Closed evonide closed 4 years ago
Fixed in cceab1807d14713d0b761281352b2dd820e5985d.
Main reason was this code:
load_relationships1 = (joinedload(Vulnerability.commits).joinedload( VulnerabilityGitCommits.repository_files, VulnerabilityGitCommits.comments).joinedload(RepositoryFiles.comments))
Particularly:
joinedload(VulnerabilityGitCommits.repository_files,VulnerabilityGitCommits.comments)
Sqlalchemy's joinedload has only one required parameter!
The usage above will use the second parameter VulnerabilityGitCommits.comments
for innerjoin behavior which leads to unpredictable behavior.
If it's evaluated to true
Sqlalchemy will apply an "INNER JOIN" instead of "LEFT OUTER JOIN" on vulnerability commits and repository files leading to completely unexpected results.
Fix: Only provide one single parameter to joinedload
and use multiple joinedload
statements if required.
In data/models/vulnerability.py we use
joinedload
which in some cases seems to lead to inconsistent unit tests SQL behavior where tests sometimes pass and sometimes fail. We need to investigate this further and address this as it's impacting all automatically run tests for push and pull requests to the repository.