patchman 4

[furlongm]

• switch to django4
• 2024/2025 distro support
• additional errata sources, new errata module
• support for cves and cwes
• switch from obsolete django-tagging to django-taggit
• improved operating system support
• preliminary gentoo support

[code-review-doctor]

Some food for thought. View full project report here.

[code-review-doctor]

Suggested change

	name = models.CharField(max_length=255, blank=True, null=True)
	name = models.CharField(max_length=255, blank=True, default='')

null=True on a string field causes inconsistent data types because the value can be either str or None. This adds complexity and maybe bugs, but can be solved by replacing null=True with default="". Explained here.

[code-review-doctor]

Suggested change

	description = models.CharField(max_length=65535, blank=True, null=True)
	description = models.TextField(blank=True, default='')

TextField might be better used here, instead of CharField with a huge max_length. More.

Again, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	score = models.DecimalField(max_digits=3, decimal_places=1, null=True)
	score = models.DecimalField(max_digits=3, decimal_places=1, null=True, blank=True)

Expect unwanted behavior if null and blank are different values: null controls if the database allows no value for score and blank controls if the application allows no value for score. Consider setting null and blank to the same value for score. More.

[code-review-doctor]

Suggested change

	severity = models.CharField(max_length=255, blank=True, null=True)
	severity = models.CharField(max_length=255, blank=True, default='')

Same as above: consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	vector_string = models.CharField(max_length=255, blank=True, null=True)
	vector_string = models.CharField(max_length=255, blank=True, default='')

As above, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Django automatically creates a related_name if it's not set. If it were set then a more readable and explicit relationship is set up. More.

[code-review-doctor]

null=True on a string field causes inconsistent data types because the value can be either str or None. This adds complexity and maybe bugs, but can be solved by replacing null=True with default="". More details.

[code-review-doctor]

Django automatically creates a related_name if it's not set. If it were set then a more readable and explicit relationship is set up. More.

[code-review-doctor]

Suggested change

	category = models.CharField(max_length=255, blank=True, null=True)
	category = models.CharField(max_length=255, blank=True, default='')

Similarly, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

URL names must be unique but multiple urls.py entires are called package_name_list. If reverse("package_name_list") or {% url package_name_list %} is ran then only one of those urls will be returned. The user will probably be sent to the wrong view. More info.

To fix the problem, we need to ensure that the URL's hostname is properly parsed and checked to confirm that it belongs to the intended domain. Instead of using a substring check, we should use a more robust method to verify the hostname. Specifically, we can use the urlparse function to parse the URL and then check if the hostname ends with the intended domain, ensuring that it handles arbitrary subdomain sequences correctly.

We will modify the code in errata/utils.py to use the urlparse function and check if the hostname ends with .ubuntu.com instead of using the substring check 'ubuntu.com' in url.hostname.

To fix the problem, we need to ensure that the hostname is exactly launchpad.net or a valid subdomain of it. This can be achieved by parsing the URL and performing a proper check on the hostname.

• Use the urlparse function to parse the URL and extract the hostname.
• Check if the hostname is exactly launchpad.net or ends with .launchpad.net to allow valid subdomains.
• Update the relevant lines in the fixup_erratum_reference function to use this secure check.

[code-review-doctor]

Worth considering. View full project report here.

[code-review-doctor]

Suggested change

	text = 'Processing report {self.id} - {self.host}'
	text = f'Processing report {self.id} - {self.host}'

If this was meant to be f-string then f prefix is missing. More details.

[code-review-doctor]

Suggested change

	text = 'Finding updates for report {self.id} - {self.host}'
	text = f'Finding updates for report {self.id} - {self.host}'

Likewise, Missing f prefix?

[code-review-doctor]

Suggested change

	text = 'Error: OS, kernel or arch not sent with report {self.id}'
	text = f'Error: OS, kernel or arch not sent with report {self.id}'

Again, Missing f prefix?

[code-review-doctor]

Suggested change

	text = 'Error: unknown repo type for repo {self.id}: {self.repotype}'
	text = f'Error: unknown repo type for repo {self.id}: {self.repotype}'

If this was meant to be f-string then f prefix is missing. Read more.

[code-review-doctor]

Suggested change

	name = models.CharField(max_length=255, unique=True, blank=False, null=False)
	name = models.CharField(max_length=255, unique=True)

False is the default value Django uses for blank, so blank=False can be removed. More details.

Again, redundant default arguments can be removed.

[code-review-doctor]

null=True on a string field causes inconsistent data types because the value can be either str or None. This adds complexity and maybe bugs, but can be solved by replacing null=True with default="". More.

[code-review-doctor]

Suggested change

	nohost_osvariants = OSVariant.objects.filter(host__isnull=True).count() >= 1
	nohost_osvariants = OSVariant.objects.filter(host__isnull=True).exists()

Comparing OSVariant.objects.filter(host__isnull=True).count() is less efficient than checking OSVariant.objects.filter(host__isnull=True).exists() More details.

[code-review-doctor]

Again, consider osvariants.exists()

[code-review-doctor]

len(queryset) reads all the records from the database and checks the length at application level. It would probably be more efficient to do this at database level via queryset.count(). More details.

[code-review-doctor]

Some food for thought. View full project report here.

[code-review-doctor]

Suggested change

	text = 'Processing report {self.id} - {self.host}'
	text = f'Processing report {self.id} - {self.host}'

If this was meant to be f-string then f prefix is missing. Explained here.

[code-review-doctor]

Suggested change

	text = 'Finding updates for report {self.id} - {self.host}'
	text = f'Finding updates for report {self.id} - {self.host}'

Again, Missing f prefix?

[code-review-doctor]

Suggested change

	text = 'Error: OS, kernel or arch not sent with report {self.id}'
	text = f'Error: OS, kernel or arch not sent with report {self.id}'

Same as above: Missing f prefix?

[code-review-doctor]

Suggested change

	text = 'Error: unknown repo type for repo {self.id}: {self.repotype}'
	text = f'Error: unknown repo type for repo {self.id}: {self.repotype}'

If this was meant to be f-string then f prefix is missing. More info.

[code-review-doctor]

URL names must be unique but multiple urls.py entires are called package_name_list. If reverse("package_name_list") or {% url package_name_list %} is ran then only one of those urls will be returned. The user will probably be sent to the wrong view. More details.

[code-review-doctor]

Suggested change

	name = models.CharField(max_length=255, blank=True, null=True)
	name = models.CharField(max_length=255, blank=True, default='')

null=True on a string field causes inconsistent data types because the value can be either str or None. This adds complexity and maybe bugs, but can be solved by replacing null=True with default="". Explained here.

[code-review-doctor]

Suggested change

	description = models.CharField(max_length=65535, blank=True, null=True)
	description = models.TextField(blank=True, default='')

TextField might be better used here, instead of CharField with a huge max_length. More info.

Likewise, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	score = models.DecimalField(max_digits=3, decimal_places=1, null=True)
	score = models.DecimalField(max_digits=3, decimal_places=1, null=True, blank=True)

Expect unwanted behavior if null and blank are different values: null controls if the database allows no value for score and blank controls if the application allows no value for score. Consider setting null and blank to the same value for score. Explained here.

[code-review-doctor]

Suggested change

	severity = models.CharField(max_length=255, blank=True, null=True)
	severity = models.CharField(max_length=255, blank=True, default='')

Again, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Looks good. Worth considering though. View full project report here.

[code-review-doctor]

Suggested change

	vector_string = models.CharField(max_length=255, blank=True, null=True)
	vector_string = models.CharField(max_length=255, blank=True, default='')

Likewise, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	title = models.CharField(max_length=255, blank=True, null=True)
	title = models.CharField(max_length=255, blank=True, default='')

Similarly, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	description = models.CharField(max_length=65535)
	description = models.TextField()

Similarly, consider using a TextField.

[code-review-doctor]

Some food for thought. View full project report here.

[code-review-doctor]

Suggested change

	name = models.CharField(max_length=255, blank=True, null=True)
	name = models.CharField(max_length=255, blank=True, default='')

null=True on a string field causes inconsistent data types because the value can be either str or None. This adds complexity and maybe bugs, but can be solved by replacing null=True with default="". More details.

[code-review-doctor]

Suggested change

	score = models.DecimalField(max_digits=3, decimal_places=1, null=True)
	score = models.DecimalField(max_digits=3, decimal_places=1, null=True, blank=True)

Expect unwanted behavior if null and blank are different values: null controls if the database allows no value for score and blank controls if the application allows no value for score. Consider setting null and blank to the same value for score. More details.

[code-review-doctor]

Suggested change

	severity = models.CharField(max_length=255, blank=True, null=True)
	severity = models.CharField(max_length=255, blank=True, default='')

As above, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	vector_string = models.CharField(max_length=255, blank=True, null=True)
	vector_string = models.CharField(max_length=255, blank=True, default='')

Same as above: consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	title = models.CharField(max_length=255, blank=True, null=True)
	title = models.CharField(max_length=255, blank=True, default='')

Same as above: consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Comparing osvariants.count() is less efficient than checking osvariants.exists() More details.

[code-review-doctor]

null=True on a string field causes inconsistent data types because the value can be either str or None. This adds complexity and maybe bugs, but can be solved by replacing null=True with default="". Read more.

[code-review-doctor]

Django automatically creates a related_name if it's not set. If it were set then a more readable and explicit relationship is set up. Explained here.

[code-review-doctor]

Suggested change

	category = models.CharField(max_length=255, blank=True, null=True)
	category = models.CharField(max_length=255, blank=True, default='')

As above, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

URL names must be unique but multiple urls.py entires are called package_name_list. If reverse("package_name_list") or {% url package_name_list %} is ran then only one of those urls will be returned. The user will probably be sent to the wrong view. Read more.

[code-review-doctor]

Some food for thought. View full project report here.

[code-review-doctor]

Suggested change

	packages_checksum = models.CharField(max_length=255, blank=True, null=True)
	packages_checksum = models.CharField(max_length=255, blank=True, default='')

null=True on a string field causes inconsistent data types because the value can be either str or None. This adds complexity and maybe bugs, but can be solved by replacing null=True with default="". Explained here.

[code-review-doctor]

Suggested change

	modules_checksum = models.CharField(max_length=255, blank=True, null=True)
	modules_checksum = models.CharField(max_length=255, blank=True, default='')

Again, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	errata_checksum = models.CharField(max_length=255, blank=True, null=True)
	errata_checksum = models.CharField(max_length=255, blank=True, default='')

Likewise, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Worth considering. View full project report here.

[code-review-doctor]

Suggested change

	name = models.CharField(max_length=255, blank=True, null=True)
	name = models.CharField(max_length=255, blank=True, default='')

null=True on a string field causes inconsistent data types because the value can be either str or None. This adds complexity and maybe bugs, but can be solved by replacing null=True with default="". More.

[code-review-doctor]

Suggested change

	score = models.DecimalField(max_digits=3, decimal_places=1, null=True)
	score = models.DecimalField(max_digits=3, decimal_places=1, null=True, blank=True)

Expect unwanted behavior if null and blank are different values: null controls if the database allows no value for score and blank controls if the application allows no value for score. Consider setting null and blank to the same value for score. Explained here.

[code-review-doctor]

Suggested change

	severity = models.CharField(max_length=255, blank=True, null=True)
	severity = models.CharField(max_length=255, blank=True, default='')

Same as above: consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	vector_string = models.CharField(max_length=255, blank=True, null=True)
	vector_string = models.CharField(max_length=255, blank=True, default='')

Likewise, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	title = models.CharField(max_length=255, blank=True, null=True)
	title = models.CharField(max_length=255, blank=True, default='')

Similarly, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	category = models.CharField(max_length=255, blank=True, null=True)
	category = models.CharField(max_length=255, blank=True, default='')

Same as above: consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

URL names must be unique but multiple urls.py entires are called package_name_list. If reverse("package_name_list") or {% url package_name_list %} is ran then only one of those urls will be returned. The user will probably be sent to the wrong view. More.

[code-review-doctor]

Suggested change

	packages_checksum = models.CharField(max_length=255, blank=True, null=True)
	packages_checksum = models.CharField(max_length=255, blank=True, default='')

null=True on a string field causes inconsistent data types because the value can be either str or None. This adds complexity and maybe bugs, but can be solved by replacing null=True with default="". More info.

[code-review-doctor]

Suggested change

	modules_checksum = models.CharField(max_length=255, blank=True, null=True)
	modules_checksum = models.CharField(max_length=255, blank=True, default='')

Same as above: consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	errata_checksum = models.CharField(max_length=255, blank=True, null=True)
	errata_checksum = models.CharField(max_length=255, blank=True, default='')

Again, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Some food for thought. View full project report here.

[code-review-doctor]

Suggested change

	name = models.CharField(max_length=255, blank=True, null=True)
	name = models.CharField(max_length=255, blank=True, default='')

null=True on a string field causes inconsistent data types because the value can be either str or None. This adds complexity and maybe bugs, but can be solved by replacing null=True with default="". Read more.

[code-review-doctor]

Suggested change

	score = models.DecimalField(max_digits=3, decimal_places=1, null=True)
	score = models.DecimalField(max_digits=3, decimal_places=1, null=True, blank=True)

Expect unwanted behavior if null and blank are different values: null controls if the database allows no value for score and blank controls if the application allows no value for score. Consider setting null and blank to the same value for score. More details.

[code-review-doctor]

Suggested change

	severity = models.CharField(max_length=255, blank=True, null=True)
	severity = models.CharField(max_length=255, blank=True, default='')

As above, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	vector_string = models.CharField(max_length=255, blank=True, null=True)
	vector_string = models.CharField(max_length=255, blank=True, default='')

Likewise, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	title = models.CharField(max_length=255, blank=True, null=True)
	title = models.CharField(max_length=255, blank=True, default='')

Same as above: consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	category = models.CharField(max_length=255, blank=True, null=True)
	category = models.CharField(max_length=255, blank=True, default='')

Similarly, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

URL names must be unique but multiple urls.py entires are called package_name_list. If reverse("package_name_list") or {% url package_name_list %} is ran then only one of those urls will be returned. The user will probably be sent to the wrong view. More.

[code-review-doctor]

Suggested change

	packages_checksum = models.CharField(max_length=255, blank=True, null=True)
	packages_checksum = models.CharField(max_length=255, blank=True, default='')

null=True on a string field causes inconsistent data types because the value can be either str or None. This adds complexity and maybe bugs, but can be solved by replacing null=True with default="". Explained here.

[code-review-doctor]

Suggested change

	modules_checksum = models.CharField(max_length=255, blank=True, null=True)
	modules_checksum = models.CharField(max_length=255, blank=True, default='')

Again, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	errata_checksum = models.CharField(max_length=255, blank=True, null=True)
	errata_checksum = models.CharField(max_length=255, blank=True, default='')

Same as above: consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Looks good. Worth considering though. View full project report here.

[code-review-doctor]

Suggested change

	packages_checksum = models.CharField(max_length=255, blank=True, null=True)
	packages_checksum = models.CharField(max_length=255, blank=True, default='')

null=True on a string field causes inconsistent data types because the value can be either str or None. This adds complexity and maybe bugs, but can be solved by replacing null=True with default="". More.

[code-review-doctor]

Suggested change

	modules_checksum = models.CharField(max_length=255, blank=True, null=True)
	modules_checksum = models.CharField(max_length=255, blank=True, default='')

Same as above: consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Suggested change

	errata_checksum = models.CharField(max_length=255, blank=True, null=True)
	errata_checksum = models.CharField(max_length=255, blank=True, default='')

Likewise, consider replacing null=True with default="" (and blank=True to pass validation checks).

[code-review-doctor]

Some food for thought. View full project report here.

[code-review-doctor]

Suggested change

	if refs:
	ref = refs.first()
	if ref.url != reference.get('url') and update_ref_type:
	ref.ref_type = ref_type
	ref.save()
	else:
	ref, created = Reference.objects.get_or_create(
	ref_type=reference.get('ref_type'),
	url=reference.get('url'),
	)
	if refs.exists():
	ref = refs.first()
	if ref.url != reference.get('url') and update_ref_type:
	ref.ref_type = ref_type
	ref.save()
	else:
	(ref, created) = Reference.objects.get_or_create(
	ref_type=reference.get('ref_type'), url=reference.get('url')
	)

Checking refs truthiness is less efficient than checking refs.exists() or refs is not None. Checking queryset truthiness evaluates the queryset, therefore reading the records from the database. More info.