Remove the min_score and max_score attributes from model #98

Signed-off-by: tdruez <[email protected]>
aboutcode-org · Nov 12, 2024 · dba5806 · dba5806
1 parent 4f37c7b
commit dba5806
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 56 deletions.
diff --git a/vulnerabilities/migrations/0004_remove_vulnerability_max_score_and_more.py b/vulnerabilities/migrations/0004_remove_vulnerability_max_score_and_more.py
@@ -0,0 +1,21 @@
+# Generated by Django 5.0.9 on 2024-11-12 10:54
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('vulnerabilities', '0003_to_delete_temp_fake_values'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='vulnerability',
+            name='max_score',
+        ),
+        migrations.RemoveField(
+            model_name='vulnerability',
+            name='min_score',
+        ),
+    ]
diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py
@@ -101,16 +101,6 @@ class Vulnerability(HistoryDateFieldsMixin, DataspacedModel):
         output_field=models.IntegerField(),
         db_persist=True,
     )
-    min_score = models.FloatField(
-        null=True,
-        blank=True,
-        help_text=_("The minimum score of the range."),
-    )
-    max_score = models.FloatField(
-        null=True,
-        blank=True,
-        help_text=_("The maximum score of the range."),
-    )
     exploitability = models.DecimalField(
         null=True,
         max_digits=4,
@@ -186,61 +176,15 @@ def add_affected_components(self, components):
         through_defaults = {"dataspace_id": self.dataspace_id}
         self.affected_components.add(*components, through_defaults=through_defaults)
 
-    @staticmethod
-    def range_to_values(self, range_str):
-        try:
-            min_score, max_score = range_str.split("-")
-            return float(min_score.strip()), float(max_score.strip())
-        except Exception:
-            return
-
     @classmethod
     def create_from_data(cls, dataspace, data, validate=False, affecting=None):
-        # Computing the min_score and max_score from the `references` as those data
-        # are not provided by the VulnerableCode API.
-        # https://github.com/aboutcode-org/vulnerablecode/issues/1573
-        # severity_range_score = data.get("severity_range_score")
-        # if severity_range_score:
-        #     min_score, max_score = self.range_to_values(severity_range_score)
-        #     data["min_score"] = min_score
-        #     data["max_score"] = max_score
-
-        severities = [
-            score for reference in data.get("references") for score in reference.get("scores", [])
-        ]
-        if scores := cls.get_severity_scores(severities):
-            data["min_score"] = min(scores)
-            data["max_score"] = max(scores)
-
         instance = super().create_from_data(user=dataspace, data=data, validate=False)
 
         if affecting:
             instance.add_affected(affecting)
 
         return instance
 
-    @staticmethod
-    def get_severity_scores(severities):
-        score_map = {
-            "low": [0.1, 3],
-            "moderate": [4.0, 6.9],
-            "medium": [4.0, 6.9],
-            "high": [7.0, 8.9],
-            "important": [7.0, 8.9],
-            "critical": [9.0, 10.0],
-        }
-
-        consolidated_scores = []
-        for severity in severities:
-            score = severity.get("value")
-            try:
-                consolidated_scores.append(float(score))
-            except ValueError:
-                if score_range := score_map.get(score.lower(), None):
-                    consolidated_scores.extend(score_range)
-
-        return consolidated_scores
-
     def as_cyclonedx(self, affected_instances):
         affects = [
             cdx_vulnerability.BomTarget(ref=instance.cyclonedx_bom_ref)