Remove MitreCVE feed backend (#16519)#17142
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #17142 +/- ##
==========================================
- Coverage 81.85% 81.78% -0.08%
==========================================
Files 175 175
Lines 9410 9376 -34
==========================================
- Hits 7703 7668 -35
- Misses 1707 1708 +1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Pull request overview
Removes the deprecated Mitre CVE feed backend from the security app, completing the decommissioning work started in #16521 / #16542 while keeping the 410 Gone redirect behavior in place via bedrock/security/redirects.py.
Changes:
- Removed the
MitreCVEmodel and its JSON feed view, along with related imports and management-command logic. - Deleted Mitre CVE model tests and removed the stale commented-out URL pattern for
cve-feed.json. - Added migration
0009_delete_mitrecveto drop theMitreCVEdatabase table.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| bedrock/security/views.py | Removes the Mitre CVE JSON feed view and MitreCVE dependency. |
| bedrock/security/urls.py | Removes the leftover commented-out cve-feed.json URL pattern reference. |
| bedrock/security/tests/test_models.py | Deletes MitreCVE model tests and removes the import. |
| bedrock/security/models.py | Deletes the MitreCVE model class. |
| bedrock/security/migrations/0009_delete_mitrecve.py | Drops the MitreCVE table via DeleteModel. |
| bedrock/security/management/commands/update_security_advisories.py | Removes CVE-feed-specific parsing/upsert logic and the MitreCVE clear step. |
janriokrause
force-pushed
the
janriokrause/remove-cve-feed
branch
from
25d8c61 to
19df32f
Compare
|
Just removed the migration from this commit and created a separate PR #17143. |
Looking at the failing test I think we can balance this by keeping the Model definition in this PR (you can remove the custom methods if you want) and focus on dropping the non-models.py code in this PR, then in #17143 delete the Model definition there, along with the migration to drop the table. How does that seem to you @janriokrause ? |
janriokrause
force-pushed
the
janriokrause/remove-cve-feed
branch
from
19df32f to
b5dd53b
Compare
|
Great. Thanks for the hint. Updated both PRs. |
stevejalim
force-pushed
the
janriokrause/remove-cve-feed
branch
from
b5dd53b to
cf021b7
Compare
stevejalim
left a comment
stevejalim
left a comment
There was a problem hiding this comment.
Might be worth a search for MitreCVE in the codebase in general - I see it's still included in the export-db-to-sqlite.sh script and can come out of there, too - either in this PR or in the one that drops the model - it won't really matter
janriokrause
force-pushed
the
janriokrause/remove-cve-feed
branch
from
cf021b7 to
28decf9
Compare
The `cve-feed.json` endpoint was already removed and redirected to 410 Gone in #16542. This removes the remaining Python backend: the `mitre_cve_feed` view, the `add_or_update_cve` management command logic, and all associated tests. A migration to drop the `MitreCVE` model and database table will be in a separate commit.
janriokrause
force-pushed
the
janriokrause/remove-cve-feed
branch
from
28decf9 to
674b6d8
Compare
|
Removed MitreCVE from |
| if clear_db: | ||
| printout("Clearing all security advisories.") | ||
| SecurityAdvisory.objects.all().delete() | ||
| Product.objects.all().delete() | ||
| MitreCVE.objects.all().delete() | ||
|
|
There was a problem hiding this comment.
Consider cleaning up the remaining MitreCVE model/table as part of this decommissioning. After this change, the update_security_advisories --clear-db path no longer deletes MitreCVE rows, and MitreCVE also appears to be otherwise unused (only the model/migrations remain), which can leave stale data in the DB and ongoing schema maintenance overhead. Options: add a migration to remove the model/table, or (if you’re intentionally keeping the table temporarily) keep deleting it here and/or add a short comment explaining why it’s retained.
There was a problem hiding this comment.
Model/table will be deleted in a follow-up PR #17143, following the multi-release process of migrations.
Summary
mitre_cve_feedview,parse_cve_idandadd_or_update_cvefunctions, and all related imports and testscve-feed.jsonURL pattern (FIXME from Stop serving cve-feed.json on any path #16542)Notes
The
gone()redirect inredirects.py(#16521) is intentionally kept so the old URL continues to return 410. Thesecurity/partials/cve.htmltemplate is also kept. It renders CVE entries on advisory detail pages and is unrelated to the feed.