Change advisory ID for pypa importer

Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>

Author: TG1999

vulnerabilities/pipelines/v2_importers/pypa_importer.py

@@ -59,11 +59,14 @@ def collect_advisories(self) -> Iterable[AdvisoryDataV2]:
             )
             advisory_text = advisory.read_text()
             advisory_dict = saneyaml.load(advisory_text)
+            advisory_path = advisory.relative_to(base_directory)
+            advisory_id = advisory_path.parent.stem + "/" + advisory_path.stem
             yield parse_advisory_data_v3(
                 raw_data=advisory_dict,
                 supported_ecosystems=["pypi"],
                 advisory_url=advisory_url,
                 advisory_text=advisory_text,
+                advisory_id=advisory_id,
             )
 
     def clean_downloads(self):

vulnerabilities/pipes/osv_v2.py

@@ -59,13 +59,18 @@
 
 
 def parse_advisory_data_v3(
-    raw_data: dict, supported_ecosystems, advisory_url: str, advisory_text: str
+    raw_data: dict,
+    supported_ecosystems,
+    advisory_url: str,
+    advisory_text: str,
+    advisory_id: Optional[str] = None,
 ) -> Optional[AdvisoryDataV2]:
     """
     Return an AdvisoryData build from a ``raw_data`` mapping of OSV advisory and
     a ``supported_ecosystem`` string.
     """
-    advisory_id = raw_data.get("id") or ""
+    if not advisory_id:
+        advisory_id = raw_data.get("id") or ""
     if not advisory_id:
         logger.error(f"Missing advisory id in OSV data: {raw_data}")
         return None