Refactor PURL and fix type-hinting

Samk1710 · Samk1710 · commit 663d5fdea74f · 2026-01-12T19:49:39.000+05:30
Signed-off-by: Sampurna Pyne &lt;sampurnapyne1710@gmail.com&gt;
diff --git a/vulnerabilities/pipelines/v2_importers/tuxcare_importer.py b/vulnerabilities/pipelines/v2_importers/tuxcare_importer.py
@@ -1,7 +1,6 @@
 import json
 import logging
 from typing import Iterable
-from typing import Mapping
 
 from dateutil.parser import parse
 from packageurl import PackageURL
@@ -30,7 +29,7 @@ def steps(cls):
             cls.collect_and_store_advisories,
         )
 
-    def fetch(self) -> Iterable[Mapping]:
+    def fetch(self) -> None:
         url = "https://cve.tuxcare.com/els/download-json?orderBy=updated-desc"
         self.log(f"Fetching `{url}`")
         response = fetch_response(url)
@@ -40,33 +39,13 @@ def advisories_count(self) -> int:
         return len(self.response)
 
     def _create_purl(self, project_name: str, os_name: str) -> PackageURL:
-        os_mapping = {
-            "ubuntu": ("deb", "ubuntu"),
-            "debian": ("deb", "debian"),
-            "centos": ("rpm", "centos"),
-            "almalinux": ("rpm", "almalinux"),
-            "rhel": ("rpm", "redhat"),
-            "red hat": ("rpm", "redhat"),
-            "oracle": ("rpm", "oracle"),
-            "cloudlinux": ("rpm", "cloudlinux"),
-            "alpine": ("apk", "alpine"),
-        }
-
         qualifiers = {}
         if os_name:
-            qualifiers["os"] = os_name
-
-        if not os_name:
-            return PackageURL(type="generic", name=project_name)
-
-        os_lower = os_name.lower()
-        for keyword, (pkg_type, namespace) in os_mapping.items():
-            if keyword in os_lower:
-                return PackageURL(
-                    type=pkg_type, namespace=namespace, name=project_name, qualifiers=qualifiers
-                )
+            qualifiers["distro"] = os_name
 
-        return PackageURL(type="generic", name=project_name, qualifiers=qualifiers)
+        return PackageURL(
+            type="generic", namespace="tuxcare", name=project_name, qualifiers=qualifiers
+        )
 
     def collect_advisories(self) -> Iterable[AdvisoryData]:
         for record in self.response:
@@ -83,12 +62,6 @@ def collect_advisories(self) -> Iterable[AdvisoryData]:
 
             advisory_id = cve_id
 
-            summary = f"TuxCare advisory for {cve_id}"
-            if project_name:
-                summary += f" in {project_name}"
-            if os_name:
-                summary += f" on {os_name}"
-
             affected_packages = []
             if project_name:
                 purl = self._create_purl(project_name, os_name)
@@ -126,7 +99,6 @@ def collect_advisories(self) -> Iterable[AdvisoryData]:
 
             yield AdvisoryData(
                 advisory_id=advisory_id,
-                summary=summary,
                 affected_packages=affected_packages,
                 severities=severities,
                 date_published=date_published,
diff --git a/vulnerabilities/tests/test_data/tuxcare/expected.json b/vulnerabilities/tests/test_data/tuxcare/expected.json
@@ -2,10 +2,10 @@
   {
     "advisory_id": "CVE-2023-52922",
     "aliases": [],
-    "summary": "TuxCare advisory for CVE-2023-52922 in squid on CloudLinux 7 ELS",
+    "summary": "",
     "affected_packages": [
       {
-        "package": {"type": "rpm", "namespace": "cloudlinux", "name": "squid", "version": "", "qualifiers": "os=CloudLinux%207%20ELS", "subpath": ""},
+        "package": {"type": "generic", "namespace": "tuxcare", "name": "squid", "version": "", "qualifiers": "distro=CloudLinux%207%20ELS", "subpath": ""},
         "affected_version_range": "vers:generic/3.5.20",
         "fixed_version_range": null,
         "introduced_by_commit_patches": [],
@@ -22,10 +22,10 @@
   {
     "advisory_id": "CVE-2023-52922",
     "aliases": [],
-    "summary": "TuxCare advisory for CVE-2023-52922 in squid on Oracle Linux 7 ELS",
+    "summary": "",
     "affected_packages": [
       {
-        "package": {"type": "rpm", "namespace": "oracle", "name": "squid", "version": "", "qualifiers": "os=Oracle%20Linux%207%20ELS", "subpath": ""},
+        "package": {"type": "generic", "namespace": "tuxcare", "name": "squid", "version": "", "qualifiers": "distro=Oracle%20Linux%207%20ELS", "subpath": ""},
         "affected_version_range": "vers:generic/3.5.20",
         "fixed_version_range": null,
         "introduced_by_commit_patches": [],
@@ -42,10 +42,10 @@
   {
     "advisory_id": "CVE-2023-48161",
     "aliases": [],
-    "summary": "TuxCare advisory for CVE-2023-48161 in java-11-openjdk on RHEL 7 ELS",
+    "summary": "",
     "affected_packages": [
       {
-        "package": {"type": "rpm", "namespace": "redhat", "name": "java-11-openjdk", "version": "", "qualifiers": "os=RHEL%207%20ELS", "subpath": ""},
+        "package": {"type": "generic", "namespace": "tuxcare", "name": "java-11-openjdk", "version": "", "qualifiers": "distro=RHEL%207%20ELS", "subpath": ""},
         "affected_version_range": "vers:generic/11.0.23",
         "fixed_version_range": null,
         "introduced_by_commit_patches": [],
@@ -62,10 +62,10 @@
   {
     "advisory_id": "CVE-2024-21147",
     "aliases": [],
-    "summary": "TuxCare advisory for CVE-2024-21147 in java-11-openjdk on RHEL 7 ELS",
+    "summary": "",
     "affected_packages": [
       {
-        "package": {"type": "rpm", "namespace": "redhat", "name": "java-11-openjdk", "version": "", "qualifiers": "os=RHEL%207%20ELS", "subpath": ""},
+        "package": {"type": "generic", "namespace": "tuxcare", "name": "java-11-openjdk", "version": "", "qualifiers": "distro=RHEL%207%20ELS", "subpath": ""},
         "affected_version_range": "vers:generic/11.0.23",
         "fixed_version_range": null,
         "introduced_by_commit_patches": [],
@@ -82,10 +82,10 @@
   {
     "advisory_id": "CVE-2025-21587",
     "aliases": [],
-    "summary": "TuxCare advisory for CVE-2025-21587 in java-11-openjdk on RHEL 7 ELS",
+    "summary": "",
     "affected_packages": [
       {
-        "package": {"type": "rpm", "namespace": "redhat", "name": "java-11-openjdk", "version": "", "qualifiers": "os=RHEL%207%20ELS", "subpath": ""},
+        "package": {"type": "generic", "namespace": "tuxcare", "name": "java-11-openjdk", "version": "", "qualifiers": "distro=RHEL%207%20ELS", "subpath": ""},
         "affected_version_range": "vers:generic/11.0.23",
         "fixed_version_range": null,
         "introduced_by_commit_patches": [],
