WIP

haikoschol · haikoschol · commit 7a7295c1bbd1 · 2020-03-15T12:19:36.000+01:00
Signed-off-by: Haiko Schol &lt;hs@haikoschol.com&gt;
diff --git a/vulnerabilities/importers/rust.py b/vulnerabilities/importers/rust.py
diff --git a/vulnerabilities/importers/safety_db.py b/vulnerabilities/importers/safety_db.py
@@ -40,6 +40,7 @@ def import_vulnerabilities():
             cve_id = advisory.get('cve')
             vuln_id = advisory['id']
             vuln_version_ranges = advisory['specs']
+            affected_versions = set()
             for vuln_version_range in vuln_version_ranges:
                 version_range = RangeSpecifier(vuln_version_range)
                 affected_versions = set()
diff --git a/vulnerabilities/management/commands/import.py b/vulnerabilities/management/commands/import.py
@@ -76,14 +76,14 @@ def list_sources(self):
     def import_data(self, names, cutoff_date):
         importers = []
         unknown_importers = set()
-        
+
         # make sure all arguments are valid before running any importers
         for name in names:
             try:
                 importers.append(Importer.objects.get(name=name))
             except Importer.DoesNotExist:
                 unknown_importers.add(name)
-                
+
         if unknown_importers:
             unknown_importers = ', '.join(unknown_importers)
             raise CommandError(f'Unknown data sources: {unknown_importers}')
diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py
@@ -138,10 +138,10 @@ class Importer(models.Model):
     name = models.CharField(max_length=100, unique=True, help_text='Name of the importer')
     license = models.CharField(max_length=100, blank=True, help_text='License of the vulnerability data')
     last_run = models.DateTimeField(null=True, help_text='UTC Timestamp of the last run')
-    
+
     data_source = models.CharField(
         max_length=100,
-        help_text='Class name of the data source implementation importable from  vulnerabilities.importers',
+        help_text='Class name of the data source implementation importable from vulnerabilities.importers',
     )
     data_source_cfg = pgfields.JSONField(
         null=False,
diff --git a/vulnerabilities/tests/test_rust.py b/vulnerabilities/tests/test_rust.py
@@ -21,8 +21,8 @@
 #  VulnerableCode is a free software code scanning tool from nexB Inc. and others.
 #  Visit https://github.com/nexB/vulnerablecode/ for support and download.
 
-from vulnerabilities.scraper.rust import rust_crate_advisories
-from vulnerabilities.scraper.rust import load_advisory
+from vulnerabilities.importers.rust import rust_crate_advisories
+from vulnerabilities.importers.rust import load_advisory
 
 RUSTSEC_DB_URL = 'https://github.com/RustSec/advisory-db/archive/master.zip'
 
