Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: aboutcode-org/vulnerablecode
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v38.5.0
Choose a base ref
...
head repository: aboutcode-org/vulnerablecode
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v38.6.0
Choose a head ref
  • 15 commits
  • 22 files changed
  • 4 contributors

Commits on Apr 28, 2026

  1. fix: do not ignore advisory_id while deserializing AdvisoryDataV2 fro… 

    …m dict

Signed-off-by: Keshav Priyadarshi <[email protected]>
    @keshav-space
    keshav-space committed Apr 28, 2026
    Configuration menu
    Copy the full SHA
    5d2f421 View commit details
    Browse the repository at this point in the history

  2. fix: ensure fixed and affected ranges are valid univers VersionRange 

    Signed-off-by: Keshav Priyadarshi <[email protected]>
    @keshav-space
    keshav-space committed Apr 28, 2026
    Configuration menu
    Copy the full SHA
    691bfbd View commit details
    Browse the repository at this point in the history

  3. Merge pull request #2285 from aboutcode-org/advisory-data 

    fix: fix AdvisoryDataV2 deserialization and validate version ranges correctly
    @keshav-space
    keshav-space authored Apr 28, 2026
    Configuration menu
    Copy the full SHA
    c62b7b0 View commit details
    Browse the repository at this point in the history

Commits on Apr 30, 2026

  1. fix: add missing clean_downloads step for alpine_linux v2 importer (#… 

    …2282)

Signed-off-by: ziad hany <[email protected]>
    @ziadhany
    ziadhany authored Apr 30, 2026
    Configuration menu
    Copy the full SHA
    6ea0ced View commit details
    Browse the repository at this point in the history

  2. fix: validate aliases for alpine linux, mattermost, fireeye, istio (#… 

    …2274)

* fix: validate aliases for alpine linux, mattermost, fireeye, istio advisories

Signed-off-by: ziad hany <[email protected]>

* Add migration to drop malformed advisories
Add a migration test

Signed-off-by: ziad hany <[email protected]>

* Fix a typo in parse_vuln_ids function docs & update the test

Signed-off-by: ziad hany <[email protected]>

* Add a filter to ensure that only malformed avid from alpine_linux, mattermost_importer_v2, fireeye_importer_v2, and istio_importer_v2 are deleted

Signed-off-by: ziad hany <[email protected]>

* Fix a bug in istio importer

Signed-off-by: ziad hany <[email protected]>

* Delete alias from target advisiories only

Signed-off-by: ziad hany <[email protected]>

* Resolve merge migration conflict

Signed-off-by: ziad hany <[email protected]>

---------

Signed-off-by: ziad hany <[email protected]>
    @ziadhany
    ziadhany authored Apr 30, 2026
    Configuration menu
    Copy the full SHA
    60fee54 View commit details
    Browse the repository at this point in the history

  3. fix: ignore conflicts while bulk creating v2 packages 

    - This is a TOCTOU problem when multiple workers try to create the same PURL

Signed-off-by: Keshav Priyadarshi <[email protected]>
    @keshav-space
    keshav-space committed Apr 30, 2026
    Configuration menu
    Copy the full SHA
    c0a403d View commit details
    Browse the repository at this point in the history

  4. fix: compute version rank while unfurling vers 

    Signed-off-by: Keshav Priyadarshi <[email protected]>
    @keshav-space
    keshav-space committed Apr 30, 2026
    Configuration menu
    Copy the full SHA
    b729bad View commit details
    Browse the repository at this point in the history

  5. Merge pull request #2289 from aboutcode-org/package-bulk-create-fix 

    fix: ignore conflicts while bulk creating v2 packages
    @keshav-space
    keshav-space authored Apr 30, 2026
    Configuration menu
    Copy the full SHA
    6973a54 View commit details
    Browse the repository at this point in the history

  6. fix: delete AdvisorySet associated with malformed aliases 

    Signed-off-by: Keshav Priyadarshi <[email protected]>
    @keshav-space
    keshav-space committed Apr 30, 2026
    Configuration menu
    Copy the full SHA
    70e899a View commit details
    Browse the repository at this point in the history

  7. Merge pull request #2291 from aboutcode-org/fix-malformed-alises-migr… 

    …ation

fix: delete AdvisorySet associated with malformed aliases
    @keshav-space
    keshav-space authored Apr 30, 2026
    Configuration menu
    Copy the full SHA
    bc5f2b9 View commit details
    Browse the repository at this point in the history

  8. fix: use shared cache backend across WSGI workers 

    Signed-off-by: Keshav Priyadarshi <[email protected]>
    @keshav-space
    keshav-space committed Apr 30, 2026
    Configuration menu
    Copy the full SHA
    a68d2fd View commit details
    Browse the repository at this point in the history

  9. feat: use additional worker count to indicate load factor 

    Signed-off-by: Keshav Priyadarshi <[email protected]>
    @keshav-space
    keshav-space committed Apr 30, 2026
    Configuration menu
    Copy the full SHA
    61c4693 View commit details
    Browse the repository at this point in the history

  10. Merge pull request #2290 from aboutcode-org/share-django-cache 

    fix: use shared cache backend across WSGI workers
    @keshav-space
    keshav-space authored Apr 30, 2026
    Configuration menu
    Copy the full SHA
    d750872 View commit details
    Browse the repository at this point in the history

  11. Release v38.6.0 

    Signed-off-by: Tushar Goel <[email protected]>
    @TG1999
    TG1999 committed Apr 30, 2026
    Configuration menu
    Copy the full SHA
    09937d3 View commit details
    Browse the repository at this point in the history

  12. Merge pull request #2292 from aboutcode-org/release_v38.6.0 

    Release v38.6.0
    @TG1999
    TG1999 authored Apr 30, 2026
    Configuration menu
    Copy the full SHA
    4f6283f View commit details
    Browse the repository at this point in the history
Loading