Reference: https://github.com/vulnerablecode/issue/650

Work around PostgreSQL index issue Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
aboutcode-org · Mar 28, 2022 · 0d4419d · 0d4419d
1 parent 33e083c
commit 0d4419d
Show file tree

Hide file tree

Showing 5 changed files with 527 additions and 3 deletions.
diff --git a/vulnerabilities/migrations/0004_advisory_unique_content_id.py b/vulnerabilities/migrations/0004_advisory_unique_content_id.py
@@ -0,0 +1,19 @@
+# Generated by Django 4.0.2 on 2022-03-28 19:29
+
+from django.db import migrations
+from django.db import models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("vulnerabilities", "0003_alter_advisory_created_by"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="advisory",
+            name="unique_content_id",
+            field=models.CharField(blank=True, max_length=32),
+        ),
+    ]
diff --git a/vulnerabilities/migrations/0005_auto_20220328_1929.py b/vulnerabilities/migrations/0005_auto_20220328_1929.py
@@ -0,0 +1,37 @@
+# Generated by Django 4.0.2 on 2022-03-28 19:29
+
+import hashlib
+import json
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+    def md5hash(apps, schema_editor):
+        Advisory = apps.get_model("vulnerabilities", "Advisory")
+        for advisory in Advisory.objects.all():
+            hash = ""
+            if advisory.summary:
+                hash = hashlib.md5(advisory.summary.encode("utf-8")).hexdigest()
+            json_fields = [advisory.affected_packages, advisory.references]
+            # Case 1: a ="Hello" and b="World"
+            # Case 2: a ="HelloWo" and b="rld"
+            # hash(a) + hash(b) for both the cases will give same result
+            # hash( hash(a) + hash(b) ) is better than hash(a + b)
+            for json_field in json_fields:
+                if json_field:
+                    hash = hashlib.md5(
+                        (
+                            hash + hashlib.md5(json.dumps(json_field).encode("utf-8")).hexdigest()
+                        ).encode("utf-8")
+                    ).hexdigest()
+            advisory.unique_content_id = hash
+            advisory.save()
+
+    dependencies = [
+        ("vulnerabilities", "0004_advisory_unique_content_id"),
+    ]
+
+    operations = [
+        migrations.RunPython(md5hash),
+    ]
diff --git a/vulnerabilities/migrations/0006_alter_advisory_unique_together.py b/vulnerabilities/migrations/0006_alter_advisory_unique_together.py
@@ -0,0 +1,17 @@
+# Generated by Django 4.0.2 on 2022-03-28 19:34
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("vulnerabilities", "0005_auto_20220328_1929"),
+    ]
+
+    operations = [
+        migrations.AlterUniqueTogether(
+            name="advisory",
+            unique_together={("aliases", "unique_content_id", "date_published")},
+        ),
+    ]
diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py
@@ -21,6 +21,7 @@
 #  Visit https://github.com/nexB/vulnerablecode/ for support and download.
 
 import dataclasses
+import hashlib
 import importlib
 import json
 import logging
@@ -326,6 +327,26 @@ class Advisory(models.Model):
     into structured data
     """
 
+    def save(self, *args, **kwargs):
+        hash = ""
+        if self.summary:
+            hash = hashlib.md5(self.summary.encode("utf-8")).hexdigest()
+        json_fields = [self.affected_packages, self.references]
+        # Case 1: a ="Hello" and b="World"
+        # Case 2: a ="HelloWo" and b="rld"
+        # hash(a) + hash(b) for both the cases will give same result
+        # therefore hash( hash(a) + hash(b) ) is better than hash(a + b)
+        for json_field in json_fields:
+            if json_field:
+                hash = hashlib.md5(
+                    (hash + hashlib.md5(json.dumps(json_field).encode("utf-8")).hexdigest()).encode(
+                        "utf-8"
+                    )
+                ).hexdigest()
+        self.unique_content_id = hash
+        super(Advisory, self).save(*args, **kwargs)
+
+    unique_content_id = models.CharField(max_length=32, blank=True)
     aliases = models.JSONField(blank=True, default=list, help_text="A list of alias strings")
     summary = models.TextField(blank=True, null=True)
     # we use a JSON field here to avoid creating a complete relational model for data that
@@ -356,9 +377,7 @@ class Advisory(models.Model):
     class Meta:
         unique_together = (
             "aliases",
-            "summary",
-            "affected_packages",
-            "references",
+            "unique_content_id",
             "date_published",
         )