Add optimized query to `PackageAdvisories` class for default branch
Why are we doing this work
The MVC for Continuous Vulnerability Scanning is heavily coupled to artifacts, and prioritizes functionality over performance to prioritize the velocity at which something is delivered. To iterate, we can decouple the vulnerability scanning from the artifacts by sourcing the components we scan from the database instead of directly sourcing from the SBoM artifact. This issue proposes this update to the class introduced in Match SBOM components to known advisories (#371055 - closed).
Relevant links
Non-functional requirements
-
Documentation: -
Feature flag: -
Performance: -
Testing:
Implementation plan
Verification steps
Edited by Oscar Tovar