4141from vulnerabilities .models import VulnerabilitySeverity
4242from vulnerabilities .models import Weakness
4343from vulnerabilities .throttling import PermissionBasedUserRateThrottle
44+ from vulnerabilities .utils import group_advisories_by_content
4445
4546
4647class CharInFilter (filters .BaseInFilter , filters .CharFilter ):
@@ -361,19 +362,39 @@ def get_affected_by_vulnerabilities(self, package):
361362
362363 latest_advisories = AdvisoryV2 .objects .latest_for_avids (avids )
363364 advisory_by_avid = {adv .avid : adv for adv in latest_advisories }
365+ impact_by_avid = {}
364366
365- result = {}
366-
367+ advisories = []
367368 for impact in impacts :
368369 avid = impact .advisory .avid
369370 advisory = advisory_by_avid .get (avid )
370371 if not advisory :
371372 continue
372- fixed_by_packages = [pkg .purl for pkg in impact .fixed_by_packages .all ()]
373- result [advisory .avid ] = {
374- "advisory_id" : advisory .avid ,
375- "fixed_by_packages" : fixed_by_packages ,
376- }
373+ advisories .append (advisory )
374+ impact_by_avid [avid ] = impact
375+
376+ grouped_advisories = group_advisories_by_content (advisories = advisories )
377+
378+ advs = []
379+
380+ for hash in grouped_advisories :
381+ advs .append (grouped_advisories [hash ])
382+
383+ result = []
384+
385+ for advisory in advs :
386+ primary_advisory = advisory ["primary" ]
387+ avid = primary_advisory .avid
388+ impact = impact_by_avid .get (avid )
389+ if not impact :
390+ continue
391+ result .append (
392+ {
393+ "advisory_id" : primary_advisory .avid ,
394+ "fixed_by_packages" : [pkg .purl for pkg in impact .fixed_by_packages .all ()],
395+ "duplicate_advisory_ids" : [adv .avid for adv in advisory ["secondary" ]],
396+ }
397+ )
377398
378399 return result
379400
@@ -384,7 +405,25 @@ def get_fixing_vulnerabilities(self, package):
384405
385406 latest_advisories = AdvisoryV2 .objects .latest_for_avids (avids )
386407
387- return [adv .avid for adv in latest_advisories ]
408+ grouped_advisories = group_advisories_by_content (advisories = latest_advisories )
409+
410+ advs = []
411+
412+ for hash in grouped_advisories :
413+ advs .append (grouped_advisories [hash ])
414+
415+ result = []
416+
417+ for advisory in advs :
418+ primary_advisory = advisory ["primary" ]
419+ result .append (
420+ {
421+ "advisory_id" : primary_advisory .avid ,
422+ "duplicate_advisory_ids" : [adv .avid for adv in advisory ["secondary" ]],
423+ }
424+ )
425+
426+ return result
388427
389428 def get_next_non_vulnerable_version (self , package ):
390429 if next_non_vulnerable := package .get_non_vulnerable_versions ()[0 ]:
@@ -1078,14 +1117,14 @@ def list(self, request, *args, **kwargs):
10781117 return self .get_paginated_response (
10791118 {
10801119 "packages" : serializer .data ,
1081- "advisories " : advisory_data ,
1120+ "advisories_by_id " : advisory_data ,
10821121 }
10831122 )
10841123
10851124 return Response (
10861125 {
10871126 "packages" : serializer .data ,
1088- "advisories " : advisory_data ,
1127+ "advisories_by_id " : advisory_data ,
10891128 }
10901129 )
10911130
@@ -1160,7 +1199,7 @@ def bulk_lookup(self, request):
11601199 return Response (
11611200 {
11621201 "packages" : package_data ,
1163- "advisories " : advisory_data ,
1202+ "advisories_by_id " : advisory_data ,
11641203 }
11651204 )
11661205
@@ -1254,7 +1293,7 @@ def bulk_search(self, request):
12541293 return Response (
12551294 {
12561295 "packages" : package_data ,
1257- "advisories " : advisory_data ,
1296+ "advisories_by_id " : advisory_data ,
12581297 }
12591298 )
12601299
@@ -1308,7 +1347,7 @@ def bulk_search(self, request):
13081347 return Response (
13091348 {
13101349 "packages" : package_data ,
1311- "advisories " : advisory_data ,
1350+ "advisories_by_id " : advisory_data ,
13121351 }
13131352 )
13141353
0 commit comments