adds automigrate, adds license risk deduplication

Author: timbastin

integrationtestutil/db_init.go

@@ -7,6 +7,7 @@ import (
 
 	"github.com/l3montree-dev/devguard/internal/core"
 	"github.com/l3montree-dev/devguard/internal/database"
+	"github.com/l3montree-dev/devguard/internal/database/models"
 	"github.com/testcontainers/testcontainers-go"
 	"github.com/testcontainers/testcontainers-go/modules/postgres"
 )
@@ -49,5 +50,26 @@ func InitDatabaseContainer(initDBSQLPath string) (core.DB, func()) {
 		panic(err)
 	}
 
+	// automigrate ALL models
+	if err := db.AutoMigrate(
+		&models.Org{},
+		&models.Project{},
+		&models.Asset{},
+		&models.AssetVersion{},
+		&models.CVE{},
+		&models.DependencyVuln{},
+		&models.VulnEvent{},
+		&models.Exploit{},
+		&models.ComponentDependency{},
+		&models.LicenseRisk{},
+		&models.AssetRiskHistory{},
+		&models.ProjectRiskHistory{},
+		&models.Weakness{},
+		&models.GitLabIntegration{},
+	); err != nil {
+		log.Printf("failed to auto migrate models: %s", err)
+		panic(err)
+	}
+
 	return db, terminate
 }

internal/core/vuln/license_risk_service.go

@@ -47,6 +47,9 @@ func (service *LicenseRiskService) FindLicenseRisksInComponents(assetVersion mod
 	//collect all risks before saving to the database, should be more efficient
 	allLicenseRisks := []models.LicenseRisk{}
 	allVulnEvents := []models.VulnEvent{}
+	// track which license risks we've already processed to prevent duplicates
+	processedLicenseRisks := make(map[string]struct{})
+
 	//go over every component and check if the license is a valid osi license; if not we can create a license risk with the provided information
 	for _, component := range components {
 
@@ -66,11 +69,17 @@ func (service *LicenseRiskService) FindLicenseRisksInComponents(assetVersion mod
 				FinalLicenseDecision: "",
 				ComponentPurl:        component.Purl,
 			}
-			allLicenseRisks = append(allLicenseRisks, licenseRisk)
-			ev := models.NewDetectedEvent(licenseRisk.CalculateHash(), models.VulnTypeLicenseRisk, "system", common.RiskCalculationReport{}, scannerID)
-			// apply the event on the dependencyVuln
-			ev.Apply(&licenseRisk)
-			allVulnEvents = append(allVulnEvents, ev)
+
+			// Check if we've already processed this license risk to avoid duplicates
+			riskHash := licenseRisk.CalculateHash()
+			if _, processed := processedLicenseRisks[riskHash]; !processed {
+				processedLicenseRisks[riskHash] = struct{}{}
+				allLicenseRisks = append(allLicenseRisks, licenseRisk)
+				ev := models.NewDetectedEvent(riskHash, models.VulnTypeLicenseRisk, "system", common.RiskCalculationReport{}, scannerID)
+				// apply the event on the dependencyVuln
+				ev.Apply(&licenseRisk)
+				allVulnEvents = append(allVulnEvents, ev)
+			}
 		}
 	}
 	err = service.licenseRiskRepository.SaveBatch(nil, allLicenseRisks)