aboutcode-org
diff --git a/‎vulnerabilities/importers/__init__.py‎
Lines changed: 6 additions & 0 deletions b/‎vulnerabilities/importers/__init__.py‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎vulnerabilities/migrations/0092_advisoryalias_advisoryreference_advisoryseverity_and_more.py‎
Lines changed: 140 additions & 9 deletions b/‎vulnerabilities/migrations/0092_advisoryalias_advisoryreference_advisoryseverity_and_more.py‎
Lines changed: 140 additions & 9 deletions
diff --git a/‎vulnerabilities/migrations/0093_alter_advisoryreference_reference_id.py‎
Lines changed: 23 additions & 0 deletions b/‎vulnerabilities/migrations/0093_alter_advisoryreference_reference_id.py‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎vulnerabilities/migrations/0093_packagev2_remove_advisoryv2_affected_packages_and_more.py‎
Lines changed: 0 additions & 132 deletions b/‎vulnerabilities/migrations/0093_packagev2_remove_advisoryv2_affected_packages_and_more.py‎
Lines changed: 0 additions & 132 deletions
@@ -43,12 +43,18 @@
 from vulnerabilities.pipelines import nvd_importer
 from vulnerabilities.pipelines import pypa_importer
 from vulnerabilities.pipelines import pysec_importer
+from vulnerabilities.pipelines.v2_importers import apache_httpd_pipeline_v2 as apache_httpd_v2
 from vulnerabilities.pipelines.v2_importers import github_importer as github_importer_v2
+from vulnerabilities.pipelines.v2_importers import npm_importer as npm_importer_v2
 from vulnerabilities.pipelines.v2_importers import nvd_importer as nvd_importer_v2
+from vulnerabilities.pipelines.v2_importers import vulnrichment_importer as vulnrichment_importer_v2
 
 IMPORTERS_REGISTRY = [
     nvd_importer_v2.NVDImporterPipeline,
     github_importer_v2.GitHubAPIImporterPipeline,
+    npm_importer_v2.NpmImporterPipeline,
+    vulnrichment_importer_v2.VulnrichImporterPipeline,
+    apache_httpd_v2.ApacheHTTPDImporterPipeline,
     nvd_importer.NVDImporterPipeline,
     github_importer.GitHubAPIImporterPipeline,
     gitlab_importer.GitLabImporterPipeline,
 
@@ -1,4 +1,4 @@
-# Generated by Django 4.2.20 on 2025-04-24 09:58
+# Generated by Django 4.2.20 on 2025-05-21 05:33
 
 from django.db import migrations, models
 
@@ -152,6 +152,103 @@ class Migration(migrations.Migration):
                 ("cwe_id", models.IntegerField(help_text="CWE id")),
             ],
         ),
+        migrations.CreateModel(
+            name="PackageV2",
+            fields=[
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
+                    ),
+                ),
+                (
+                    "type",
+                    models.CharField(
+                        blank=True,
+                        help_text="A short code to identify the type of this package. For example: gem for a Rubygem, docker for a container, pypi for a Python Wheel or Egg, maven for a Maven Jar, deb for a Debian package, etc.",
+                        max_length=16,
+                    ),
+                ),
+                (
+                    "namespace",
+                    models.CharField(
+                        blank=True,
+                        help_text="Package name prefix, such as Maven groupid, Docker image owner, GitHub user or organization, etc.",
+                        max_length=255,
+                    ),
+                ),
+                (
+                    "name",
+                    models.CharField(blank=True, help_text="Name of the package.", max_length=100),
+                ),
+                (
+                    "version",
+                    models.CharField(
+                        blank=True, help_text="Version of the package.", max_length=100
+                    ),
+                ),
+                (
+                    "qualifiers",
+                    models.CharField(
+                        blank=True,
+                        help_text="Extra qualifying data for a package such as the name of an OS, architecture, distro, etc.",
+                        max_length=1024,
+                    ),
+                ),
+                (
+                    "subpath",
+                    models.CharField(
+                        blank=True,
+                        help_text="Extra subpath within a package, relative to the package root.",
+                        max_length=200,
+                    ),
+                ),
+                (
+                    "package_url",
+                    models.CharField(
+                        db_index=True,
+                        help_text="The Package URL for this package.",
+                        max_length=1000,
+                    ),
+                ),
+                (
+                    "plain_package_url",
+                    models.CharField(
+                        db_index=True,
+                        help_text="The Package URL for this package without qualifiers and subpath.",
+                        max_length=1000,
+                    ),
+                ),
+                (
+                    "is_ghost",
+                    models.BooleanField(
+                        db_index=True,
+                        default=False,
+                        help_text="True if the package does not exist in the upstream package manager or its repository.",
+                    ),
+                ),
+                (
+                    "risk_score",
+                    models.DecimalField(
+                        decimal_places=1,
+                        help_text="Risk score between 0.00 and 10.00, where higher values indicate greater vulnerability risk for the package.",
+                        max_digits=3,
+                        null=True,
+                    ),
+                ),
+                (
+                    "version_rank",
+                    models.IntegerField(
+                        db_index=True,
+                        default=0,
+                        help_text="Rank of the version to support ordering by version. Rank zero means the rank has not been defined yet",
+                    ),
+                ),
+            ],
+            options={
+                "abstract": False,
+            },
+        ),
         migrations.CreateModel(
             name="AdvisoryV2",
             fields=[
@@ -177,14 +274,6 @@ class Migration(migrations.Migration):
                     ),
                 ),
                 ("summary", models.TextField(blank=True)),
-                (
-                    "affected_packages",
-                    models.JSONField(
-                        blank=True,
-                        default=list,
-                        help_text="A list of serializable AffectedPackage objects",
-                    ),
-                ),
                 (
                     "date_published",
                     models.DateTimeField(
@@ -211,6 +300,40 @@ class Migration(migrations.Migration):
                     ),
                 ),
                 ("url", models.URLField(help_text="Link to the advisory on the upstream website")),
+                (
+                    "status",
+                    models.IntegerField(
+                        choices=[(1, "Published"), (2, "Disputed"), (3, "Invalid")], default=1
+                    ),
+                ),
+                (
+                    "exploitability",
+                    models.DecimalField(
+                        blank=True,
+                        decimal_places=1,
+                        help_text="Exploitability indicates the likelihood that a vulnerability in a software package could be used by malicious actors to compromise systems, applications, or networks. This metric is determined automatically based on the discovery of known exploits.",
+                        max_digits=2,
+                        null=True,
+                    ),
+                ),
+                (
+                    "weighted_severity",
+                    models.DecimalField(
+                        blank=True,
+                        decimal_places=1,
+                        help_text="Weighted severity is the highest value calculated by multiplying each severity by its corresponding weight, divided by 10.",
+                        max_digits=3,
+                        null=True,
+                    ),
+                ),
+                (
+                    "affecting_packages",
+                    models.ManyToManyField(
+                        help_text="A list of packages that are affected by this advisory.",
+                        related_name="fixing_advisories",
+                        to="vulnerabilities.packagev2",
+                    ),
+                ),
                 (
                     "aliases",
                     models.ManyToManyField(
@@ -219,6 +342,14 @@ class Migration(migrations.Migration):
                         to="vulnerabilities.advisoryalias",
                     ),
                 ),
+                (
+                    "fixed_by_packages",
+                    models.ManyToManyField(
+                        help_text="A list of packages that are reported by this advisory.",
+                        related_name="affected_by_advisories",
+                        to="vulnerabilities.packagev2",
+                    ),
+                ),
                 (
                     "references",
                     models.ManyToManyField(
 
@@ -0,0 +1,23 @@
+# Generated by Django 4.2.20 on 2025-05-21 06:40
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("vulnerabilities", "0092_advisoryalias_advisoryreference_advisoryseverity_and_more"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="advisoryreference",
+            name="reference_id",
+            field=models.CharField(
+                blank=True,
+                db_index=True,
+                help_text="An optional reference ID, such as DSA-4465-1 when available",
+                max_length=500,
+            ),
+        ),
+    ]