Skip to content

Add V2 Importer for Tuxcare advisories #2104

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Samk1710 wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add V2 Importer for Tuxcare advisories #2104

Samk1710 wants to merge 3 commits into from

Conversation

@Samk1710
Copy link

@Samk1710 Samk1710 commented Jan 4, 2026
edited by ziadhany
Loading

Addresses Issue:

Data Source: https://cve.tuxcare.com/els/download-json?orderBy=updated-desc

Importer Log Excerpt:

INFO 2026-01-05 10:26:03.844748 UTC Successfully collected 65,599 advisories
INFO 2026-01-05 10:26:03.845009 UTC Step [collect_and_store_advisories] completed in 1373 seconds (22.9 minutes)
INFO 2026-01-05 10:26:03.845091 UTC Pipeline completed in 1373 seconds (22.9 minutes)

@Samk1710
Add V2 Importer for Tuxcare
0bb18b5 
Signed-off-by: Sampurna Pyne <[email protected]>
@ziadhany ziadhany self-requested a review January 5, 2026 10:22
ziadhany
ziadhany requested changes Jan 7, 2026
View reviewed changes
Copy link
Collaborator

@ziadhany ziadhany left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Samk1710 Thanks , see feedback and suggestions below

@Samk1710
Refactor as per review
8039472 
Signed-off-by: Sampurna Pyne <[email protected]>
@Samk1710
Copy link
Author

Samk1710 commented Jan 7, 2026

@ziadhany Thanks for your review.
I have updated the code as per your suggestion and feedback. Requesting a re-review. Thanks again!

@Samk1710 Samk1710 requested a review from ziadhany January 7, 2026 21:18
ziadhany
ziadhany reviewed Jan 8, 2026
View reviewed changes
vulnerabilities/pipelines/v2_importers/tuxcare_importer.py
Comment on lines +57 to +60
summary = f"TuxCare advisory for {cve_id}"
if project_name:
summary += f" in {project_name}"
if os_name:
Copy link
Collaborator

@ziadhany ziadhany Jan 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is wrong. The OS name should be considered a qualifier.
Please look at https://github.com/package-url/purl-spec

Copy link
Author

@Samk1710 Samk1710 Jan 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I ran a small local script on the data source JSON file to find the unique OS names.

CentOS: 23778
Ubuntu: 13934
Oracle: 8190
AlmaLinux: 6562
Unknown: 4526
CloudLinux: 1934
RHEL: 1524
Debian: 944
TuxCare: 792
Alpine: 119

Idea is to map these with the appropriate PURLs. Will be implementing this and pushing the changes shortly.
Do let me know if any other approach is more suitable. Thanks for the correction.

@ziadhany
Copy link
Collaborator

ziadhany commented Jan 8, 2026
edited
Loading

@Samk1710, could you please also fix the CI ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ziadhany ziadhany ziadhany requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Samk1710 @ziadhany