Skip to content

Commit 0fd8523

Browse files
keshav-spacekeshav-space
committed
fix: use apk scheme for alpine version range
- resolves: #2286 Signed-off-by: Keshav Priyadarshi <git@keshav.space>
1 parent 077163e commit 0fd8523

2 files changed

Lines changed: 68 additions & 28 deletions

File tree

vulnerabilities/migrations/0126_use_apk_scheme_for_alpine_vers.py

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
# Generated by Django 5.2.11 on 2026-05-04 09:51
2+
3+
from django.db import migrations
4+
from django.db.models import F, Value
5+
from django.db.models.functions import Replace
6+
from django.db.models import Q
7+
8+
9+
class Migration(migrations.Migration):
10+
11+
def update_alpine_scheme_to_apk(apps, schema_editor):
12+
ImpactedPackage = apps.get_model("vulnerabilities", "ImpactedPackage")
13+
14+
ImpactedPackage.objects.filter(
15+
Q(affecting_vers__startswith="vers:alpine/") | Q(fixed_vers__startswith="vers:alpine/")
16+
).update(
17+
affecting_vers=Replace(F("affecting_vers"), Value("vers:alpine/"), Value("vers:apk/")),
18+
fixed_vers=Replace(F("fixed_vers"), Value("vers:alpine/"), Value("vers:apk/")),
19+
)
20+
21+
def reverse_update_alpine_scheme_to_apk(apps, schema_editor):
22+
ImpactedPackage = apps.get_model("vulnerabilities", "ImpactedPackage")
23+
24+
ImpactedPackage.objects.filter(
25+
Q(affecting_vers__startswith="vers:apk/") | Q(fixed_vers__startswith="vers:apk/")
26+
).update(
27+
affecting_vers=Replace(F("affecting_vers"), Value("vers:apk/"), Value("vers:alpine/")),
28+
fixed_vers=Replace(F("fixed_vers"), Value("vers:apk/"), Value("vers:alpine/")),
29+
)
30+
31+
dependencies = [
32+
("vulnerabilities", "0125_clean_vers_range_without_constraints"),
33+
]
34+
35+
operations = [
36+
migrations.RunPython(
37+
update_alpine_scheme_to_apk,
38+
reverse_code=reverse_update_alpine_scheme_to_apk,
39+
),
40+
]

vulnerabilities/tests/test_data/alpine/expected-advisories-v3.3.json

Lines changed: 28 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@
1616
"subpath": ""
1717
},
1818
"affected_version_range": null,
19-
"fixed_version_range": "vers:alpine/2.7.2-r0",
19+
"fixed_version_range": "vers:apk/2.7.2-r0",
2020
"introduced_by_commit_patches": [],
2121
"fixed_by_commit_patches": []
2222
},
@@ -30,7 +30,7 @@
3030
"subpath": ""
3131
},
3232
"affected_version_range": null,
33-
"fixed_version_range": "vers:alpine/2.7.2-r0",
33+
"fixed_version_range": "vers:apk/2.7.2-r0",
3434
"introduced_by_commit_patches": [],
3535
"fixed_by_commit_patches": []
3636
},
@@ -44,7 +44,7 @@
4444
"subpath": ""
4545
},
4646
"affected_version_range": null,
47-
"fixed_version_range": "vers:alpine/2.7.2-r0",
47+
"fixed_version_range": "vers:apk/2.7.2-r0",
4848
"introduced_by_commit_patches": [],
4949
"fixed_by_commit_patches": []
5050
},
@@ -58,7 +58,7 @@
5858
"subpath": ""
5959
},
6060
"affected_version_range": null,
61-
"fixed_version_range": "vers:alpine/2.7.2-r0",
61+
"fixed_version_range": "vers:apk/2.7.2-r0",
6262
"introduced_by_commit_patches": [],
6363
"fixed_by_commit_patches": []
6464
},
@@ -72,7 +72,7 @@
7272
"subpath": ""
7373
},
7474
"affected_version_range": null,
75-
"fixed_version_range": "vers:alpine/2.7.2-r0",
75+
"fixed_version_range": "vers:apk/2.7.2-r0",
7676
"introduced_by_commit_patches": [],
7777
"fixed_by_commit_patches": []
7878
},
@@ -86,7 +86,7 @@
8686
"subpath": ""
8787
},
8888
"affected_version_range": null,
89-
"fixed_version_range": "vers:alpine/2.7.2-r0",
89+
"fixed_version_range": "vers:apk/2.7.2-r0",
9090
"introduced_by_commit_patches": [],
9191
"fixed_by_commit_patches": []
9292
},
@@ -100,7 +100,7 @@
100100
"subpath": ""
101101
},
102102
"affected_version_range": null,
103-
"fixed_version_range": "vers:alpine/2.7.2-r0",
103+
"fixed_version_range": "vers:apk/2.7.2-r0",
104104
"introduced_by_commit_patches": [],
105105
"fixed_by_commit_patches": []
106106
}
@@ -135,7 +135,7 @@
135135
"subpath": ""
136136
},
137137
"affected_version_range": null,
138-
"fixed_version_range": "vers:alpine/2.7.2-r0",
138+
"fixed_version_range": "vers:apk/2.7.2-r0",
139139
"introduced_by_commit_patches": [],
140140
"fixed_by_commit_patches": []
141141
},
@@ -149,7 +149,7 @@
149149
"subpath": ""
150150
},
151151
"affected_version_range": null,
152-
"fixed_version_range": "vers:alpine/2.7.2-r0",
152+
"fixed_version_range": "vers:apk/2.7.2-r0",
153153
"introduced_by_commit_patches": [],
154154
"fixed_by_commit_patches": []
155155
},
@@ -163,7 +163,7 @@
163163
"subpath": ""
164164
},
165165
"affected_version_range": null,
166-
"fixed_version_range": "vers:alpine/2.7.2-r0",
166+
"fixed_version_range": "vers:apk/2.7.2-r0",
167167
"introduced_by_commit_patches": [],
168168
"fixed_by_commit_patches": []
169169
},
@@ -177,7 +177,7 @@
177177
"subpath": ""
178178
},
179179
"affected_version_range": null,
180-
"fixed_version_range": "vers:alpine/2.7.2-r0",
180+
"fixed_version_range": "vers:apk/2.7.2-r0",
181181
"introduced_by_commit_patches": [],
182182
"fixed_by_commit_patches": []
183183
},
@@ -191,7 +191,7 @@
191191
"subpath": ""
192192
},
193193
"affected_version_range": null,
194-
"fixed_version_range": "vers:alpine/2.7.2-r0",
194+
"fixed_version_range": "vers:apk/2.7.2-r0",
195195
"introduced_by_commit_patches": [],
196196
"fixed_by_commit_patches": []
197197
},
@@ -205,7 +205,7 @@
205205
"subpath": ""
206206
},
207207
"affected_version_range": null,
208-
"fixed_version_range": "vers:alpine/2.7.2-r0",
208+
"fixed_version_range": "vers:apk/2.7.2-r0",
209209
"introduced_by_commit_patches": [],
210210
"fixed_by_commit_patches": []
211211
},
@@ -219,7 +219,7 @@
219219
"subpath": ""
220220
},
221221
"affected_version_range": null,
222-
"fixed_version_range": "vers:alpine/2.7.2-r0",
222+
"fixed_version_range": "vers:apk/2.7.2-r0",
223223
"introduced_by_commit_patches": [],
224224
"fixed_by_commit_patches": []
225225
}
@@ -274,7 +274,7 @@
274274
"subpath": ""
275275
},
276276
"affected_version_range": null,
277-
"fixed_version_range": "vers:alpine/4.10.0-r1",
277+
"fixed_version_range": "vers:apk/4.10.0-r1",
278278
"introduced_by_commit_patches": [],
279279
"fixed_by_commit_patches": []
280280
},
@@ -288,7 +288,7 @@
288288
"subpath": ""
289289
},
290290
"affected_version_range": null,
291-
"fixed_version_range": "vers:alpine/4.10.0-r1",
291+
"fixed_version_range": "vers:apk/4.10.0-r1",
292292
"introduced_by_commit_patches": [],
293293
"fixed_by_commit_patches": []
294294
},
@@ -302,7 +302,7 @@
302302
"subpath": ""
303303
},
304304
"affected_version_range": null,
305-
"fixed_version_range": "vers:alpine/4.10.0-r1",
305+
"fixed_version_range": "vers:apk/4.10.0-r1",
306306
"introduced_by_commit_patches": [],
307307
"fixed_by_commit_patches": []
308308
},
@@ -316,7 +316,7 @@
316316
"subpath": ""
317317
},
318318
"affected_version_range": null,
319-
"fixed_version_range": "vers:alpine/4.10.0-r1",
319+
"fixed_version_range": "vers:apk/4.10.0-r1",
320320
"introduced_by_commit_patches": [],
321321
"fixed_by_commit_patches": []
322322
},
@@ -330,7 +330,7 @@
330330
"subpath": ""
331331
},
332332
"affected_version_range": null,
333-
"fixed_version_range": "vers:alpine/4.10.0-r1",
333+
"fixed_version_range": "vers:apk/4.10.0-r1",
334334
"introduced_by_commit_patches": [],
335335
"fixed_by_commit_patches": []
336336
},
@@ -344,7 +344,7 @@
344344
"subpath": ""
345345
},
346346
"affected_version_range": null,
347-
"fixed_version_range": "vers:alpine/4.10.0-r1",
347+
"fixed_version_range": "vers:apk/4.10.0-r1",
348348
"introduced_by_commit_patches": [],
349349
"fixed_by_commit_patches": []
350350
},
@@ -358,7 +358,7 @@
358358
"subpath": ""
359359
},
360360
"affected_version_range": null,
361-
"fixed_version_range": "vers:alpine/4.10.0-r1",
361+
"fixed_version_range": "vers:apk/4.10.0-r1",
362362
"introduced_by_commit_patches": [],
363363
"fixed_by_commit_patches": []
364364
}
@@ -394,7 +394,7 @@
394394
"subpath": ""
395395
},
396396
"affected_version_range": null,
397-
"fixed_version_range": "vers:alpine/4.10.0-r2",
397+
"fixed_version_range": "vers:apk/4.10.0-r2",
398398
"introduced_by_commit_patches": [],
399399
"fixed_by_commit_patches": []
400400
},
@@ -408,7 +408,7 @@
408408
"subpath": ""
409409
},
410410
"affected_version_range": null,
411-
"fixed_version_range": "vers:alpine/4.10.0-r2",
411+
"fixed_version_range": "vers:apk/4.10.0-r2",
412412
"introduced_by_commit_patches": [],
413413
"fixed_by_commit_patches": []
414414
},
@@ -422,7 +422,7 @@
422422
"subpath": ""
423423
},
424424
"affected_version_range": null,
425-
"fixed_version_range": "vers:alpine/4.10.0-r2",
425+
"fixed_version_range": "vers:apk/4.10.0-r2",
426426
"introduced_by_commit_patches": [],
427427
"fixed_by_commit_patches": []
428428
},
@@ -436,7 +436,7 @@
436436
"subpath": ""
437437
},
438438
"affected_version_range": null,
439-
"fixed_version_range": "vers:alpine/4.10.0-r2",
439+
"fixed_version_range": "vers:apk/4.10.0-r2",
440440
"introduced_by_commit_patches": [],
441441
"fixed_by_commit_patches": []
442442
},
@@ -450,7 +450,7 @@
450450
"subpath": ""
451451
},
452452
"affected_version_range": null,
453-
"fixed_version_range": "vers:alpine/4.10.0-r2",
453+
"fixed_version_range": "vers:apk/4.10.0-r2",
454454
"introduced_by_commit_patches": [],
455455
"fixed_by_commit_patches": []
456456
},
@@ -464,7 +464,7 @@
464464
"subpath": ""
465465
},
466466
"affected_version_range": null,
467-
"fixed_version_range": "vers:alpine/4.10.0-r2",
467+
"fixed_version_range": "vers:apk/4.10.0-r2",
468468
"introduced_by_commit_patches": [],
469469
"fixed_by_commit_patches": []
470470
},
@@ -478,7 +478,7 @@
478478
"subpath": ""
479479
},
480480
"affected_version_range": null,
481-
"fixed_version_range": "vers:alpine/4.10.0-r2",
481+
"fixed_version_range": "vers:apk/4.10.0-r2",
482482
"introduced_by_commit_patches": [],
483483
"fixed_by_commit_patches": []
484484
}

0 commit comments

Comments
 (0)