Open pombredanne opened 3 months ago
From https://github.com/aboutcode-org/dejacode/issues/94#issuecomment-2298761954
@pombredanne Thanks, this sounds like it will require some work to make this happen.
In the short term, could VCIO expose a new "action" on the package endpoint to get this list of supported types? (Should be a very small and fast query) On the DejaCode side, the process could start with fetching the available types to get a QuerySet limited to those and drastically reduce the number a queries.
>>> unique_types = Package.objects.values_list("type", flat=True).distinct()
>>> unique_types
<PackageQuerySet ['about', 'cargo', 'cocoapods', 'composer', 'deb', 'github', ...
Another examples that takes over a minute to load: https://public.vulnerablecode.io/api/vulnerabilities?vulnerability_id=VCID-j2zf-12g6-aaag
We need to change what we return API data entirely, in a new endpoint that does not provide all the package details in a vulnerability. We care about packages 1st, and less about vulnerabilities, so when querying by vulnerability, we should not serialize so much package data.
This is a related issue to restructure the API:
See a first PR to improve the results:
From https://github.com/aboutcode-org/dejacode/issues/94#issuecomment-2298445423 by @tdruez
I suggest these progressive steps: