Include advisory_id in to_dict for v2 advisory

keshav-space · keshav-space · commit 737d94a75f6c · 2025-08-01T17:42:12.000+05:30
Signed-off-by: Keshav Priyadarshi &lt;git@keshav.space&gt;
diff --git a/vulnerabilities/importer.py b/vulnerabilities/importer.py
@@ -461,12 +461,14 @@ def clean_summary(self, summary):
 
     def to_dict(self):
         is_adv_v2 = (
-            self.severities
+            self.advisory_id
+            or self.severities
             or self.references_v2
             or (self.affected_packages and isinstance(self.affected_packages[0], AffectedPackageV2))
         )
         if is_adv_v2:
             return {
+                "advisory_id": self.advisory_id,
                 "aliases": self.aliases,
                 "summary": self.summary,
                 "affected_packages": [pkg.to_dict() for pkg in self.affected_packages],
diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py
@@ -2890,6 +2890,7 @@ def to_advisory_data(self) -> "AdvisoryData":
         from vulnerabilities.importer import AdvisoryData
 
         return AdvisoryData(
+            advisory_id=self.advisory_id,
             aliases=[item.alias for item in self.aliases.all()],
             summary=self.summary,
             affected_packages=[
diff --git a/vulnerabilities/tests/test_data/archlinux/archlinux_advisoryv2-expected.json b/vulnerabilities/tests/test_data/archlinux/archlinux_advisoryv2-expected.json
@@ -1,5 +1,6 @@
 [
   {
+    "advisory_id": "AVG-2781",
     "aliases": [
       "CVE-2022-29217"
     ],
@@ -31,6 +32,7 @@
     "url": "https://security.archlinux.org/AVG-2781.json"
   },
   {
+    "advisory_id": "AVG-2780",
     "aliases": [
       "CVE-2022-26710",
       "CVE-2022-22677",
@@ -64,6 +66,7 @@
     "url": "https://security.archlinux.org/AVG-2780.json"
   },
   {
+    "advisory_id": "AVG-4",
     "aliases": [
       "CVE-2016-3189",
       "ASA-201702-19"
diff --git a/vulnerabilities/tests/test_data/redhat/redhat_advisoryv2-expected.json b/vulnerabilities/tests/test_data/redhat/redhat_advisoryv2-expected.json
@@ -1,5 +1,6 @@
 [
   {
+    "advisory_id": "RHBA-2024:11505",
     "aliases": [
       "CVE-2023-2295",
       "CVE-2023-23009",
@@ -193,6 +194,7 @@
     "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhba-2024_11505.json"
   },
   {
+    "advisory_id": "RHBA-2025:0409",
     "aliases": [
       "CVE-2024-45338",
       "CVE-2024-52798",
@@ -272,6 +274,7 @@
     "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhba-2025_0409.json"
   },
   {
+    "advisory_id": "RHBA-2025:1079",
     "aliases": [
       "CVE-2020-11023"
     ],
@@ -306,6 +309,7 @@
     "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhba-2025_1079.json"
   },
   {
+    "advisory_id": "RHEA-2025:2418",
     "aliases": [
       "CVE-2023-34440",
       "CVE-2023-43758",
@@ -364,6 +368,7 @@
     "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhea-2025_2418.json"
   },
   {
+    "advisory_id": "RHSA-2010:0002",
     "aliases": [
       "CVE-2009-3720"
     ],
@@ -692,6 +697,7 @@
     "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0002.json"
   },
   {
+    "advisory_id": "RHSA-2025:0002",
     "aliases": [
       "CVE-2024-53899"
     ],

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,6 @@`
`1`	`1`	`[`
`2`	`2`	`{`
	`3`	`+ "advisory_id": "AVG-2781",`
`3`	`4`	`"aliases": [`
`4`	`5`	`"CVE-2022-29217"`
`5`	`6`	`],`
`@@ -31,6 +32,7 @@`
`31`	`32`	`"url": "https://security.archlinux.org/AVG-2781.json"`
`32`	`33`	`},`
`33`	`34`	`{`
	`35`	`+ "advisory_id": "AVG-2780",`
`34`	`36`	`"aliases": [`
`35`	`37`	`"CVE-2022-26710",`
`36`	`38`	`"CVE-2022-22677",`
`@@ -64,6 +66,7 @@`
`64`	`66`	`"url": "https://security.archlinux.org/AVG-2780.json"`
`65`	`67`	`},`
`66`	`68`	`{`
	`69`	`+ "advisory_id": "AVG-4",`
`67`	`70`	`"aliases": [`
`68`	`71`	`"CVE-2016-3189",`
`69`	`72`	`"ASA-201702-19"`