Closed bobmcwhirter closed 1 month ago
@ctron tests stripped down because they were... the wrong tests? bad tests? Basically they were relying on a lot of read-centric operations on Graph that shouldn't be there.
Ultimately, I think we need to probably go about testing ingestors differently, to ensure ingested data is as-expected, probably from the fundamental side of the stick.
@jcrossley3 adjusted migrations in this PR to be completely self-contained, not importing enums from others.
Also made their enums private to avoid escapage.
This PR re-works all of the assertions stuff by primarily...
removing the old table-per-assertion crap that didn't work. adding version-range table (with associated version-scheme [semver, maven, pypi, etc]) adding a status table to avoid hard-coding and allow expansion in the future.
Currently surfaced through ingesting advisories to create rows in the tables. And then pulled out for only
/api/v1/package/{uuid}
currently while we evaluate the shape of the DTOs.Will definitely expand where package status can appear later (package, package-version, advisory, etc...)
But the plumbing is in place.
ALSO
This removes quite a few of the read-side operations from
Graph
as they shouldn't be there.