-5678": [("PR", "http://example.com/pr1")],
+        "CVE-2023-1234": [("Issue", "https://example.com/issue1")],
+        "GHSA-zzz-111": [("PR", "https://example.com/pr1")],
+        "PYSEC-2024-5678": [("PR", "https://example.com/pr1")],
     }
 
     assert result == expected
 
 
-TEST_DATA = Path(__file__).parent.parent.parent / "test_data" / "github_issue_pr"
-
-
 @pytest.mark.django_db
 def test_collect_advisories_from_json():
     input_file = TEST_DATA / "issues_and_pr.json"
     expected_file = TEST_DATA / "expected_advisory_output.json"
 
     issues_and_prs = json.loads(input_file.read_text(encoding="utf-8"))
 
-    pipeline = GithubPipelineIssuePR()
+    pipeline = GithubPipelineIssuePRPipeline()
     pipeline.repo_url = "https://github.com/test/repo"
     pipeline.log = MagicMock()
 

vulnerabilities/tests/test_data/github_issue_pr/expected_advisory_output.json

@@ -1,9 +1,7 @@
 [
   {
     "advisory_id": "CVE-2023-1234",
-    "aliases": [
-      "CVE-2023-1234"
-    ],
+    "aliases": [],
     "summary": "",
     "affected_packages": [],
     "references_v2": [
@@ -18,16 +16,15 @@
         "url": "https://example.com/pr1"
       }
     ],
+    "patches": [],
     "severities": [],
     "date_published": null,
     "weaknesses": [],
     "url": "https://github.com/test/repo"
   },
   {
     "advisory_id": "GHSA-zzz-111",
-    "aliases": [
-      "GHSA-zzz-111"
-    ],
+    "aliases": [],
     "summary": "",
     "affected_packages": [],
     "references_v2": [
@@ -37,16 +34,15 @@
         "url": "https://example.com/pr1"
       }
     ],
+    "patches": [],
     "severities": [],
     "date_published": null,
     "weaknesses": [],
     "url": "https://github.com/test/repo"
   },
   {
     "advisory_id": "PYSEC-2024-5678",
-    "aliases": [
-      "PYSEC-2024-5678"
-    ],
+    "aliases": [],
     "summary": "",
     "affected_packages": [],
     "references_v2": [
@@ -56,6 +52,7 @@
         "url": "https://example.com/pr1"
       }
     ],
+    "patches": [],
     "severities": [],
     "date_published": null,
     "weaknesses": [],