Skip to content

Add support for glib importer#2118

Merged
ziadhany merged 6 commits into
aboutcode-org:mainfrom
ziadhany:glibc_importer
May 14, 2026
Merged

Add support for glib importer#2118
ziadhany merged 6 commits into
aboutcode-org:mainfrom
ziadhany:glibc_importer

Conversation

@ziadhany
Copy link
Copy Markdown
Collaborator

@ziadhany ziadhany commented Jan 19, 2026
edited
Loading

@ziadhany
Copy link
Copy Markdown
Collaborator Author

ziadhany commented Jan 22, 2026
edited
Loading

GlibcImporterPipeline Logs

/home/ziad-hany/PycharmProjects/vulnerablecode/venv/bin/python3.13 /home/ziad-hany/PycharmProjects/vulnerablecode/manage.py import localhost:8000 --all 
Importing data using glibc_importer_v2
INFO 2026-05-14 21:41:09.343562 UTC Pipeline [GlibcImporterPipeline] starting
INFO 2026-05-14 21:41:09.343704 UTC Step [clone] starting
INFO 2026-05-14 21:41:09.343771 UTC Cloning `git+https://sourceware.org/git/glibc.git`
INFO 2026-05-14 21:42:09.529557 UTC Step [clone] completed in 60 seconds (1.0 minutes)
INFO 2026-05-14 21:42:09.529678 UTC Step [collect_and_store_advisories] starting
INFO 2026-05-14 21:42:09.529974 UTC Collecting 31 advisories
INFO 2026-05-14 21:42:09.876663 UTC Progress: 12% (4/31) ETA: 3 seconds
INFO 2026-05-14 21:42:09.987236 UTC Progress: 22% (7/31) ETA: 2 seconds
INFO 2026-05-14 21:42:10.088847 UTC Progress: 32% (10/31) ETA: 1 seconds
INFO 2026-05-14 21:42:10.213179 UTC Progress: 45% (14/31) ETA: 1 seconds
INFO 2026-05-14 21:42:10.369820 UTC Progress: 58% (18/31) ETA: 1 seconds
INFO 2026-05-14 21:42:10.484080 UTC Progress: 70% (22/31)
INFO 2026-05-14 21:42:10.574791 UTC Progress: 80% (25/31)
INFO 2026-05-14 21:42:10.681842 UTC Progress: 90% (28/31)
INFO 2026-05-14 21:42:10.772482 UTC Successfully collected 30 advisories
INFO 2026-05-14 21:42:10.772594 UTC Step [collect_and_store_advisories] completed in 1 seconds
INFO 2026-05-14 21:42:10.772647 UTC Step [clean_downloads] starting
INFO 2026-05-14 21:42:10.772696 UTC Removing cloned repository
INFO 2026-05-14 21:42:11.083879 UTC Step [clean_downloads] completed in 0 seconds
INFO 2026-05-14 21:42:11.084019 UTC Pipeline completed in 62 seconds (1.0 minutes)

Process finished with exit code 0

from vulnerabilities.models import AdvisoryV2
from django.db.models import Count
duplicates = (
    AdvisoryV2.objects
    .values('avid')
    .annotate(count=Count('id'))
    .filter(count__gt=1)
)
len(duplicates)
Out[2]: 0
AdvisoryV2.objects.count()
Out[3]: 21

ziadhany and others added 4 commits March 5, 2026 14:57
@ziadhany @harsh098
Add support for glib importer
8696875 
Co-authored-by: Harsh Mishra <hmisraji07@gmail.com>
Signed-off-by: ziad hany <ziadhany2016@gmail.com>
@ziadhany
Add a glibc importer to IMPORTERS_REGISTRY
e965c15 
Signed-off-by: ziad hany <ziadhany2016@gmail.com>
@ziadhany
Remove the warning related to date_published and update the test
54a1b67 
Signed-off-by: ziad hany <ziadhany2016@gmail.com>
@ziadhany
Update glibc importer to use AdvisoryDataV2
b8fde2b 
Signed-off-by: ziad hany <ziadhany2016@gmail.com>
@ziadhany ziadhany mentioned this pull request May 14, 2026
Closed
4 tasks
TG1999
TG1999 reviewed May 14, 2026
View reviewed changes
Comment thread vulnerabilities/pipelines/v2_importers/glibc_importer.py Outdated
purl = PackageURL(
type="generic",
namespace="gnu",
name="gcc",
Copy link
Copy Markdown
Contributor

@TG1999 TG1999 May 14, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why gcc and not glibc ?

Copy link
Copy Markdown
Collaborator Author

@ziadhany ziadhany May 14, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is a typo. Let me update it , I think the PURL should be:

pkg:gnu/glibc or pkg:generic/gnu/glibc

Copy link
Copy Markdown
Member

@pombredanne pombredanne May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rather than pkg:gnu/glibc or pkg:generic/gnu/glibc I suggest we use the new sid type for GNU as in pkg:sid/gnu.org/glibc@1.2.2

See package-url/purl-spec#516 ... I am working on getting a PR in ASAP.

You can safely starting that for gnu and glibc

Copy link
Copy Markdown
Member

@pombredanne pombredanne May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mjherzog @johnmhoran ping ... FYI

@ziadhany
Fix a typo in purl and use pkg:sid/gnu.org/glibc
b588e00 
Signed-off-by: ziad hany <ziadhany2016@gmail.com>
TG1999
TG1999 approved these changes May 14, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@TG1999 TG1999 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@ziadhany ziadhany merged commit 4ade695 into aboutcode-org:main May 14, 2026
5 checks passed
@ziadhany ziadhany mentioned this pull request May 14, 2026
Closed
@ziadhany ziadhany deleted the glibc_importer branch May 15, 2026 10:55
This was referenced May 15, 2026
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pombredanne pombredanne pombredanne left review comments

@TG1999 TG1999 TG1999 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ziadhany @pombredanne @TG1999