Add TODO model for Advisory

keshav-space · keshav-space · commit ea603b1c6ed2 · 2025-01-16T15:43:41.000+05:30
Signed-off-by: Keshav Priyadarshi &lt;git@keshav.space&gt;
diff --git a/vulnerabilities/migrations/0088_advisorytodo.py b/vulnerabilities/migrations/0088_advisorytodo.py
@@ -0,0 +1,82 @@
+# Generated by Django 4.2.17 on 2025-01-16 06:36
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("vulnerabilities", "0087_update_alpine_advisory_created_by"),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="AdvisoryTODO",
+            fields=[
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
+                    ),
+                ),
+                (
+                    "issue_type",
+                    models.CharField(
+                        choices=[
+                            ("MISSING_AFFECTED_PACKAGE", "Advisory is missing affected package"),
+                            ("MISSING_FIXED_BY_PACKAGE", "Advisory is missing fixed-by package"),
+                            (
+                                "MISSING_AFFECTED_AND_FIXED_PACKAGE",
+                                "Advisory is missing both affected and fixed-by package",
+                            ),
+                            ("MISSING_SUMMARY", "Advisory is missing summary"),
+                            (
+                                "CONFLICTING_FIXED_BY_PACKAGE",
+                                "Advisories has conflicting fixed-by package",
+                            ),
+                            (
+                                "CONFLICTING_AFFECTED_PACKAGE",
+                                "Advisories has conflicting affected package",
+                            ),
+                            ("CONFLICTING_SEVERITY", "Advisories has conflicting severity score"),
+                        ],
+                        db_index=True,
+                        help_text="Select the issue that needs to be addressed from the available options.",
+                        max_length=50,
+                    ),
+                ),
+                ("issue_detail", models.TextField(help_text="Additional details about the issue.")),
+                (
+                    "created_at",
+                    models.DateTimeField(
+                        auto_now_add=True,
+                        help_text="Timestamp indicating when this TODO was created.",
+                    ),
+                ),
+                (
+                    "is_resolved",
+                    models.BooleanField(
+                        db_index=True, default=False, help_text="This TODO is resolved or not."
+                    ),
+                ),
+                (
+                    "resolved_at",
+                    models.DateTimeField(
+                        help_text="Timestamp indicating when this TODO was resolved."
+                    ),
+                ),
+                (
+                    "resolution_detail",
+                    models.TextField(help_text="Additional detail on how this TODO was resolved."),
+                ),
+                (
+                    "advisories",
+                    models.ManyToManyField(
+                        help_text="Advisory/ies where this TODO is applicable.",
+                        related_name="advisory_todos",
+                        to="vulnerabilities.advisory",
+                    ),
+                ),
+            ],
+        ),
+    ]
diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py
@@ -1663,3 +1663,60 @@ class CodeFix(CodeChange):
         related_name="code_fix",
         help_text="The fixing package version with this code fix",
     )
+
+
+class AdvisoryTODO(models.Model):
+    """Track the TODOs for advisory/ies that need to be addressed."""
+
+    ISSUE_TYPE_CHOICES = [
+        ("MISSING_AFFECTED_PACKAGE", "Advisory is missing affected package"),
+        ("MISSING_FIXED_BY_PACKAGE", "Advisory is missing fixed-by package"),
+        (
+            "MISSING_AFFECTED_AND_FIXED_BY_PACKAGES",
+            "Advisory is missing both affected and fixed-by packages",
+        ),
+        ("MISSING_SUMMARY", "Advisory is missing summary"),
+        ("CONFLICTING_FIXED_BY_PACKAGES", "Advisories have conflicting fixed-by packages"),
+        ("CONFLICTING_AFFECTED_PACKAGES", "Advisories have conflicting affected packages"),
+        (
+            "CONFLICTING_AFFECTED_AND_FIXED_BY_PACKAGES",
+            "Advisories have conflicting affected and fixed-by packages",
+        ),
+        ("CONFLICTING_SEVERITY_SCORES", "Advisories have conflicting severity scores"),
+    ]
+
+    issue_type = models.CharField(
+        max_length=50,
+        choices=ISSUE_TYPE_CHOICES,
+        blank=False,
+        null=False,
+        db_index=True,
+        help_text="Select the issue that needs to be addressed from the available options.",
+    )
+    issue_detail = models.TextField(
+        help_text="Additional details about the issue.",
+    )
+    advisories = models.ManyToManyField(
+        Advisory,
+        related_name="advisory_todos",
+        help_text="Advisory/ies where this TODO is applicable.",
+    )
+
+    created_at = models.DateTimeField(
+        auto_now_add=True,
+        help_text="Timestamp indicating when this TODO was created.",
+    )
+
+    is_resolved = models.BooleanField(
+        default=False,
+        db_index=True,
+        help_text="This TODO is resolved or not.",
+    )
+
+    resolved_at = models.DateTimeField(
+        help_text="Timestamp indicating when this TODO was resolved.",
+    )
+
+    resolution_detail = models.TextField(
+        help_text="Additional detail on how this TODO was resolved.",
+    )
