Do not update immutable AdvisoryV2

[keshav-space]

Do not update an existing advisory identified by the unique combination of (content_id, pipeline_id, and advisory_id). Advisories are immutable so it does not make sense to alter related field of an immutable advisory. If the incoming advisory has changed it will lead to new content_id and therefore a new advisory will be created for that advisory_id.

Code below will alter the advisory relation even if the advisory in question already exists.

vulnerablecode/vulnerabilities/pipes/advisory.py

Lines 335 to 337 in 2ff2906

	for field_name, values in related_fields.items():
	if values:
	getattr(advisory_obj, field_name).add(*values)

If there is any parsing bug in an existing advisory, it should be handled in a pipeline or through data migration using the original_advisory_text field.