Fix tests

Signed-off-by: Tushar Goel <[email protected]>

Author: TG1999

vulnerabilities/forms.py

@@ -40,11 +40,10 @@ class AdvisorySearchForm(forms.Form):
 
     search = forms.CharField(
         required=True,
-        widget=forms.TextInput(
-            attrs={"placeholder": "Advisory id or alias such as CVE or GHSA"}
-        ),
+        widget=forms.TextInput(attrs={"placeholder": "Advisory id or alias such as CVE or GHSA"}),
     )
 
+
 class ApiUserCreationForm(forms.ModelForm):
     """
     Support a simplified creation for API-only users directly from the UI.

vulnerabilities/migrations/0092_advisoryalias_advisoryreference_advisoryseverity_and_more.py renamed to vulnerabilities/migrations/0093_advisoryalias_advisoryreference_advisoryseverity_and_more.py

@@ -1,12 +1,13 @@
-# Generated by Django 4.2.20 on 2025-05-27 10:43
+# Generated by Django 4.2.20 on 2025-05-28 13:31
 
 from django.db import migrations, models
+import django.db.models.deletion
 
 
 class Migration(migrations.Migration):
 
     dependencies = [
-        ("vulnerabilities", "0091_alter_advisory_unique_together_and_more"),
+        ("vulnerabilities", "0092_pipelineschedule_pipelinerun"),
     ]
 
     operations = [
@@ -249,6 +250,16 @@ class Migration(migrations.Migration):
                 "abstract": False,
             },
         ),
+        migrations.AlterField(
+            model_name="pipelineschedule",
+            name="is_active",
+            field=models.BooleanField(
+                db_index=True,
+                default=True,
+                help_text="When set to True, this Pipeline is active. When set to False, this Pipeline is inactive and not run.",
+                null=True,
+            ),
+        ),
         migrations.CreateModel(
             name="AdvisoryV2",
             fields=[
@@ -295,7 +306,7 @@ class Migration(migrations.Migration):
                 (
                     "datasource_ID",
                     models.CharField(
-                        help_text="Fully qualified name of the importer prefixed with themodule name importing the advisory. Eg:vulnerabilities.pipeline.nginx_importer.NginxImporterPipeline",
+                        help_text="Fully qualified name of the importer prefixed with themodule name importing the advisory. Eg:nginx_importer_v2",
                         max_length=100,
                     ),
                 ),
@@ -346,7 +357,7 @@ class Migration(migrations.Migration):
                     "fixed_by_packages",
                     models.ManyToManyField(
                         help_text="A list of packages that are reported by this advisory.",
-                        related_name="fixing_advisorues",
+                        related_name="fixing_advisories",
                         to="vulnerabilities.packagev2",
                     ),
                 ),
@@ -379,4 +390,118 @@ class Migration(migrations.Migration):
                 "ordering": ["date_published", "unique_content_id"],
             },
         ),
+        migrations.CreateModel(
+            name="AdvisoryExploit",
+            fields=[
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
+                    ),
+                ),
+                (
+                    "date_added",
+                    models.DateField(
+                        blank=True,
+                        help_text="The date the vulnerability was added to an exploit catalog.",
+                        null=True,
+                    ),
+                ),
+                (
+                    "description",
+                    models.TextField(
+                        blank=True,
+                        help_text="Description of the vulnerability in an exploit catalog, often a refinement of the original CVE description",
+                        null=True,
+                    ),
+                ),
+                (
+                    "required_action",
+                    models.TextField(
+                        blank=True,
+                        help_text="The required action to address the vulnerability, typically to apply vendor updates or apply vendor mitigations or to discontinue use.",
+                        null=True,
+                    ),
+                ),
+                (
+                    "due_date",
+                    models.DateField(
+                        blank=True,
+                        help_text="The date the required action is due, which applies to all USA federal civilian executive branch (FCEB) agencies, but all organizations are strongly encouraged to execute the required action",
+                        null=True,
+                    ),
+                ),
+                (
+                    "notes",
+                    models.TextField(
+                        blank=True,
+                        help_text="Additional notes and resources about the vulnerability, often a URL to vendor instructions.",
+                        null=True,
+                    ),
+                ),
+                (
+                    "known_ransomware_campaign_use",
+                    models.BooleanField(
+                        default=False,
+                        help_text="Known' if this vulnerability is known to have been leveraged as part of a ransomware campaign; \n        or 'Unknown' if there is no confirmation that the vulnerability has been utilized for ransomware.",
+                    ),
+                ),
+                (
+                    "source_date_published",
+                    models.DateField(
+                        blank=True,
+                        help_text="The date that the exploit was published or disclosed.",
+                        null=True,
+                    ),
+                ),
+                (
+                    "exploit_type",
+                    models.TextField(
+                        blank=True,
+                        help_text="The type of the exploit as provided by the original upstream data source.",
+                        null=True,
+                    ),
+                ),
+                (
+                    "platform",
+                    models.TextField(
+                        blank=True,
+                        help_text="The platform associated with the exploit as provided by the original upstream data source.",
+                        null=True,
+                    ),
+                ),
+                (
+                    "source_date_updated",
+                    models.DateField(
+                        blank=True,
+                        help_text="The date the exploit was updated in the original upstream data source.",
+                        null=True,
+                    ),
+                ),
+                (
+                    "data_source",
+                    models.TextField(
+                        blank=True,
+                        help_text="The source of the exploit information, such as CISA KEV, exploitdb, metaspoit, or others.",
+                        null=True,
+                    ),
+                ),
+                (
+                    "source_url",
+                    models.URLField(
+                        blank=True,
+                        help_text="The URL to the exploit as provided in the original upstream data source.",
+                        null=True,
+                    ),
+                ),
+                (
+                    "advisory",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="exploits",
+                        to="vulnerabilities.advisoryv2",
+                    ),
+                ),
+            ],
+        ),
     ]

vulnerabilities/migrations/0093_alter_advisoryv2_datasource_id_and_more.py

@@ -1324,7 +1324,6 @@ def url(self):
 
 
 class AdvisoryQuerySet(BaseQuerySet):
-
     def search(query):
         """
         This function will take a string as an input, the string could be an alias or an advisory ID or
@@ -2282,6 +2281,8 @@ def create_new_job(self, execute_now=False):
             schedules.clear_job(self.schedule_work_id)
 
         return schedules.schedule_execution(self, execute_now) if self.is_active else None
+
+
 class AdvisorySeverity(models.Model):
     url = models.URLField(
         max_length=1024,
@@ -2556,7 +2557,6 @@ def risk_score(self):
 
     objects = AdvisoryQuerySet.as_manager()
 
-
     class Meta:
         ordering = ["date_published", "unique_content_id"]
 
@@ -2593,7 +2593,6 @@ def get_aliases(self):
 
 
 class PackageQuerySetV2(BaseQuerySet, PackageURLQuerySet):
-
     def search(self, query: str = None):
         """
         Return a Package queryset searching for the ``query``.

vulnerabilities/models.py

@@ -28,8 +28,8 @@
 from vulnerabilities.importer import UnMergeablePackageError
 from vulnerabilities.improver import MAX_CONFIDENCE
 from vulnerabilities.models import Advisory
-from vulnerabilities.models import PipelineRun
 from vulnerabilities.models import PackageV2
+from vulnerabilities.models import PipelineRun
 from vulnerabilities.pipes.advisory import import_advisory
 from vulnerabilities.pipes.advisory import insert_advisory
 from vulnerabilities.pipes.advisory import insert_advisory_v2

vulnerabilities/pipelines/__init__.py

@@ -29,8 +29,8 @@
 
 from vulnerabilities import models
 from vulnerabilities.forms import AdminLoginForm
-from vulnerabilities.forms import ApiUserCreationForm
 from vulnerabilities.forms import AdvisorySearchForm
+from vulnerabilities.forms import ApiUserCreationForm
 from vulnerabilities.forms import PackageSearchForm
 from vulnerabilities.forms import PipelineSchedulePackageForm
 from vulnerabilities.forms import VulnerabilitySearchForm
@@ -100,7 +100,6 @@ def get_queryset(self, query=None):
         )
 
 
-
 class VulnerabilitySearch(ListView):
     model = models.Vulnerability
     template_name = "vulnerabilities.html"
@@ -110,7 +109,7 @@ class VulnerabilitySearch(ListView):
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         request_query = self.request.GET
-        context["advisory_search_form"] = AdvisorySearchForm(request_query)
+        context["vulnerability_search_form"] = VulnerabilitySearchForm(request_query)
         context["search"] = request_query.get("search")
         return context