launchpad-reviewers team mailing list archive

[Enrique Sánchez <mp+493278@xxxxxxxxxxxxxxxxxx>]

Diff comments:

> diff --git a/lib/lp/bugs/scripts/soss/sossimport.py b/lib/lp/bugs/scripts/soss/sossimport.py
> index 2bb7c17..f4b1254 100644
> --- a/lib/lp/bugs/scripts/soss/sossimport.py
> +++ b/lib/lp/bugs/scripts/soss/sossimport.py
> @@ -288,6 +294,14 @@ class SOSSImporter(SVTImporter):
>          vulnerability.date_coordinated_release = None
>          vulnerability.cvss = self._prepare_cvss_data(soss_record)
>  
> +        if soss_record.extra_attrs:

Sorry I think I did not explain it well. When we do a data import, we need to make sure that the data that we are importing is an exact match with the LP data.

Then we need to erase `vulnerability.metadata` and set it to our data. You can just do the same thing you are doing above ^:
```
if soss_record.extra_attrs:
    metadata = {"extra_attrs": soss_record.extra_attrs}
```

We don't want to preserve changes/other keys we had since we only support `extra_attrs`. If we add new keys we will need to add them here.

This is the actual behavior that the Import should have. It could change in the future when the SEC team starts to use the SVT, but now we always match what we have in the data we are importing.

> +            if isinstance(dict, vulnerability.metadata):
> +                vulnerability.metadata["extra_attrs"] = soss_record.extra_attrs
> +            else:
> +                vulnerability.metadata = {
> +                    "extra_attrs": soss_record.extra_attrs
> +                }
> +
>          logger.info(
>              "[SOSSImporter] Updated Vulnerability with ID: "
>              f"{vulnerability.id} for {vulnerability.distribution.name}",


-- 
https://code.launchpad.net/~ilkeremrekoc/launchpad/+git/launchpad/+merge/493278
Your team Launchpad code reviewers is requested to review the proposed merge of ~ilkeremrekoc/launchpad:add-extra-attrs into launchpad:master.