Test all importers for advisory ID

Signed-off-by: Tushar Goel <[email protected]>

Author: TG1999

vulnerabilities/importers/apache_httpd.py

@@ -38,11 +38,12 @@ class ApacheHTTPDImporter(Importer):
     license_url = "https://www.apache.org/licenses/LICENSE-2.0"
     importer_name = "Apache HTTPD Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def advisory_data(self):
         links = fetch_links(self.base_url)

vulnerabilities/importers/apache_kafka.py

@@ -102,11 +102,12 @@ def fetch_advisory_page(self):
         page = requests.get(self.GH_PAGE_URL)
         return page.content
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def advisory_data(self):
         advisory_page = self.fetch_advisory_page(self)

vulnerabilities/importers/apache_tomcat.py

@@ -120,11 +120,12 @@ class ApacheTomcatImporter(Importer):
     license_url = "https://www.apache.org/licenses/LICENSE-2.0"
     importer_name = "Apache Tomcat Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def fetch_advisory_pages(self):
         """

vulnerabilities/importers/archlinux.py

@@ -30,11 +30,12 @@ class ArchlinuxImporter(Importer):
     license_url = "https://github.com/archlinux/arch-security-tracker/blob/master/LICENSE"
     importer_name = "Arch Linux Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def fetch(self) -> Iterable[Mapping]:
         response = fetch_response(self.url)

vulnerabilities/importers/curl.py

@@ -39,11 +39,12 @@ class CurlImporter(Importer):
     importer_name = "Curl Importer"
     api_url = "https://curl.se/docs/vuln.json"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def fetch(self) -> Iterable[Mapping]:
         response = fetch_response(self.api_url)

vulnerabilities/importers/debian.py

@@ -82,11 +82,12 @@ class DebianImporter(Importer):
     api_url = "https://security-tracker.debian.org/tracker/data/json"
     importer_name = "Debian Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def get_response(self):
         response = requests.get(self.api_url)

vulnerabilities/importers/debian_oval.py

@@ -56,11 +56,12 @@ class DebianOvalImporter(OvalImporter):
     """
     importer_name = "Debian Oval Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)

vulnerabilities/importers/elixir_security.py

@@ -41,11 +41,12 @@ def advisory_data(self) -> Set[AdvisoryData]:
             if self.vcs_response:
                 self.vcs_response.delete()
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def process_file(self, file, base_path):
         relative_path = str(file.relative_to(base_path)).strip("/")

vulnerabilities/importers/epss.py

@@ -29,11 +29,12 @@ class EPSSImporter(Importer):
     spdx_license_expression = "unknown"
     importer_name = "EPSS Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def advisory_data(self) -> Iterable[AdvisoryData]:
         response = urllib.request.urlopen(self.advisory_url)

vulnerabilities/importers/fireeye.py

@@ -35,11 +35,12 @@ class FireyeImporter(Importer):
     repo_url = "git+https://github.com/mandiant/Vulnerability-Disclosures"
     importer_name = "FireEye Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def advisory_data(self) -> Iterable[AdvisoryData]:
         try:

vulnerabilities/importers/gentoo.py

@@ -33,11 +33,12 @@ class GentooImporter(Importer):
     license_url = "https://creativecommons.org/licenses/by-sa/4.0/"
     importer_name = "Gentoo Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def advisory_data(self) -> Iterable[AdvisoryData]:
         try:

vulnerabilities/importers/github_osv.py

@@ -25,6 +25,16 @@ class GithubOSVImporter(Importer):
     repo_url = "git+https://github.com/github/advisory-database/"
     importer_name = "GithubOSV Importer"
 
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
+        """
+        Return the Advisory ID for the given aliases.
+        """
+        for alias in aliases:
+            if alias.startswith("GHSA"):
+                return alias
+        return cls.get_cve_id(aliases)
+
     def advisory_data(self) -> Iterable[AdvisoryData]:
         supported_ecosystems = [
             "pypi",

vulnerabilities/importers/istio.py

@@ -44,11 +44,12 @@ class IstioImporter(Importer):
     repo_url = "git+https://github.com/istio/istio.io/"
     importer_name = "Istio Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def advisory_data(self) -> Set[AdvisoryData]:
         try:

vulnerabilities/importers/mozilla.py

@@ -39,11 +39,12 @@ class MozillaImporter(Importer):
     repo_url = "git+https://github.com/mozilla/foundation-security-advisories/"
     importer_name = "Mozilla Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def advisory_data(self) -> Iterable[AdvisoryData]:
         try:

vulnerabilities/importers/openssl.py

@@ -35,14 +35,15 @@ class OpensslImporter(Importer):
     url = "https://www.openssl.org/news/vulnerabilities.xml"
     importer_name = "OpenSSL Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
         for alias in aliases:
             if alias.startswith("VC-OPENSSL-"):
                 return alias
-        return None
+        return cls.get_cve_id(aliases)
 
     def fetch(self):
         response = requests.get(url=self.url)

vulnerabilities/importers/oss_fuzz.py

@@ -26,11 +26,12 @@ class OSSFuzzImporter(Importer):
     url = "git+https://github.com/google/oss-fuzz-vulns"
     importer_name = "OSS Fuzz Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def advisory_data(self) -> Iterable[AdvisoryData]:
         try:

vulnerabilities/importers/postgresql.py

@@ -30,11 +30,12 @@ class PostgreSQLImporter(Importer):
     spdx_license_expression = "PostgreSQL"
     importer_name = "PostgreSQL Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def advisory_data(self):
         known_urls = {self.root_url}

vulnerabilities/importers/project_kb_msr2019.py

@@ -24,11 +24,12 @@ class ProjectKBMSRImporter(Importer):
     license_url = "https://github.com/SAP/project-kb/blob/main/LICENSE.txt"
     importer_name = "ProjectKB MSRImporter"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def advisory_data(self):
         raw_data = fetch_and_read_from_csv(self.url)

vulnerabilities/importers/redhat.py

@@ -67,11 +67,12 @@ class RedhatImporter(Importer):
     license_url = "https://access.redhat.com/documentation/en-us/red_hat_security_data_api/1.0/html/red_hat_security_data_api/legal-notice"
     importer_name = "RedHat Importer"
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     def advisory_data(self) -> Iterable[AdvisoryData]:
         for redhat_cves in fetch_cves():

vulnerabilities/importers/retiredotnet.py

@@ -44,11 +44,12 @@ def advisory_data(self) -> Iterable[AdvisoryData]:
             if self.vcs_response:
                 self.vcs_response.delete()
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
         """
         Return the Advisory ID for the given aliases.
         """
-        return self.get_cve_id(aliases)
+        return cls.get_cve_id(aliases)
 
     @staticmethod
     def vuln_id_from_desc(desc):

vulnerabilities/importers/ruby.py

@@ -52,6 +52,16 @@ class RubyImporter(Importer):
     SOFTWARE.
     """
 
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
+        """
+        Return the Advisory ID for the given aliases.
+        """
+        for alias in aliases:
+            if alias.startswith("GHSA-"):
+                return alias
+        return cls.get_cve_id(aliases)
+
     def advisory_data(self) -> Iterable[AdvisoryData]:
         try:
             self.clone(self.repo_url)
@@ -72,12 +82,6 @@ def advisory_data(self) -> Iterable[AdvisoryData]:
             if self.vcs_response:
                 self.vcs_response.delete()
 
-    def get_advisory_id(self, aliases: list[str]) -> str:
-        """
-        Return the Advisory ID for the given aliases.
-        """
-        return self.get_cve_id(aliases)
-
 
 def parse_ruby_advisory(record, schema_type, advisory_url):
     """

vulnerabilities/importers/suse_oval.py

@@ -26,6 +26,13 @@ def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
         self.translations = {"less than": "<", "equals": "=", "greater than or equal": ">="}
 
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
+        """
+        Return the Advisory ID for the given aliases.
+        """
+        return cls.get_cve_id(aliases)
+
     def _fetch(self):
         page = requests.get(self.base_url).text
         soup = BeautifulSoup(page, "lxml")

vulnerabilities/importers/suse_scores.py

@@ -26,6 +26,13 @@ class SUSESeverityScoreImporter(Importer):
     license_url = "https://ftp.suse.com/pub/projects/security/yaml/LICENSE"
     importer_name = "SUSE Severity Score Importer"
 
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
+        """
+        Return the Advisory ID for the given aliases.
+        """
+        return cls.get_cve_id(aliases)
+
     def advisory_data(self) -> Iterable[AdvisoryData]:
         score_data = fetch_yaml(URL)
         yield from self.to_advisory(score_data)

vulnerabilities/importers/ubuntu.py

@@ -63,6 +63,13 @@ class UbuntuImporter(OvalImporter):
     """
     importer_name = "Ubuntu OVAL Importer"
 
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
+        """
+        Return the Advisory ID for the given aliases.
+        """
+        return cls.get_cve_id(aliases)
+
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
         # we could avoid setting translations, and have it

vulnerabilities/importers/ubuntu_usn.py

@@ -64,6 +64,13 @@ class UbuntuUSNImporter(Importer):
     """
     importer_name = "Ubuntu USN Importer"
 
+    @classmethod
+    def get_advisory_id(cls, aliases: list[str]) -> str:
+        """
+        Return the Advisory ID for the given aliases.
+        """
+        return cls.get_cve_id(aliases)
+
     def advisory_data(self):
         usn_db = fetch(self.db_url)
         yield from self.to_advisories(usn_db=usn_db)