From ebc4bab308d3508da416fae4d704d95ff469fc0d Mon Sep 17 00:00:00 2001 From: Hubtrick-Git Date: Wed, 6 May 2026 15:14:51 +0200 Subject: [PATCH 1/3] remove obsolete index and improve osv test coverage --- ...te_index_on_cve_affected_components.up.sql | 1 + tests/osv_service_test.go | 32 +++++++++++++++++++ vulndb/osv_service.go | 4 ++- 3 files changed, 36 insertions(+), 1 deletion(-) create mode 100644 database/migrations/20260506094859_remove_obsolete_index_on_cve_affected_components.up.sql diff --git a/database/migrations/20260506094859_remove_obsolete_index_on_cve_affected_components.up.sql b/database/migrations/20260506094859_remove_obsolete_index_on_cve_affected_components.up.sql new file mode 100644 index 000000000..9a9ae2a20 --- /dev/null +++ b/database/migrations/20260506094859_remove_obsolete_index_on_cve_affected_components.up.sql @@ -0,0 +1 @@ +DROP INDEX public.idx_cve_affected_component_cve_id_aff_comp_id; diff --git a/tests/osv_service_test.go b/tests/osv_service_test.go index af19b79f9..7a4a2a14f 100644 --- a/tests/osv_service_test.go +++ b/tests/osv_service_test.go @@ -5,6 +5,7 @@ import ( "fmt" "log/slog" "slices" + "strings" "testing" "github.com/jackc/pgx/v5" @@ -29,6 +30,27 @@ func TestOSVPostInsertCleanup(t *testing.T) { err = vulndb.PrepareBulkInsert(ctx, tx) assert.NoError(t, err) + cleanedConstraints, cleanedIndexes, err := getCurrentIndexAndConstraintState(ctx, tx) + assert.NoError(t, err) + assert.Len(t, cleanedIndexes, 2, "only the primary key indexes of cves and cve_relationships should remain for the import to detect ON CONFLICT triggers") + for table, indexes := range cleanedIndexes { + if table == "cves" || table == "cve_relationships" { + assert.Len(t, indexes, 1) + assert.Equal(t, table+"_pkey", indexes[0]) + } else { + t.Fail() + } + } + for table, constraints := range cleanedConstraints { + switch table { + case "cves", "cve_relationships": + assert.Equal(t, 1, amountOfNonNotNullConstraintsInSlice(constraints), "the primary key should still be in place as previously mentioned") + case "affected_components", "cve_affected_component": + assert.Equal(t, 0, amountOfNonNotNullConstraintsInSlice(constraints), "for the other tables all non not_null constraints should be removed") + default: + t.Fail() + } + } err = vulndb.AddIndexesAndConstraints(ctx, tx) assert.NoError(t, err) @@ -53,6 +75,16 @@ func TestOSVPostInsertCleanup(t *testing.T) { }) } +func amountOfNonNotNullConstraintsInSlice(constraints []string) int { + amount := 0 + for _, constraint := range constraints { + if !strings.Contains(constraint, "not_null") { + amount++ + } + } + return amount +} + func getCurrentIndexAndConstraintState(ctx context.Context, tx pgx.Tx) (map[string][]string, map[string][]string, error) { type constraintForTable struct { TableName string diff --git a/vulndb/osv_service.go b/vulndb/osv_service.go index 39cd8d159..e4f89fac6 100644 --- a/vulndb/osv_service.go +++ b/vulndb/osv_service.go @@ -647,7 +647,8 @@ func PrepareBulkInsert(ctx context.Context, tx pgx.Tx) error { ALTER TABLE public.vex_rules DROP CONSTRAINT IF EXISTS fk_vex_rules_cve; -- then drop all primary key (and unique) constraints - -- do not drop cves_pkey since we still need that index to detect and resolve indexes + -- do not drop cves_pkey since we still need that index to detect and resolve duplicates + -- do not drop cve_relationships_pkey since we need that index to detect ON CONFLICT ALTER TABLE public.cves DROP CONSTRAINT IF EXISTS cves_cve_unique; ALTER TABLE affected_components DROP CONSTRAINT IF EXISTS affected_components_pkey; ALTER TABLE cve_affected_component DROP CONSTRAINT IF EXISTS cve_affected_component_pkey; @@ -667,6 +668,7 @@ func PrepareBulkInsert(ctx context.Context, tx pgx.Tx) error { DROP INDEX IF EXISTS cve_affected_component_affected_component_id; DROP INDEX IF EXISTS cve_affected_component_cve_id; + DROP INDEX IF EXISTS idx_cve_affected_component_cve_id_aff_comp_id; DROP INDEX IF EXISTS idx_cve_relationships_target_cve;`) if err != nil { From 66a46983b7451bf220680aacd10f7e9f37c9fb5c Mon Sep 17 00:00:00 2001 From: Hubtrick-Git Date: Wed, 6 May 2026 15:15:08 +0200 Subject: [PATCH 2/3] remove all down migrations --- .../20250801103400_migration.down.sql | 15 -- ...e_delete_project_enabled_policies.down.sql | 15 -- ...1615_code_risks_multiple_snippets.down.sql | 15 -- ...0801115325_add_fingerprint_column.down.sql | 15 -- ...dd_shares_vuln_information_column.down.sql | 15 -- ...6_add_vuln_auto_reopen_after_days.down.sql | 15 -- ...811103154_add_repository_provider.down.sql | 15 -- ...0813113628_update_debian_licenses.down.sql | 15 -- .../20250818164407_adds_avatars.down.sql | 15 -- ..._add_risk_distribution_to_history.down.sql | 15 -- ...0821102442_remove_cves_columns.up.down.sql | 15 -- .../20250821102935_add_artifacts.down.sql | 197 ------------------ ...2131113_add_component_foreign_key.down.sql | 15 -- .../20250827071338_add_releases.down.sql | 15 -- ...250828155058_add_last_accessed_at.down.sql | 16 -- ...50828161853_add_attestations_pkey.down.sql | 15 -- ...721_add_external_entity_parent_id.down.sql | 15 -- ...0250829095702_add_missing_indices.down.sql | 15 -- .../20250903072552_drop_cpe_matches.down.sql | 15 -- .../20250904072716_fingerprint_idx.down.sql | 15 -- ...2950_delete_dep_vulns_without_cve.down.sql | 15 -- ...12540_drop_attestation_scanner_id.down.sql | 3 - ...335_add_metadata_column_to_assets.down.sql | 3 - ...23094634_delete_deleted_at_column.down.sql | 3 - .../20250926115507_nil_opaque_id.down.sql | 15 -- .../20251009074354_public_asset.down.sql | 3 - .../20251011142707_asset_permissions.down.sql | 17 -- ...23110603_add_artifact_links_table.down.sql | 15 -- ...23110850_add_default_node_to_sbom.down.sql | 15 -- ...add_upstream_and_paranoia_columns.down.sql | 15 -- ...31092922_asset_shares_information.down.sql | 15 -- ...51103152514_fix_default_migration.down.sql | 15 -- ...ependency_vuln_foreign_key_update.down.sql | 15 -- .../20251213134055_pipeline_errors.down.sql | 15 -- ...tifact_dependency_vuln_constraint.down.sql | 15 -- ...1214112317_add_malicious_packages.down.sql | 15 -- .../20251230150234_cve_relationships.down.sql | 15 -- ...60114131136_remove_version_column.down.sql | 0 ...14142512_fix_foreign_key_cascades.down.sql | 15 -- .../20260114142952_drop_depth_column.down.sql | 15 -- ...14143739_rename_component_columns.down.sql | 19 -- ...5241_delete_invalid_license_risks.down.sql | 15 -- ...dd_cve_relationships_foreign_keys.down.sql | 17 -- ...make_dependency_vuln_cve_required.down.sql | 32 --- ...100000_change_qualifiers_to_jsonb.down.sql | 16 -- ...elete_is_license_risk_overwritten.down.sql | 0 ...ove_fk_dependency_vulns_component.down.sql | 0 ...192251_malicious_components_jsonb.down.sql | 15 -- .../20260117090614_cleanup.down.sql | 0 ...124407_delete_badge_secret_column.down.sql | 15 -- ...0122083658_add_vulnerability_path.down.sql | 1 - ...0_add_path_pattern_to_vuln_events.down.sql | 3 - ...purl_distribution_to_risk_history.down.sql | 19 -- ...vex_rules_and_external_references.down.sql | 20 -- ...43_vex_rule_enabled_drop_upstream.down.sql | 22 -- ...00_add_created_by_vex_rule_column.down.sql | 18 -- ...nal_sbom_root_component_to_assets.down.sql | 17 -- ...0206102932_add_csaf_package_scope.down.sql | 14 -- ...20260218171852_add-state-property.down.sql | 20 -- ...4170435_recover_missing_migration.down.sql | 2 - ..._add_vuln_id_index_to_vuln_events.down.sql | 0 ...001_convert_btree_to_hash_indices.down.sql | 0 .../20260323134658_fix-duplicates.down.sql | 0 ...d_direct_dependency_fixed_version.down.sql | 14 -- ...134660_add_trusted_entities_model.down.sql | 15 -- .../20260323134661_refactor_vuln_ids.down.sql | 15 -- ...ribution_to_artifact_risk_history.down.sql | 9 - ...63018_add_dependency_proxy_secret.down.sql | 16 -- ...0415090935_refactor-vulndb-tables.down.sql | 15 -- ...tree_index_cve_affected_component.down.sql | 2 - ...504101108_drop_updated_created_at.down.sql | 21 -- 71 files changed, 1094 deletions(-) delete mode 100644 database/migrations/20250801103400_migration.down.sql delete mode 100644 database/migrations/20250801103405_add_cascade_delete_project_enabled_policies.down.sql delete mode 100644 database/migrations/20250801111615_code_risks_multiple_snippets.down.sql delete mode 100644 database/migrations/20250801115325_add_fingerprint_column.down.sql delete mode 100644 database/migrations/20250801170509_add_shares_vuln_information_column.down.sql delete mode 100644 database/migrations/20250802184646_add_vuln_auto_reopen_after_days.down.sql delete mode 100644 database/migrations/20250811103154_add_repository_provider.down.sql delete mode 100644 database/migrations/20250813113628_update_debian_licenses.down.sql delete mode 100644 database/migrations/20250818164407_adds_avatars.down.sql delete mode 100644 database/migrations/20250819171907_add_risk_distribution_to_history.down.sql delete mode 100644 database/migrations/20250821102442_remove_cves_columns.up.down.sql delete mode 100644 database/migrations/20250821102935_add_artifacts.down.sql delete mode 100644 database/migrations/20250822131113_add_component_foreign_key.down.sql delete mode 100644 database/migrations/20250827071338_add_releases.down.sql delete mode 100644 database/migrations/20250828155058_add_last_accessed_at.down.sql delete mode 100644 database/migrations/20250828161853_add_attestations_pkey.down.sql delete mode 100644 database/migrations/20250829073721_add_external_entity_parent_id.down.sql delete mode 100644 database/migrations/20250829095702_add_missing_indices.down.sql delete mode 100644 database/migrations/20250903072552_drop_cpe_matches.down.sql delete mode 100644 database/migrations/20250904072716_fingerprint_idx.down.sql delete mode 100644 database/migrations/20250904072950_delete_dep_vulns_without_cve.down.sql delete mode 100644 database/migrations/20250918112540_drop_attestation_scanner_id.down.sql delete mode 100644 database/migrations/20250919112335_add_metadata_column_to_assets.down.sql delete mode 100644 database/migrations/20250923094634_delete_deleted_at_column.down.sql delete mode 100644 database/migrations/20250926115507_nil_opaque_id.down.sql delete mode 100644 database/migrations/20251009074354_public_asset.down.sql delete mode 100644 database/migrations/20251011142707_asset_permissions.down.sql delete mode 100644 database/migrations/20251023110603_add_artifact_links_table.down.sql delete mode 100644 database/migrations/20251023110850_add_default_node_to_sbom.down.sql delete mode 100644 database/migrations/20251023111226_add_upstream_and_paranoia_columns.down.sql delete mode 100644 database/migrations/20251031092922_asset_shares_information.down.sql delete mode 100644 database/migrations/20251103152514_fix_default_migration.down.sql delete mode 100644 database/migrations/20251112102935_cascade_dependency_vuln_foreign_key_update.down.sql delete mode 100644 database/migrations/20251213134055_pipeline_errors.down.sql delete mode 100644 database/migrations/20251214112316_artifact_dependency_vuln_constraint.down.sql delete mode 100644 database/migrations/20251214112317_add_malicious_packages.down.sql delete mode 100644 database/migrations/20251230150234_cve_relationships.down.sql delete mode 100644 database/migrations/20260114131136_remove_version_column.down.sql delete mode 100644 database/migrations/20260114142512_fix_foreign_key_cascades.down.sql delete mode 100644 database/migrations/20260114142952_drop_depth_column.down.sql delete mode 100644 database/migrations/20260114143739_rename_component_columns.down.sql delete mode 100644 database/migrations/20260114145241_delete_invalid_license_risks.down.sql delete mode 100644 database/migrations/20260114155810_add_cve_relationships_foreign_keys.down.sql delete mode 100644 database/migrations/20260114160930_make_dependency_vuln_cve_required.down.sql delete mode 100644 database/migrations/20260115100000_change_qualifiers_to_jsonb.down.sql delete mode 100644 database/migrations/20260116162639_delete_is_license_risk_overwritten.down.sql delete mode 100644 database/migrations/20260116174850_remove_fk_dependency_vulns_component.down.sql delete mode 100644 database/migrations/20260116192251_malicious_components_jsonb.down.sql delete mode 100644 database/migrations/20260117090614_cleanup.down.sql delete mode 100644 database/migrations/20260119124407_delete_badge_secret_column.down.sql delete mode 100644 database/migrations/20260122083658_add_vulnerability_path.down.sql delete mode 100644 database/migrations/20260125100000_add_path_pattern_to_vuln_events.down.sql delete mode 100644 database/migrations/20260127100000_add_cve_purl_distribution_to_risk_history.down.sql delete mode 100644 database/migrations/20260202000000_add_vex_rules_and_external_references.down.sql delete mode 100644 database/migrations/20260203083743_vex_rule_enabled_drop_upstream.down.sql delete mode 100644 database/migrations/20260203084000_add_created_by_vex_rule_column.down.sql delete mode 100644 database/migrations/20260204084100_add_keep_original_sbom_root_component_to_assets.down.sql delete mode 100644 database/migrations/20260206102932_add_csaf_package_scope.down.sql delete mode 100644 database/migrations/20260218171852_add-state-property.down.sql delete mode 100644 database/migrations/20260304170435_recover_missing_migration.down.sql delete mode 100644 database/migrations/20260306000000_add_vuln_id_index_to_vuln_events.down.sql delete mode 100644 database/migrations/20260306000001_convert_btree_to_hash_indices.down.sql delete mode 100644 database/migrations/20260323134658_fix-duplicates.down.sql delete mode 100644 database/migrations/20260323134659_add_direct_dependency_fixed_version.down.sql delete mode 100644 database/migrations/20260323134660_add_trusted_entities_model.down.sql delete mode 100644 database/migrations/20260323134661_refactor_vuln_ids.down.sql delete mode 100644 database/migrations/20260402110000_add_fixable_distribution_to_artifact_risk_history.down.sql delete mode 100644 database/migrations/20260410163018_add_dependency_proxy_secret.down.sql delete mode 100644 database/migrations/20260415090935_refactor-vulndb-tables.down.sql delete mode 100644 database/migrations/20260504000000_add_btree_index_cve_affected_component.down.sql delete mode 100644 database/migrations/20260504101108_drop_updated_created_at.down.sql diff --git a/database/migrations/20250801103400_migration.down.sql b/database/migrations/20250801103400_migration.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250801103400_migration.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250801103405_add_cascade_delete_project_enabled_policies.down.sql b/database/migrations/20250801103405_add_cascade_delete_project_enabled_policies.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250801103405_add_cascade_delete_project_enabled_policies.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250801111615_code_risks_multiple_snippets.down.sql b/database/migrations/20250801111615_code_risks_multiple_snippets.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250801111615_code_risks_multiple_snippets.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250801115325_add_fingerprint_column.down.sql b/database/migrations/20250801115325_add_fingerprint_column.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250801115325_add_fingerprint_column.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250801170509_add_shares_vuln_information_column.down.sql b/database/migrations/20250801170509_add_shares_vuln_information_column.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250801170509_add_shares_vuln_information_column.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250802184646_add_vuln_auto_reopen_after_days.down.sql b/database/migrations/20250802184646_add_vuln_auto_reopen_after_days.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250802184646_add_vuln_auto_reopen_after_days.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250811103154_add_repository_provider.down.sql b/database/migrations/20250811103154_add_repository_provider.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250811103154_add_repository_provider.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250813113628_update_debian_licenses.down.sql b/database/migrations/20250813113628_update_debian_licenses.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250813113628_update_debian_licenses.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250818164407_adds_avatars.down.sql b/database/migrations/20250818164407_adds_avatars.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250818164407_adds_avatars.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250819171907_add_risk_distribution_to_history.down.sql b/database/migrations/20250819171907_add_risk_distribution_to_history.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250819171907_add_risk_distribution_to_history.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250821102442_remove_cves_columns.up.down.sql b/database/migrations/20250821102442_remove_cves_columns.up.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250821102442_remove_cves_columns.up.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250821102935_add_artifacts.down.sql b/database/migrations/20250821102935_add_artifacts.down.sql deleted file mode 100644 index 8fb0c5f31..000000000 --- a/database/migrations/20250821102935_add_artifacts.down.sql +++ /dev/null @@ -1,197 +0,0 @@ -TRUNCATE TABLE public.attestations; -ALTER TABLE public.attestations ADD COLUMN IF NOT EXISTS artifact_name TEXT NOT NULL; - -CREATE TABLE IF NOT EXISTS public.artifacts ( - artifact_name TEXT NOT NULL, - asset_version_name TEXT NOT NULL, - asset_id UUID NOT NULL -); - - -CREATE TABLE IF NOT EXISTS public.artifact_component_dependencies ( - artifact_artifact_name TEXT NOT NULL, - artifact_asset_version_name TEXT NOT NULL, - artifact_asset_id UUID NOT NULL, - component_dependency_id UUID NOT NULL -); - -CREATE TABLE IF NOT EXISTS public.artifact_dependency_vulns ( - artifact_artifact_name TEXT NOT NULL, - artifact_asset_version_name TEXT NOT NULL, - artifact_asset_id UUID NOT NULL, - dependency_vuln_id TEXT NOT NULL -); - -CREATE TABLE IF NOT EXISTS public.artifact_license_risks ( - artifact_artifact_name TEXT NOT NULL, - artifact_asset_version_name TEXT NOT NULL, - artifact_asset_id UUID NOT NULL, - license_risk_id TEXT NOT NULL -); - - -ALTER TABLE public.artifact_component_dependencies DROP CONSTRAINT IF EXISTS artifact_component_dependencies_pkey; -ALTER TABLE public.artifact_dependency_vulns DROP CONSTRAINT IF EXISTS artifact_dependency_vulns_pkey; -ALTER TABLE public.artifact_license_risks DROP CONSTRAINT IF EXISTS artifact_license_risks_pkey; -ALTER TABLE public.artifact_dependency_vulns DROP CONSTRAINT IF EXISTS fk_artifact_dependency_vulns_artifact; -ALTER TABLE public.artifact_license_risks DROP CONSTRAINT IF EXISTS fk_artifact_license_risks_artifact; -ALTER TABLE public.attestations DROP CONSTRAINT IF EXISTS fk_attestations_artifact; -ALTER TABLE public.artifact_component_dependencies DROP CONSTRAINT IF EXISTS fk_artifact_component_dependencies_artifact; -ALTER TABLE public.asset_versions DROP CONSTRAINT IF EXISTS fk_asset_versions_artifact; -ALTER TABLE public.artifact_license_risks DROP CONSTRAINT IF EXISTS fk_artifact_license_risks_license_risk; -ALTER TABLE public.artifact_dependency_vulns DROP CONSTRAINT IF EXISTS fk_artifact_dependency_vulns_dependency_vuln; -ALTER TABLE public.artifact_component_dependencies DROP CONSTRAINT IF EXISTS fk_artifact_component_dependencies_component_dependency; - -ALTER TABLE public.artifacts DROP CONSTRAINT IF EXISTS fk_artifacts_asset_versions; -ALTER TABLE public.artifacts DROP CONSTRAINT IF EXISTS artifacts_pkey; -ALTER TABLE public.license_risks DROP CONSTRAINT IF EXISTS license_risks_pkey; - - -ALTER TABLE ONLY public.artifacts - ADD CONSTRAINT artifacts_pkey PRIMARY KEY (artifact_name, asset_version_name, asset_id); - - - -ALTER TABLE ONLY public.artifact_component_dependencies - ADD CONSTRAINT artifact_component_dependencies_pkey PRIMARY KEY (artifact_artifact_name, artifact_asset_version_name, artifact_asset_id, component_dependency_id); - - -ALTER TABLE ONLY public.artifact_dependency_vulns - ADD CONSTRAINT artifact_dependency_vulns_pkey PRIMARY KEY (artifact_artifact_name, artifact_asset_version_name, artifact_asset_id, dependency_vuln_id); - - -ALTER TABLE ONLY public.artifact_license_risks - ADD CONSTRAINT artifact_license_risks_pkey PRIMARY KEY (artifact_artifact_name, artifact_asset_version_name, artifact_asset_id, license_risk_id); - -ALTER TABLE public.license_risks ADD CONSTRAINT license_risks_pkey PRIMARY KEY (id); - - -ALTER TABLE ONLY public.artifact_component_dependencies - ADD CONSTRAINT fk_artifact_component_dependencies_artifact FOREIGN KEY - (artifact_artifact_name, artifact_asset_version_name, artifact_asset_id) - REFERENCES public.artifacts (artifact_name, asset_version_name, asset_id) - ON DELETE CASCADE; - - -ALTER TABLE ONLY public.artifact_component_dependencies - ADD CONSTRAINT fk_artifact_component_dependencies_component_dependency FOREIGN KEY - (component_dependency_id) - REFERENCES public.component_dependencies (id) - ON DELETE CASCADE; - - -ALTER TABLE ONLY public.artifact_dependency_vulns - ADD CONSTRAINT fk_artifact_dependency_vulns_artifact FOREIGN KEY - (artifact_artifact_name, artifact_asset_version_name, artifact_asset_id) - REFERENCES public.artifacts (artifact_name, asset_version_name, asset_id) - ON DELETE CASCADE; - -ALTER TABLE ONLY public.artifact_dependency_vulns - ADD CONSTRAINT fk_artifact_dependency_vulns_dependency_vuln FOREIGN KEY - (dependency_vuln_id) - REFERENCES public.dependency_vulns (id) - ON DELETE CASCADE; - - - -ALTER TABLE ONLY public.artifact_license_risks - ADD CONSTRAINT fk_artifact_license_risks_artifact FOREIGN KEY - (artifact_artifact_name, artifact_asset_version_name, artifact_asset_id) - REFERENCES public.artifacts (artifact_name, asset_version_name, asset_id) - ON DELETE CASCADE; - -ALTER TABLE ONLY public.artifact_license_risks - ADD CONSTRAINT fk_artifact_license_risks_license_risk FOREIGN KEY - (license_risk_id) - REFERENCES public.license_risks (id) - ON DELETE CASCADE; - - -ALTER TABLE ONLY public.artifacts - ADD CONSTRAINT fk_artifacts_asset_versions FOREIGN KEY - (asset_version_name, asset_id) - REFERENCES public.asset_versions (name, asset_id) - ON DELETE CASCADE; - - ---- Read all scanner_ids of the component_dependencies and create corresponding artifacts --- -INSERT INTO public.artifacts (asset_id, asset_version_name, artifact_name) -SELECT DISTINCT - t.asset_id, - t.asset_version_name, - trim(sid) AS artifact_name -FROM public.component_dependencies t, -LATERAL regexp_split_to_table(t.scanner_ids, '\s+') sid -WHERE t.asset_version_name IS NOT NULL -ON CONFLICT (asset_id, asset_version_name, artifact_name) DO NOTHING; - ---- Recreate the relationship --- - -INSERT INTO public.artifact_component_dependencies ( - artifact_artifact_name, - artifact_asset_version_name, - artifact_asset_id, - component_dependency_id -) -SELECT DISTINCT - a.artifact_name, - a.asset_version_name, - a.asset_id, - cd.id -FROM public.component_dependencies cd -JOIN LATERAL regexp_split_to_table(cd.scanner_ids, '\s+') sid ON true -JOIN public.artifacts a - ON a.asset_id = cd.asset_id - AND a.asset_version_name = cd.asset_version_name - AND a.artifact_name = trim(sid) -ON CONFLICT (artifact_artifact_name, artifact_asset_version_name, artifact_asset_id, component_dependency_id) DO NOTHING; - - -INSERT INTO public.artifact_dependency_vulns ( - artifact_artifact_name, - artifact_asset_version_name, - artifact_asset_id, - dependency_vuln_id -) -SELECT DISTINCT - a.artifact_name AS artifact_artifact_name, - a.asset_version_name, - a.asset_id, - dv.id AS dependency_vuln_id -FROM public.dependency_vulns dv -JOIN LATERAL regexp_split_to_table(dv.scanner_ids, '\s+') sid ON true -JOIN public.artifacts a - ON a.asset_id = dv.asset_id - AND a.asset_version_name = dv.asset_version_name - AND a.artifact_name = trim(sid) -ON CONFLICT (artifact_artifact_name, artifact_asset_version_name, artifact_asset_id, dependency_vuln_id) DO NOTHING; - - -INSERT INTO public.artifact_license_risks ( - artifact_artifact_name, - artifact_asset_version_name, - artifact_asset_id, - license_risk_id -) -SELECT DISTINCT - a.artifact_name AS artifact_artifact_name, - a.asset_version_name, - a.asset_id, - lr.id AS license_risk_id -FROM public.license_risks lr -JOIN LATERAL regexp_split_to_table(lr.scanner_ids, '\s+') sid ON true -JOIN public.artifacts a - ON a.asset_id = lr.asset_id - AND a.asset_version_name = lr.asset_version_name - AND a.artifact_name = trim(sid) -ON CONFLICT (artifact_artifact_name, artifact_asset_version_name, artifact_asset_id, license_risk_id) DO NOTHING; - - -ALTER TABLE ONLY public.attestations - ADD CONSTRAINT fk_attestations_artifact FOREIGN KEY (artifact_name, asset_version_name, asset_id) - REFERENCES public.artifacts (artifact_name, asset_version_name, asset_id) - ON DELETE CASCADE; - -ALTER TABLE public.dependency_vulns DROP COLUMN IF EXISTS scanner_ids; -ALTER TABLE public.component_dependencies DROP COLUMN IF EXISTS scanner_ids; -ALTER TABLE public.license_risks DROP COLUMN IF EXISTS scanner_ids; \ No newline at end of file diff --git a/database/migrations/20250822131113_add_component_foreign_key.down.sql b/database/migrations/20250822131113_add_component_foreign_key.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250822131113_add_component_foreign_key.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250827071338_add_releases.down.sql b/database/migrations/20250827071338_add_releases.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250827071338_add_releases.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250828155058_add_last_accessed_at.down.sql b/database/migrations/20250828155058_add_last_accessed_at.down.sql deleted file mode 100644 index e48b586d1..000000000 --- a/database/migrations/20250828155058_add_last_accessed_at.down.sql +++ /dev/null @@ -1,16 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - --- Remove last_accessed_at column from asset_versions table diff --git a/database/migrations/20250828161853_add_attestations_pkey.down.sql b/database/migrations/20250828161853_add_attestations_pkey.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250828161853_add_attestations_pkey.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250829073721_add_external_entity_parent_id.down.sql b/database/migrations/20250829073721_add_external_entity_parent_id.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250829073721_add_external_entity_parent_id.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250829095702_add_missing_indices.down.sql b/database/migrations/20250829095702_add_missing_indices.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250829095702_add_missing_indices.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250903072552_drop_cpe_matches.down.sql b/database/migrations/20250903072552_drop_cpe_matches.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250903072552_drop_cpe_matches.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250904072716_fingerprint_idx.down.sql b/database/migrations/20250904072716_fingerprint_idx.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250904072716_fingerprint_idx.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250904072950_delete_dep_vulns_without_cve.down.sql b/database/migrations/20250904072950_delete_dep_vulns_without_cve.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250904072950_delete_dep_vulns_without_cve.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20250918112540_drop_attestation_scanner_id.down.sql b/database/migrations/20250918112540_drop_attestation_scanner_id.down.sql deleted file mode 100644 index d8f629fcf..000000000 --- a/database/migrations/20250918112540_drop_attestation_scanner_id.down.sql +++ /dev/null @@ -1,3 +0,0 @@ --- Copyright 2025 l3montree GmbH. --- SPDX-License-Identifier: AGPL-3.0-or-later - diff --git a/database/migrations/20250919112335_add_metadata_column_to_assets.down.sql b/database/migrations/20250919112335_add_metadata_column_to_assets.down.sql deleted file mode 100644 index d8f629fcf..000000000 --- a/database/migrations/20250919112335_add_metadata_column_to_assets.down.sql +++ /dev/null @@ -1,3 +0,0 @@ --- Copyright 2025 l3montree GmbH. --- SPDX-License-Identifier: AGPL-3.0-or-later - diff --git a/database/migrations/20250923094634_delete_deleted_at_column.down.sql b/database/migrations/20250923094634_delete_deleted_at_column.down.sql deleted file mode 100644 index d8f629fcf..000000000 --- a/database/migrations/20250923094634_delete_deleted_at_column.down.sql +++ /dev/null @@ -1,3 +0,0 @@ --- Copyright 2025 l3montree GmbH. --- SPDX-License-Identifier: AGPL-3.0-or-later - diff --git a/database/migrations/20250926115507_nil_opaque_id.down.sql b/database/migrations/20250926115507_nil_opaque_id.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20250926115507_nil_opaque_id.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20251009074354_public_asset.down.sql b/database/migrations/20251009074354_public_asset.down.sql deleted file mode 100644 index d8f629fcf..000000000 --- a/database/migrations/20251009074354_public_asset.down.sql +++ /dev/null @@ -1,3 +0,0 @@ --- Copyright 2025 l3montree GmbH. --- SPDX-License-Identifier: AGPL-3.0-or-later - diff --git a/database/migrations/20251011142707_asset_permissions.down.sql b/database/migrations/20251011142707_asset_permissions.down.sql deleted file mode 100644 index fe601ef91..000000000 --- a/database/migrations/20251011142707_asset_permissions.down.sql +++ /dev/null @@ -1,17 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - --- Rollback migration for asset-level permissions --- This removes all asset-level permissions created by the up migration diff --git a/database/migrations/20251023110603_add_artifact_links_table.down.sql b/database/migrations/20251023110603_add_artifact_links_table.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20251023110603_add_artifact_links_table.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20251023110850_add_default_node_to_sbom.down.sql b/database/migrations/20251023110850_add_default_node_to_sbom.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20251023110850_add_default_node_to_sbom.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20251023111226_add_upstream_and_paranoia_columns.down.sql b/database/migrations/20251023111226_add_upstream_and_paranoia_columns.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20251023111226_add_upstream_and_paranoia_columns.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20251031092922_asset_shares_information.down.sql b/database/migrations/20251031092922_asset_shares_information.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20251031092922_asset_shares_information.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20251103152514_fix_default_migration.down.sql b/database/migrations/20251103152514_fix_default_migration.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20251103152514_fix_default_migration.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20251112102935_cascade_dependency_vuln_foreign_key_update.down.sql b/database/migrations/20251112102935_cascade_dependency_vuln_foreign_key_update.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20251112102935_cascade_dependency_vuln_foreign_key_update.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20251213134055_pipeline_errors.down.sql b/database/migrations/20251213134055_pipeline_errors.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20251213134055_pipeline_errors.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20251214112316_artifact_dependency_vuln_constraint.down.sql b/database/migrations/20251214112316_artifact_dependency_vuln_constraint.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20251214112316_artifact_dependency_vuln_constraint.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20251214112317_add_malicious_packages.down.sql b/database/migrations/20251214112317_add_malicious_packages.down.sql deleted file mode 100644 index 34da933ca..000000000 --- a/database/migrations/20251214112317_add_malicious_packages.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2025 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20251230150234_cve_relationships.down.sql b/database/migrations/20251230150234_cve_relationships.down.sql deleted file mode 100644 index 848b074a7..000000000 --- a/database/migrations/20251230150234_cve_relationships.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20260114131136_remove_version_column.down.sql b/database/migrations/20260114131136_remove_version_column.down.sql deleted file mode 100644 index e69de29bb..000000000 diff --git a/database/migrations/20260114142512_fix_foreign_key_cascades.down.sql b/database/migrations/20260114142512_fix_foreign_key_cascades.down.sql deleted file mode 100644 index e32d40e94..000000000 --- a/database/migrations/20260114142512_fix_foreign_key_cascades.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20260114142952_drop_depth_column.down.sql b/database/migrations/20260114142952_drop_depth_column.down.sql deleted file mode 100644 index 848b074a7..000000000 --- a/database/migrations/20260114142952_drop_depth_column.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20260114143739_rename_component_columns.down.sql b/database/migrations/20260114143739_rename_component_columns.down.sql deleted file mode 100644 index b8a1e09fe..000000000 --- a/database/migrations/20260114143739_rename_component_columns.down.sql +++ /dev/null @@ -1,19 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - --- Revert column renames -ALTER TABLE public.component_dependencies RENAME COLUMN dependency_id TO dependency_purl; -ALTER TABLE public.component_dependencies RENAME COLUMN component_id TO component_purl; -ALTER TABLE public.components RENAME COLUMN id TO purl; diff --git a/database/migrations/20260114145241_delete_invalid_license_risks.down.sql b/database/migrations/20260114145241_delete_invalid_license_risks.down.sql deleted file mode 100644 index 848b074a7..000000000 --- a/database/migrations/20260114145241_delete_invalid_license_risks.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20260114155810_add_cve_relationships_foreign_keys.down.sql b/database/migrations/20260114155810_add_cve_relationships_foreign_keys.down.sql deleted file mode 100644 index 64bd24039..000000000 --- a/database/migrations/20260114155810_add_cve_relationships_foreign_keys.down.sql +++ /dev/null @@ -1,17 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - --- Remove foreign key constraints from cve_relationships table - diff --git a/database/migrations/20260114160930_make_dependency_vuln_cve_required.down.sql b/database/migrations/20260114160930_make_dependency_vuln_cve_required.down.sql deleted file mode 100644 index 6f7d15a3b..000000000 --- a/database/migrations/20260114160930_make_dependency_vuln_cve_required.down.sql +++ /dev/null @@ -1,32 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - --- Revert: Remove foreign key constraint -ALTER TABLE public.dependency_vulns -DROP CONSTRAINT IF EXISTS fk_dependency_vulns_cve; - --- Revert: Make columns nullable again -ALTER TABLE public.dependency_vulns -ALTER COLUMN component_purl DROP NOT NULL; - -ALTER TABLE public.dependency_vulns -ALTER COLUMN cve_id DROP NOT NULL; - --- Restore default null -ALTER TABLE public.dependency_vulns -ALTER COLUMN cve_id SET DEFAULT NULL; - -ALTER TABLE public.dependency_vulns -ALTER COLUMN component_purl SET DEFAULT NULL; diff --git a/database/migrations/20260115100000_change_qualifiers_to_jsonb.down.sql b/database/migrations/20260115100000_change_qualifiers_to_jsonb.down.sql deleted file mode 100644 index 0c86b2f60..000000000 --- a/database/migrations/20260115100000_change_qualifiers_to_jsonb.down.sql +++ /dev/null @@ -1,16 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - --- Revert qualifiers column from jsonb back to text diff --git a/database/migrations/20260116162639_delete_is_license_risk_overwritten.down.sql b/database/migrations/20260116162639_delete_is_license_risk_overwritten.down.sql deleted file mode 100644 index e69de29bb..000000000 diff --git a/database/migrations/20260116174850_remove_fk_dependency_vulns_component.down.sql b/database/migrations/20260116174850_remove_fk_dependency_vulns_component.down.sql deleted file mode 100644 index e69de29bb..000000000 diff --git a/database/migrations/20260116192251_malicious_components_jsonb.down.sql b/database/migrations/20260116192251_malicious_components_jsonb.down.sql deleted file mode 100644 index 848b074a7..000000000 --- a/database/migrations/20260116192251_malicious_components_jsonb.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20260117090614_cleanup.down.sql b/database/migrations/20260117090614_cleanup.down.sql deleted file mode 100644 index e69de29bb..000000000 diff --git a/database/migrations/20260119124407_delete_badge_secret_column.down.sql b/database/migrations/20260119124407_delete_badge_secret_column.down.sql deleted file mode 100644 index 848b074a7..000000000 --- a/database/migrations/20260119124407_delete_badge_secret_column.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20260122083658_add_vulnerability_path.down.sql b/database/migrations/20260122083658_add_vulnerability_path.down.sql deleted file mode 100644 index e20999c65..000000000 --- a/database/migrations/20260122083658_add_vulnerability_path.down.sql +++ /dev/null @@ -1 +0,0 @@ --- Remove vulnerability_path column from dependency_vulns table diff --git a/database/migrations/20260125100000_add_path_pattern_to_vuln_events.down.sql b/database/migrations/20260125100000_add_path_pattern_to_vuln_events.down.sql deleted file mode 100644 index 616a1cfc0..000000000 --- a/database/migrations/20260125100000_add_path_pattern_to_vuln_events.down.sql +++ /dev/null @@ -1,3 +0,0 @@ --- Remove the path_pattern column from vuln_events table -DROP INDEX IF EXISTS idx_vuln_events_path_pattern; -ALTER TABLE public.vuln_events DROP COLUMN IF EXISTS path_pattern; diff --git a/database/migrations/20260127100000_add_cve_purl_distribution_to_risk_history.down.sql b/database/migrations/20260127100000_add_cve_purl_distribution_to_risk_history.down.sql deleted file mode 100644 index 931639599..000000000 --- a/database/migrations/20260127100000_add_cve_purl_distribution_to_risk_history.down.sql +++ /dev/null @@ -1,19 +0,0 @@ -ALTER TABLE public.artifact_risk_history -DROP COLUMN IF EXISTS cve_purl_low, -DROP COLUMN IF EXISTS cve_purl_medium, -DROP COLUMN IF EXISTS cve_purl_high, -DROP COLUMN IF EXISTS cve_purl_critical, -DROP COLUMN IF EXISTS cve_purl_low_cvss, -DROP COLUMN IF EXISTS cve_purl_medium_cvss, -DROP COLUMN IF EXISTS cve_purl_high_cvss, -DROP COLUMN IF EXISTS cve_purl_critical_cvss; - -ALTER TABLE public.project_risk_history -DROP COLUMN IF EXISTS cve_purl_low, -DROP COLUMN IF EXISTS cve_purl_medium, -DROP COLUMN IF EXISTS cve_purl_high, -DROP COLUMN IF EXISTS cve_purl_critical, -DROP COLUMN IF EXISTS cve_purl_low_cvss, -DROP COLUMN IF EXISTS cve_purl_medium_cvss, -DROP COLUMN IF EXISTS cve_purl_high_cvss, -DROP COLUMN IF EXISTS cve_purl_critical_cvss; diff --git a/database/migrations/20260202000000_add_vex_rules_and_external_references.down.sql b/database/migrations/20260202000000_add_vex_rules_and_external_references.down.sql deleted file mode 100644 index 68d1d0c39..000000000 --- a/database/migrations/20260202000000_add_vex_rules_and_external_references.down.sql +++ /dev/null @@ -1,20 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - --- Drop external_references table -DROP TABLE IF EXISTS public.external_references; - --- Drop vex_rules table -DROP TABLE IF EXISTS public.vex_rules; diff --git a/database/migrations/20260203083743_vex_rule_enabled_drop_upstream.down.sql b/database/migrations/20260203083743_vex_rule_enabled_drop_upstream.down.sql deleted file mode 100644 index de0ab89af..000000000 --- a/database/migrations/20260203083743_vex_rule_enabled_drop_upstream.down.sql +++ /dev/null @@ -1,22 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - --- Re-add upstream column with default 0 (Internal) -ALTER TABLE public.vuln_events -ADD COLUMN IF NOT EXISTS upstream integer NOT NULL DEFAULT 0; - --- Remove enabled column from vex_rules -ALTER TABLE vex_rules -DROP COLUMN IF EXISTS enabled; diff --git a/database/migrations/20260203084000_add_created_by_vex_rule_column.down.sql b/database/migrations/20260203084000_add_created_by_vex_rule_column.down.sql deleted file mode 100644 index 4139a365b..000000000 --- a/database/migrations/20260203084000_add_created_by_vex_rule_column.down.sql +++ /dev/null @@ -1,18 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - --- Remove created_by_vex_rule column from vuln_events -ALTER TABLE public.vuln_events -DROP COLUMN IF EXISTS created_by_vex_rule; diff --git a/database/migrations/20260204084100_add_keep_original_sbom_root_component_to_assets.down.sql b/database/migrations/20260204084100_add_keep_original_sbom_root_component_to_assets.down.sql deleted file mode 100644 index ef4b69289..000000000 --- a/database/migrations/20260204084100_add_keep_original_sbom_root_component_to_assets.down.sql +++ /dev/null @@ -1,17 +0,0 @@ --- Copyright 2024 DevGuard GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as published by --- the Free Software Foundation, either version 3 of the License, or --- (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - -ALTER TABLE public.assets -DROP COLUMN IF EXISTS keep_original_sbom_root_component; diff --git a/database/migrations/20260206102932_add_csaf_package_scope.down.sql b/database/migrations/20260206102932_add_csaf_package_scope.down.sql deleted file mode 100644 index 4331ce225..000000000 --- a/database/migrations/20260206102932_add_csaf_package_scope.down.sql +++ /dev/null @@ -1,14 +0,0 @@ --- Copyright 2026 larshermges --- --- Licensed under the Apache License, Version 2.0 (the "License"); --- you may not use this file except in compliance with the License. --- You may obtain a copy of the License at --- --- https://www.apache.org/licenses/LICENSE-2.0 --- --- Unless required by applicable law or agreed to in writing, software --- distributed under the License is distributed on an "AS IS" BASIS, --- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. --- See the License for the specific language governing permissions and --- limitations under the License. - diff --git a/database/migrations/20260218171852_add-state-property.down.sql b/database/migrations/20260218171852_add-state-property.down.sql deleted file mode 100644 index f95bf42cd..000000000 --- a/database/migrations/20260218171852_add-state-property.down.sql +++ /dev/null @@ -1,20 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - -ALTER TABLE public.assets -DROP COLUMN IF EXISTS state; - -ALTER TABLE public.projects -DROP COLUMN IF EXISTS state; diff --git a/database/migrations/20260304170435_recover_missing_migration.down.sql b/database/migrations/20260304170435_recover_missing_migration.down.sql deleted file mode 100644 index fef69a6b0..000000000 --- a/database/migrations/20260304170435_recover_missing_migration.down.sql +++ /dev/null @@ -1,2 +0,0 @@ --- Recovery migration placeholder for missing historical version. --- Intentionally left empty. diff --git a/database/migrations/20260306000000_add_vuln_id_index_to_vuln_events.down.sql b/database/migrations/20260306000000_add_vuln_id_index_to_vuln_events.down.sql deleted file mode 100644 index e69de29bb..000000000 diff --git a/database/migrations/20260306000001_convert_btree_to_hash_indices.down.sql b/database/migrations/20260306000001_convert_btree_to_hash_indices.down.sql deleted file mode 100644 index e69de29bb..000000000 diff --git a/database/migrations/20260323134658_fix-duplicates.down.sql b/database/migrations/20260323134658_fix-duplicates.down.sql deleted file mode 100644 index e69de29bb..000000000 diff --git a/database/migrations/20260323134659_add_direct_dependency_fixed_version.down.sql b/database/migrations/20260323134659_add_direct_dependency_fixed_version.down.sql deleted file mode 100644 index 4331ce225..000000000 --- a/database/migrations/20260323134659_add_direct_dependency_fixed_version.down.sql +++ /dev/null @@ -1,14 +0,0 @@ --- Copyright 2026 larshermges --- --- Licensed under the Apache License, Version 2.0 (the "License"); --- you may not use this file except in compliance with the License. --- You may obtain a copy of the License at --- --- https://www.apache.org/licenses/LICENSE-2.0 --- --- Unless required by applicable law or agreed to in writing, software --- distributed under the License is distributed on an "AS IS" BASIS, --- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. --- See the License for the specific language governing permissions and --- limitations under the License. - diff --git a/database/migrations/20260323134660_add_trusted_entities_model.down.sql b/database/migrations/20260323134660_add_trusted_entities_model.down.sql deleted file mode 100644 index 848b074a7..000000000 --- a/database/migrations/20260323134660_add_trusted_entities_model.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20260323134661_refactor_vuln_ids.down.sql b/database/migrations/20260323134661_refactor_vuln_ids.down.sql deleted file mode 100644 index 848b074a7..000000000 --- a/database/migrations/20260323134661_refactor_vuln_ids.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20260402110000_add_fixable_distribution_to_artifact_risk_history.down.sql b/database/migrations/20260402110000_add_fixable_distribution_to_artifact_risk_history.down.sql deleted file mode 100644 index 6a2dc7bf1..000000000 --- a/database/migrations/20260402110000_add_fixable_distribution_to_artifact_risk_history.down.sql +++ /dev/null @@ -1,9 +0,0 @@ -ALTER TABLE public.artifact_risk_history -DROP COLUMN IF EXISTS cve_purl_fixable_critical, -DROP COLUMN IF EXISTS cve_purl_fixable_high, -DROP COLUMN IF EXISTS cve_purl_fixable_medium, -DROP COLUMN IF EXISTS cve_purl_fixable_low, -DROP COLUMN IF EXISTS fixable_critical, -DROP COLUMN IF EXISTS fixable_high, -DROP COLUMN IF EXISTS fixable_medium, -DROP COLUMN IF EXISTS fixable_low; diff --git a/database/migrations/20260410163018_add_dependency_proxy_secret.down.sql b/database/migrations/20260410163018_add_dependency_proxy_secret.down.sql deleted file mode 100644 index e2bacc719..000000000 --- a/database/migrations/20260410163018_add_dependency_proxy_secret.down.sql +++ /dev/null @@ -1,16 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - -DROP TABLE IF EXISTS public.dependency_proxy_secrets; diff --git a/database/migrations/20260415090935_refactor-vulndb-tables.down.sql b/database/migrations/20260415090935_refactor-vulndb-tables.down.sql deleted file mode 100644 index 848b074a7..000000000 --- a/database/migrations/20260415090935_refactor-vulndb-tables.down.sql +++ /dev/null @@ -1,15 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - diff --git a/database/migrations/20260504000000_add_btree_index_cve_affected_component.down.sql b/database/migrations/20260504000000_add_btree_index_cve_affected_component.down.sql deleted file mode 100644 index 9563164c3..000000000 --- a/database/migrations/20260504000000_add_btree_index_cve_affected_component.down.sql +++ /dev/null @@ -1,2 +0,0 @@ --- Remove the btree index if rolling back -DROP INDEX IF EXISTS idx_cve_affected_component_cve_id_aff_comp_id; diff --git a/database/migrations/20260504101108_drop_updated_created_at.down.sql b/database/migrations/20260504101108_drop_updated_created_at.down.sql deleted file mode 100644 index 92f42efed..000000000 --- a/database/migrations/20260504101108_drop_updated_created_at.down.sql +++ /dev/null @@ -1,21 +0,0 @@ --- Copyright (C) 2026 l3montree GmbH --- --- This program is free software: you can redistribute it and/or modify --- it under the terms of the GNU Affero General Public License as --- published by the Free Software Foundation, either version 3 of the --- License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU Affero General Public License for more details. --- --- You should have received a copy of the GNU Affero General Public License --- along with this program. If not, see . - -ALTER TABLE public.malicious_affected_components ADD COLUMN IF NOT EXISTS scheme text; -ALTER TABLE public.malicious_affected_components ADD COLUMN IF NOT EXISTS type text; -ALTER TABLE public.malicious_affected_components ADD COLUMN IF NOT EXISTS name text; -ALTER TABLE public.malicious_affected_components ADD COLUMN IF NOT EXISTS namespace text; -ALTER TABLE public.malicious_affected_components ADD COLUMN IF NOT EXISTS qualifiers text; -ALTER TABLE public.malicious_affected_components ADD COLUMN IF NOT EXISTS subpath text; From 58758e37e6ac48fa2ea005f2f4de4c2c3b08c998 Mon Sep 17 00:00:00 2001 From: Hubtrick-Git Date: Wed, 6 May 2026 15:21:00 +0200 Subject: [PATCH 3/3] added comment to help future test fixing --- tests/osv_service_test.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/osv_service_test.go b/tests/osv_service_test.go index 7a4a2a14f..8f054833c 100644 --- a/tests/osv_service_test.go +++ b/tests/osv_service_test.go @@ -16,6 +16,11 @@ import ( func TestOSVPostInsertCleanup(t *testing.T) { WithTestApp(t, "../initdb.sql", func(f *TestFixture) { t.Run("after inserting using the bulk method, we should have all indexes and constraints back in place correctly", func(t *testing.T) { + // this test is used to make sure that all indexes and constraints are dropped which are not needed on bulk inserts + // if you happen to fail this test, just make sure to add the sql to drop your index/constraint in the PrepareBulkInsert-Functions sql scripts + // then also re-add it in the AddIndexesAndConstraints-Function sql scripts just the same as you added it in the migrations + // this should then pass the test again + ctx := context.Background() conn, err := f.Pool.Acquire(ctx)