fix: 🐎 change querying in cve_tracking.py

nautobot · Jan 24, 2024 · 8aa0437 · 8aa0437
1 parent c4c42e8
commit 8aa0437
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/nautobot_device_lifecycle_mgmt/jobs/cve_tracking.py b/nautobot_device_lifecycle_mgmt/jobs/cve_tracking.py
@@ -2,7 +2,7 @@
 from datetime import datetime
 
 from nautobot.extras.jobs import Job, StringVar, BooleanVar
-from nautobot.extras.models import Relationship, RelationshipAssociation
+from nautobot.extras.models import Relationship
 
 from nautobot_device_lifecycle_mgmt.models import (
     CVELCM,
@@ -39,13 +39,16 @@ def run(self, data, commit):  # pylint: disable=too-many-locals
         """Check if software assigned to each device is valid. If no software is assigned return warning message."""
         # Although the default is set on the class attribute for the UI, it doesn't default for the API
         published_after = data.get("published_after", "1970-01-01")
-        cves = CVELCM.objects.filter(published_date__gte=datetime.fromisoformat(published_after))
+        cves = CVELCM.objects.filter(published_date__gte=datetime.fromisoformat(published_after)).prefetch_related(
+            "destination_for_associations", "destination_for_associations__relationship"
+        )
         count_before = VulnerabilityLCM.objects.count()
 
         for cve in cves:
             if data["debug"]:
                 self.log_info(obj=cve, message="Generating vulnerabilities for CVE {cve}")
-            software_rels = RelationshipAssociation.objects.filter(relationship__slug="soft_cve", destination_id=cve.id)
+            # Get Software Relationships from the `_prefetched_objects_cache`
+            software_rels = cve.destination_for_associations.filter(relationship__slug="soft_cve")
             for soft_rel in software_rels:
                 # Loop through any device relationships
                 device_rels = soft_rel.source.get_relationships()["source"][