API Endpoint: Get Package Count by Ecosystem

[Hubtrick-Git]

Added endpoint to retrieve amount of affected packages by ecosystem for @juliankepka frontend page.

[Copilot]

Pull request overview

This PR adds a new API endpoint /vulndb/affected-package-distribution/ to retrieve the count of affected packages grouped by ecosystem. The endpoint is intended for use in a frontend dashboard to display vulnerability distribution statistics.

Changes:

• Added new GET endpoint to the VulnDB router for retrieving ecosystem distribution
• Extended VulnDBController constructor to accept AffectedComponentRepository dependency
• Implemented GetEcosystemDistribution method that queries affected_components table and aggregates by ecosystem prefix

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 5 comments.

File	Description
router/vulndb_router.go	Registered new /affected-package-distribution/ GET route in VulnDB router
controllers/vulndb_controller.go	Added affectedComponentRepository dependency, implemented GetEcosystemDistribution endpoint with SQL aggregation and manual JSON construction

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The query SELECT ecosystem, COUNT(*) FROM affected_components GROUP BY ecosystem performs a full table scan and aggregation on the affected_components table, which could become slow as the table grows. Consider these optimizations:

1. Add an index on the ecosystem column if one doesn't already exist
2. Consider caching this result since ecosystem distribution is relatively static data
3. If the table is very large, consider using approximate counts or maintaining a materialized view

Since this appears to be a public endpoint (no authentication middleware on the vulndb router), performance is especially important to prevent potential DoS via repeated expensive queries.

[timbastin]

Just marshal the map 🙂