Include latest and next non-vulnerable versions in API v2

keshav-space · keshav-space · commit 58fff59d04e1 · 2025-07-24T18:50:38.000+05:30
Fixes: #1959 Signed-off-by: Keshav Priyadarshi <git@keshav.space>
diff --git a/vulnerabilities/api_v2.py b/vulnerabilities/api_v2.py
@@ -311,8 +311,8 @@ class AdvisoryPackageV2Serializer(serializers.ModelSerializer):
     risk_score = serializers.FloatField(read_only=True)
     affected_by_vulnerabilities = serializers.SerializerMethodField()
     fixing_vulnerabilities = serializers.SerializerMethodField()
-    next_non_vulnerable_version = serializers.CharField(read_only=True)
-    latest_non_vulnerable_version = serializers.CharField(read_only=True)
+    next_non_vulnerable_version = serializers.SerializerMethodField()
+    latest_non_vulnerable_version = serializers.SerializerMethodField()
 
     class Meta:
         model = Package
@@ -348,6 +348,14 @@ def get_affected_by_vulnerabilities(self, package):
     def get_fixing_vulnerabilities(self, package):
         return [impact.advisory.avid for impact in package.fixed_in_impacts.all()]
 
+    def get_next_non_vulnerable_version(self, package):
+        if next_non_vulnerable := package.get_non_vulnerable_versions()[0]:
+            return next_non_vulnerable.version
+
+    def get_latest_non_vulnerable_version(self, package):
+        if latest_non_vulnerable := package.get_non_vulnerable_versions()[-1]:
+            return latest_non_vulnerable.version
+
 
 class PackageurlListSerializer(serializers.Serializer):
     purls = serializers.ListField(
@@ -1164,6 +1172,7 @@ def bulk_search(self, request):
                     ),
                 )
                 .with_is_vulnerable()
+                .order_by("package_url")
             )
 
             packages = query
diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py
@@ -3123,17 +3123,12 @@ def get_non_vulnerable_versions(self):
             self, fix=False
         ).only_non_vulnerable()
 
-        later_non_vulnerable_versions = non_vulnerable_versions.filter(
-            version_rank__gt=self.version_rank
-        )
-
-        later_non_vulnerable_versions = list(later_non_vulnerable_versions)
+        later_non_vulnerable = non_vulnerable_versions.filter(
+            version_rank__gte=self.version_rank
+        ).order_by("version_rank")
 
-        if later_non_vulnerable_versions:
-            sorted_versions = later_non_vulnerable_versions
-            next_non_vulnerable = sorted_versions[0]
-            latest_non_vulnerable = sorted_versions[-1]
-            return next_non_vulnerable, latest_non_vulnerable
+        if later_non_vulnerable.exists():
+            return later_non_vulnerable.first(), later_non_vulnerable.last()
 
         return None, None
 
