Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AppRegistryNotReady error when setting up vulntotal #1443

Closed
poju3185 opened this issue Mar 18, 2024 · 2 comments · Fixed by #1445
Closed

AppRegistryNotReady error when setting up vulntotal #1443

poju3185 opened this issue Mar 18, 2024 · 2 comments · Fixed by #1445
Labels
difficulty:easy good first issue VulnTotal Tool for cross-validating vulnerability

Comments

@poju3185
Copy link
Contributor

Description

I encountered an AppRegistryNotReady error when trying to set up vulntotal using Docker. This issue arises at the final step when running vulntotal --help.

Steps to Reproduce

  1. Ran docker-compose up to start the services.
  2. Executed docker-compose exec vulnerablecode pip install -r requirements.txt to install Python dependencies.
  3. Ran docker-compose exec vulnerablecode pip install -e . to install the current package.
  4. Attempted to run docker-compose exec vulnerablecode vulntotal --help to check if vulntotal was correctly set up.

At the last step, I encountered the following error:

django.core.exceptions.AppRegistryNotReady: Apps aren't loaded yet.

Upon investigating, I found that the root cause is an import statement in github.py, which tries to import from vulnerabilities import utils. Specifically, vulnerabilities.utils contains the line from packageurl.contrib.django.models import without_empty_values, which seems to trigger the error. It appears that vulntotal's operation is being impeded by its dependency on Django's app loading state.

Expected Behavior

I expected to be able to run vulntotal --help without encountering an AppRegistryNotReady error, regardless of the Django app's state.

Actual Behavior

An AppRegistryNotReady error is raised due to an import statement dependent on Django being fully initialized.

Possible Solution

It might be beneficial to refactor the code to remove the dependency on Django's app loading state, especially for utility scripts like vulntotal that should ideally operate independently.
@keshav-space
Copy link
Member

Upon investigating, I found that the root cause is an import statement in github.py, which tries to import from vulnerabilities import utils. Specifically, vulnerabilities.utils contains the line from packageurl.contrib.django.models import without_empty_values, which seems to trigger the error. It appears that vulntotal's operation is being impeded by its dependency on Django's app loading state.

Good catch @poju3185. The solution would be to use fetchcode.package_versions.github_response instead of vulnerabilities.utils.fetch_github_graphql_query see this https://github.com/nexB/fetchcode/blob/b3b2052cdd9a19e0032504f6c39a943ee7cf893d/src/fetchcode/package_versions.py#L649.

@keshav-space keshav-space added good first issue difficulty:easy VulnTotal Tool for cross-validating vulnerability labels Mar 21, 2024
@poju3185 poju3185 mentioned this issue Mar 21, 2024
Merged
@poju3185
Copy link
Contributor Author

@keshav-space, thank you for your suggestion. I've opened a PR. Could you please review it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
difficulty:easy good first issue VulnTotal Tool for cross-validating vulnerability
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update GitHub GraphQL import in vulntotal datasources poju3185/vulnerablecode
2 participants
@keshav-space @poju3185