Skip to content

Refactor vulns and vuln events tables#1804

Draft
Hubtrick-Git wants to merge 12 commits intomainfrom
refactor-vuln-events-table
Draft

Refactor vulns and vuln events tables#1804
Hubtrick-Git wants to merge 12 commits intomainfrom
refactor-vuln-events-table

Conversation

@Hubtrick-Git
Copy link
Collaborator

@Hubtrick-Git Hubtrick-Git commented Mar 23, 2026
edited
Loading

Vulnerability table changes

  • Migrate the id columns of the 3 vuln tables dependency_vulns, first_party_vulnerabilities and license_risk.
  • Previously the id was a 256 bit hash stored as a text -> Now its only a 128 bit hash stored as a uuid
  • This leads to 1/4 of the disk space required and performance improvements regarding internal processing of UUIDs in comparison to text

VulnEvent table changes

  • Drop updated_at column to reduce space
  • Use 3 foreign key columns, 1 for each vuln instead of the current single column

Now we need to refactor the existing code regarding the affected columns

Queries

  • Change all queries using vuln_events
  • Change all queries using vuln_ids

Go Code

  • Change vuln event model and refactor affected code
  • Change the vulnerability model and refactor affected code

Hubtrick-Git and others added 10 commits March 23, 2026 10:51
@Hubtrick-Git
added read me for migration tooling
a3c5809
@refoo0
removes unused import of fixedversion package from providers.go
57b5ad2 
Signed-off-by: rafi <refaei.shikho@hotmail.com>
@refoo0
fix tests
d2429da 
Signed-off-by: rafi <refaei.shikho@hotmail.com>
@Hubtrick-Git
added sql migration script to convert existing ids of all 3 vulns tab…
ba016b8 
…les to 128 bit uuids
@Hubtrick-Git
addes sql migration logic to change existing text id columns to uuid …
6fb635a 
…id columns for dependency vulns table
@Hubtrick-Git
added the same migration logic to first party vulns/license risks table
6adc668
@Hubtrick-Git
added description text to the header of the migration
854ef80
@Hubtrick-Git
renamed files to distinguish different migrations
bd3e34b
@Hubtrick-Git
mistakenly put the script in the down migration rather than up mihgra…
0289c88 
…tion
@Hubtrick-Git
added vuln event optimization scripts
a9808c0
Copilot AI review requested due to automatic review settings March 23, 2026 13:30

This comment was marked as resolved.

Sign in to view

@Hubtrick-Git
Copy link
Collaborator Author

Hubtrick-Git commented Mar 26, 2026

Closed co pilot suggestions since this is still a work in porgress but was missing such classification.

@Hubtrick-Git Hubtrick-Git marked this pull request as draft March 26, 2026 16:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Hubtrick-Git @refoo0