Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Migrate all existing importers to importer improver structure. #597

Closed
31 tasks done
Hritik14 opened this issue Jan 26, 2022 · 10 comments
Closed
31 tasks done

Migrate all existing importers to importer improver structure. #597

Hritik14 opened this issue Jan 26, 2022 · 10 comments

Comments

@Hritik14
Copy link
Collaborator

Hritik14 commented Jan 26, 2022

Old structure:

New structure:

After migrating each importer make sure to

Following need migration to the new framework:

@tardyp
Copy link
Contributor

tardyp commented Jan 28, 2022

Hello,

May I suggest that those big refactors are made in a development branch?

We are rebasing regularly on main branch to follow the dev (and help on the proxy compatibility).
We and were very surprised finding out that all the tests are currently broken.

I would suggest to reset to ed21316 which is the last commit which has passed CI.

@Hritik14
Copy link
Collaborator Author

Hello @tardyp

May I suggest that those big refactors are made in a development branch?

We have gone through a major infrastructural change and any updates on the old codebase will need to be migrated. Accepting updates on the old structure would add to debts and slower migration. What do you think @pombredanne ?

We are rebasing regularly on main branch to follow the dev (and help on the proxy compatibility).

We've marked all proxy compatibility related issues with the networking label and are constantly communicating regarding the development in our gitter channel.

... and were very surprised finding out that all the tests are currently broken.

Other than nix, other active tests should be running. Could you post a log of broken active tests ?

@pombredanne
Copy link
Member

@tardyp sorry for the inconvenience but there is no development branch... only one main branch and tags from there. What we could do is tag the last commit before this merge.

@tardyp
Copy link
Contributor

tardyp commented Jan 31, 2022

As maybe most of the potential users, it is difficult to really be contributing to opensource projects without actually getting short/middle term value from it.

I've not really dug into the current state nor looked at the details of this refacto, we can only trust you in the fact that this is necessary. I cannot really follow the status in gitter. chatrooms are not very efficient in getting a summary of the activities

Now we saw that there is a big refacto, and that most of the importers are just disabled.

In the current situation vulnerablecode disabled all of its value, and I am very sadned by that as this will not help new users to try it before contributing to it.

From a semi outsider point of view I can report my experience trying to make good use of it.

It is usual for opensource projects to not support proxy as it is hard to test, so that part is not an issue.

We however were surprised to see that a lot of importers just crashed when running them. We were asking ourself whether there was a production instance beyond ourself.

We contributed the fixes as much as we could including the github tag API. I don't know how someone could do a full import without that, as in my experience, the svn way to retrieve the info is just timing out for big projects.

Maybe I was a bit too enthousiastic and shouldn't have ignored the work-in-progress part in the project description.

@pombredanne
Copy link
Member

I've not really dug into the current state nor looked at the details of this refacto, we can only trust you in the fact that this is necessary.

Yes, it was essential as otherwise we were creating either misleading or incorrect data or plain ignoring some.

I cannot really follow the status in gitter. chatrooms are not very efficient in getting a summary of the activities

Fair enough... FWIW this has been discussed almost weekly and reported in meeting notes for quite a while.

Now we saw that there is a big refacto, and that most of the importers are just disabled.

Yes, that's a temporary thing until we have progressively ported each of them to the new design. It is going to take some work and is not something that can be done in a day. But we are progressively porting each of them to the new design.

It is usual for opensource projects to not support proxy as it is hard to test, so that part is not an issue.

Actually part of the new design is to have one place where network operations are done and have all importers use it. This way it will be possible to have a single place where to configure a proxy. Today the network operations are all scattered in too many places.

We contributed the fixes as much as we could including the github tag API. I don't know how someone could do a full import without that, as in my experience, the svn way to retrieve the info is just timing out for big projects.

Yes this is much appreciated and the SVN way was a failed experiment indeed.

Maybe I was a bit too enthousiastic and shouldn't have ignored the work-in-progress part in the project description.

Bear with us! Let me tag the last release before this merge so we have a stable base for now.

@pombredanne
Copy link
Member

@tardyp I pushed this tag that you can stick to for now https://github.com/nexB/vulnerablecode/releases/tag/v22.01

pombredanne added a commit that referenced this issue Apr 11, 2022
As part of the importers migrations, adjust to use new class names
for not-yet migrated importers.

This is mostly harmless as the code has not been migrated yet, but at
least most code now uses the proper new class names where possible.

Reference: #597
Signed-off-by: Philippe Ombredanne <[email protected]>
@pombredanne pombredanne added this to the v31.0 milestone Jun 17, 2022
johnmhoran added a commit that referenced this issue Oct 3, 2022
johnmhoran added a commit that referenced this issue Oct 4, 2022
Reference: #597

Signed-off-by: John M. Horan <[email protected]>
johnmhoran added a commit that referenced this issue Oct 4, 2022
Reference: #597

Signed-off-by: John M. Horan <[email protected]>
johnmhoran added a commit that referenced this issue Oct 6, 2022
Reference: #597

Signed-off-by: John M. Horan <[email protected]>
johnmhoran added a commit that referenced this issue Oct 7, 2022
@nspsjsu nspsjsu unpinned this issue Oct 10, 2022
johnmhoran added a commit that referenced this issue Oct 12, 2022
Reference: #935
Reference: #597

Signed-off-by: John M. Horan <[email protected]>
johnmhoran added a commit that referenced this issue Oct 14, 2022
Reference: #597
Reference: #935

Signed-off-by: John M. Horan <[email protected]>
johnmhoran added a commit that referenced this issue Oct 14, 2022
Reference: #935

Signed-off-by: John M. Horan <[email protected]>
johnmhoran added a commit that referenced this issue Oct 14, 2022
Reference: #597
Reference: #935

Signed-off-by: John M. Horan <[email protected]>
johnmhoran added a commit that referenced this issue Oct 18, 2022
Reference: #597
Reference: #935

Signed-off-by: John M. Horan [email protected]
johnmhoran added a commit that referenced this issue Oct 18, 2022
johnmhoran added a commit that referenced this issue Oct 18, 2022
…s.py function #597

Reference: #597
Reference: #935

Signed-off-by: John M. Horan <[email protected]>
johnmhoran added a commit that referenced this issue Oct 18, 2022
TG1999 pushed a commit to TG1999/vulnerablecode that referenced this issue Oct 19, 2022
TG1999 pushed a commit to TG1999/vulnerablecode that referenced this issue Oct 19, 2022
TG1999 pushed a commit to TG1999/vulnerablecode that referenced this issue Oct 19, 2022
TG1999 pushed a commit to TG1999/vulnerablecode that referenced this issue Oct 19, 2022
TG1999 pushed a commit to TG1999/vulnerablecode that referenced this issue Oct 19, 2022
TG1999 pushed a commit to TG1999/vulnerablecode that referenced this issue Oct 19, 2022
TG1999 pushed a commit to TG1999/vulnerablecode that referenced this issue Oct 19, 2022
TG1999 pushed a commit to TG1999/vulnerablecode that referenced this issue Oct 19, 2022
TG1999 pushed a commit to TG1999/vulnerablecode that referenced this issue Oct 19, 2022
TG1999 pushed a commit to TG1999/vulnerablecode that referenced this issue Oct 19, 2022
TG1999 pushed a commit to TG1999/vulnerablecode that referenced this issue Oct 19, 2022
TG1999 pushed a commit to TG1999/vulnerablecode that referenced this issue Oct 19, 2022
@TG1999 TG1999 pinned this issue Oct 26, 2022
@pombredanne pombredanne modified the milestones: v31.0, v32.0.0 Dec 8, 2022
@lf32 lf32 unpinned this issue Feb 5, 2023
@TG1999 TG1999 pinned this issue Feb 10, 2023
@TG1999
Copy link
Contributor

TG1999 commented Feb 10, 2023

We have either migrated the importers listed here, or deprecated or added a follow up issue for same closing this, Feel free to re-open if needed.

@TG1999 TG1999 closed this as completed Feb 10, 2023
@Hammad-1
Copy link

Hammad-1 commented Mar 9, 2023

Hi @tardyp @pombredanne @Hritik14 @TG1999 @tdruez
I am Hammad, a current MS student in Artificial Intelligence. The proposed project aligns well with my technical expertise and interests, making me eager to explore its codebase and learn about its architecture and functionality. I am eager to contribute to the project For GSOC 2023. My immediate plans include setting up the project locally and familiarizing myself with its codebase. Fix some small issues. I would appreciate guidance in ensuring that I am heading in the right direction. Thank you for your consideration.
A little bit about me:
I'm an experienced Python backend engineer skilled in developing web applications with Django/Django Rest Framework. Proficient in creating efficient data scraping and automation tools using Python web scraping stack, and working with scientific computing libraries like Numpy, Pandas, Matplotlib, and Scikit-learn. Committed to delivering high-quality code and efficient solutions for complex problems.
Looking forward to work with you.
Thanks,
Hammad

@pombredanne
Copy link
Member

@Hammad-1 Thank you for your enthusiasm. This issues is not a forum for discussion beyond the matter at hand here!
It would be best to discuss your GSoC interest on the public Gitter channel!

@Hammad-1
Copy link

@pombredanne Sure

@mjherzog mjherzog unpinned this issue Jul 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

5 participants