Update retiredotnet to use the new AdvisoryDataV2

ziadhany · ziadhany · commit 22fb93d28b54 · 2026-02-10T15:46:36.000+02:00
Drop duplicates in affected and fixed version range

Signed-off-by: ziad hany &lt;ziadhany2016@gmail.com&gt;
diff --git a/vulnerabilities/pipelines/v2_importers/retiredotnet_importer.py b/vulnerabilities/pipelines/v2_importers/retiredotnet_importer.py
@@ -16,7 +16,7 @@
 from packageurl import PackageURL
 from univers.version_range import NugetVersionRange
 
-from vulnerabilities.importer import AdvisoryData
+from vulnerabilities.importer import AdvisoryDataV2
 from vulnerabilities.importer import AffectedPackageV2
 from vulnerabilities.importer import ReferenceV2
 from vulnerabilities.pipelines import VulnerableCodeBaseImporterPipelineV2
@@ -66,7 +66,7 @@ def collect_advisories(self):
                 # group by package name `id`
                 # { pkg_id: {'affected_versions': [], 'fixed': []} }
                 grouped_packages = defaultdict(
-                    lambda: {"affected_versions": [], "fixed_versions": []}
+                    lambda: {"affected_versions": set(), "fixed_versions": set()}
                 )
                 for pkg in json_doc.get("packages") or []:
                     name = pkg.get("id")
@@ -75,11 +75,11 @@ def collect_advisories(self):
 
                     affected_version = pkg.get("affected")
                     if affected_version:
-                        grouped_packages[name]["affected_versions"].append(affected_version)
+                        grouped_packages[name]["affected_versions"].add(affected_version)
 
                     fixed_version = pkg.get("fix")
                     if fixed_version:
-                        grouped_packages[name]["fixed_versions"].append(fixed_version)
+                        grouped_packages[name]["fixed_versions"].add(fixed_version)
 
                 for pkg in grouped_packages:
                     affected_version_range = None
@@ -109,12 +109,12 @@ def collect_advisories(self):
                         )
                     ]
 
-                yield AdvisoryData(
+                yield AdvisoryDataV2(
                     advisory_id=advisory_id,
                     aliases=[aliases] if aliases else [],
                     summary=description,
                     affected_packages=affected_packages,
-                    references_v2=vuln_reference,
+                    references=vuln_reference,
                     url=advisory_url,
                 )
 
diff --git a/vulnerabilities/tests/test_data/retiredotnet_v2/expected_file.json b/vulnerabilities/tests/test_data/retiredotnet_v2/expected_file.json
@@ -16,7 +16,7 @@
           "subpath": ""
         },
         "affected_version_range": "vers:nuget/2.1.0|2.1.1|2.2.0",
-        "fixed_version_range": "vers:nuget/2.1.7|2.1.7|2.2.1",
+        "fixed_version_range": "vers:nuget/2.1.7|2.2.1",
         "introduced_by_commit_patches": [],
         "fixed_by_commit_patches": []
       },
@@ -30,7 +30,7 @@
           "subpath": ""
         },
         "affected_version_range": "vers:nuget/2.1.0|2.1.1|2.1.2|2.1.3",
-        "fixed_version_range": "vers:nuget/2.1.7|2.1.7|2.1.7|2.1.7",
+        "fixed_version_range": "vers:nuget/2.1.7",
         "introduced_by_commit_patches": [],
         "fixed_by_commit_patches": []
       },
@@ -44,7 +44,7 @@
           "subpath": ""
         },
         "affected_version_range": "vers:nuget/4.5.0|4.5.1|4.5.2",
-        "fixed_version_range": "vers:nuget/4.5.3|4.5.3|4.5.3",
+        "fixed_version_range": "vers:nuget/4.5.3",
         "introduced_by_commit_patches": [],
         "fixed_by_commit_patches": []
       },
@@ -58,7 +58,7 @@
           "subpath": ""
         },
         "affected_version_range": "vers:nuget/2.1.0|2.1.1|2.1.2|2.1.3|2.1.4|2.1.5|2.1.6|2.2.0",
-        "fixed_version_range": "vers:nuget/2.1.7|2.1.7|2.1.7|2.1.7|2.1.7|2.1.7|2.1.7|2.2.1",
+        "fixed_version_range": "vers:nuget/2.1.7|2.2.1",
         "introduced_by_commit_patches": [],
         "fixed_by_commit_patches": []
       },
@@ -72,7 +72,7 @@
           "subpath": ""
         },
         "affected_version_range": "vers:nuget/2.1.0|2.1.1|2.1.2|2.1.3|2.1.4|2.1.5|2.1.6|2.2.0",
-        "fixed_version_range": "vers:nuget/2.1.7|2.1.7|2.1.7|2.1.7|2.1.7|2.1.7|2.1.7|2.2.1",
+        "fixed_version_range": "vers:nuget/2.1.7|2.2.1",
         "introduced_by_commit_patches": [],
         "fixed_by_commit_patches": []
       },
@@ -86,12 +86,12 @@
           "subpath": ""
         },
         "affected_version_range": "vers:nuget/2.1.0|2.1.1|2.1.2|2.1.3|2.1.4|2.1.5|2.1.6|2.2.0",
-        "fixed_version_range": "vers:nuget/2.1.7|2.1.7|2.1.7|2.1.7|2.1.7|2.1.7|2.1.7|2.2.1",
+        "fixed_version_range": "vers:nuget/2.1.7|2.2.1",
         "introduced_by_commit_patches": [],
         "fixed_by_commit_patches": []
       }
     ],
-    "references_v2": [
+    "references": [
       {
         "reference_id": "",
         "reference_type": "",
