Apply suggestions from code review

Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>

Author: TG1999

CHANGELOG.rst

@@ -5,7 +5,7 @@ Release notes
 Version v31.1.1
 ---------------
 
-- We re-enabled support for the Apache HTTPD securities advisories importer.
+- We re-enabled support for the Apache HTTPD security advisories importer.
 
 
 Version v31.1.0

vulnerabilities/importers/apache_httpd.py

@@ -14,7 +14,7 @@
 from bs4 import BeautifulSoup
 from packageurl import PackageURL
 from univers.version_constraint import VersionConstraint
-from univers.version_range import GenericVersionRange
+from univers.version_range import ApacheVersionRange
 from univers.versions import SemverVersion
 
 from vulnerabilities.importer import AdvisoryData
@@ -29,7 +29,7 @@ class ApacheHTTPDImporter(Importer):
 
     base_url = "https://httpd.apache.org/security/json/"
     spdx_license_expression = "Apache-2.0"
-    license_url = "https://www.apache.org/licenses/"
+    license_url = "https://www.apache.org/licenses/LICENSE-2.0"
 
     def advisory_data(self):
         links = fetch_links(self.base_url)
@@ -72,7 +72,7 @@ def to_advisory(self, data):
                     versions_data.append(version_data)
 
         fixed_versions = []
-        for timeline_object in data["timeline"]:
+        for timeline_object in data.get("timeline") or []:
             timeline_value = timeline_object["value"]
             if "release" in timeline_value:
                 split_timeline_value = timeline_value.split(" ")
@@ -89,8 +89,8 @@ def to_advisory(self, data):
             affected_packages.append(
                 AffectedPackage(
                     package=PackageURL(
-                        type="generic",
-                        name="apache_httpd",
+                        type="apache",
+                        name="httpd",
                     ),
                     affected_version_range=affected_version_range,
                 )
@@ -132,7 +132,7 @@ def to_version_ranges(self, versions_data, fixed_versions):
                 ).invert()
             )
 
-        return GenericVersionRange(constraints=constraints)
+        return ApacheVersionRange(constraints=constraints)
 
 
 def fetch_links(url):

vulnerabilities/tests/test_apache_httpd.py

@@ -12,7 +12,7 @@
 
 import pytest
 from univers.version_constraint import VersionConstraint
-from univers.version_range import GenericVersionRange
+from univers.version_range import ApacheVersionRange
 from univers.versions import SemverVersion
 
 from vulnerabilities.importers.apache_httpd import ApacheHTTPDImporter
@@ -41,7 +41,7 @@ def test_to_version_ranges():
     affected_version_range = ApacheHTTPDImporter().to_version_ranges(data, fixed_versions)
 
     assert (
-        GenericVersionRange(
+        ApacheVersionRange(
             constraints=(
                 VersionConstraint(comparator="=", version=SemverVersion(string="1.3.1")),
                 VersionConstraint(comparator="<=", version=SemverVersion(string="2.3.4")),

vulnerabilities/tests/test_data/apache_httpd/CVE-1999-1199-apache-httpd-expected.json

@@ -6,14 +6,14 @@
   "affected_packages": [
     {
       "package": {
-        "type": "generic",
+        "type": "apache",
         "namespace": null,
-        "name": "apache_httpd",
+        "name": "httpd",
         "version": null,
         "qualifiers": null,
         "subpath": null
       },
-      "affected_version_range": "vers:generic/1.3.0|1.3.1|!=1.3.2",
+      "affected_version_range": "vers:apache/1.3.0|1.3.1|!=1.3.2",
       "fixed_version": null
     }
   ],

vulnerabilities/tests/test_data/apache_httpd/CVE-2017-9798-apache-httpd-expected.json

@@ -6,14 +6,14 @@
   "affected_packages": [
     {
       "package": {
-        "type": "generic",
+        "type": "apache",
         "namespace": null,
-        "name": "apache_httpd",
+        "name": "httpd",
         "version": null,
         "qualifiers": null,
         "subpath": null
       },
-      "affected_version_range": "vers:generic/2.2.0|2.2.2|2.2.3|2.2.4|2.2.5|2.2.6|2.2.8|2.2.9|2.2.10|2.2.11|2.2.12|2.2.13|2.2.14|2.2.15|2.2.16|2.2.17|2.2.18|2.2.19|2.2.20|2.2.21|2.2.22|2.2.23|2.2.24|2.2.25|2.2.26|2.2.27|2.2.29|2.2.31|2.2.32|2.2.34|2.4.1|2.4.2|2.4.3|2.4.4|2.4.6|2.4.7|2.4.9|2.4.10|2.4.12|2.4.16|2.4.17|2.4.18|2.4.20|2.4.23|2.4.25|2.4.26|2.4.27|!=2.4.28",
+      "affected_version_range": "vers:apache/2.2.0|2.2.2|2.2.3|2.2.4|2.2.5|2.2.6|2.2.8|2.2.9|2.2.10|2.2.11|2.2.12|2.2.13|2.2.14|2.2.15|2.2.16|2.2.17|2.2.18|2.2.19|2.2.20|2.2.21|2.2.22|2.2.23|2.2.24|2.2.25|2.2.26|2.2.27|2.2.29|2.2.31|2.2.32|2.2.34|2.4.1|2.4.2|2.4.3|2.4.4|2.4.6|2.4.7|2.4.9|2.4.10|2.4.12|2.4.16|2.4.17|2.4.18|2.4.20|2.4.23|2.4.25|2.4.26|2.4.27|!=2.4.28",
       "fixed_version": null
     }
   ],

vulnerabilities/tests/test_data/apache_httpd/CVE-2021-44224-apache-httpd-expected.json

@@ -6,14 +6,14 @@
   "affected_packages": [
     {
       "package": {
-        "type": "generic",
+        "type": "apache",
         "namespace": null,
-        "name": "apache_httpd",
+        "name": "httpd",
         "version": null,
         "qualifiers": null,
         "subpath": null
       },
-      "affected_version_range": "vers:generic/>=2.4.7|<=2.4.51|!=2.4.52",
+      "affected_version_range": "vers:apache/>=2.4.7|<=2.4.51|!=2.4.52",
       "fixed_version": null
     }
   ],

vulnerabilities/tests/test_data/apache_httpd/CVE-2022-28614-apache-httpd-expected.json

@@ -6,14 +6,14 @@
   "affected_packages": [
     {
       "package": {
-        "type": "generic",
+        "type": "apache",
         "namespace": null,
-        "name": "apache_httpd",
+        "name": "httpd",
         "version": null,
         "qualifiers": null,
         "subpath": null
       },
-      "affected_version_range": "vers:generic/<=2.4.53|!=2.4.54",
+      "affected_version_range": "vers:apache/<=2.4.53|!=2.4.54",
       "fixed_version": null
     }
   ],