Optimize queries

Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>

Author: TG1999

vulnerabilities/api_v3.py

@@ -9,6 +9,7 @@
 
 from urllib.parse import urlencode
 
+from django.db.models import Prefetch
 from django_filters import rest_framework as filters
 from packageurl import PackageURL
 from rest_framework import serializers
@@ -90,21 +91,24 @@ class Meta:
 
 
 class AdvisoryV3Serializer(serializers.ModelSerializer):
-    aliases = serializers.SerializerMethodField()
+    aliases = serializers.SlugRelatedField(
+        many=True,
+        read_only=True,
+        slug_field="alias",
+    )
     weaknesses = AdvisoryWeaknessSerializer(many=True)
     references = AdvisoryReferenceSerializer(many=True)
     severities = AdvisorySeveritySerializer(many=True)
     advisory_id = serializers.CharField(source="avid", read_only=True)
     related_ssvc_trees = serializers.SerializerMethodField()
 
     def get_related_ssvc_trees(self, obj):
-        related_ssvcs = obj.related_ssvcs.all().select_related("source_advisory")
-        source_ssvcs = obj.source_ssvcs.all().select_related("source_advisory")
-
         seen = set()
         result = []
 
-        for ssvc in list(related_ssvcs) + list(source_ssvcs):
+        all_ssvcs = list(obj.related_ssvcs.all()) + list(obj.source_ssvcs.all())
+
+        for ssvc in all_ssvcs:
             key = (ssvc.vector, ssvc.source_advisory_id)
             if key in seen:
                 continue
@@ -399,7 +403,34 @@ def create(self, request, *args, **kwargs):
 
         purls = serializer.validated_data["purls"]
 
-        latest_advisories = AdvisoryV2.objects.latest_advisories_for_purls(purls=purls)
+        latest_advisories = AdvisoryV2.objects.latest_advisories_for_purls(
+            purls=purls
+        ).prefetch_related(
+            Prefetch(
+                "references",
+                queryset=AdvisoryReference.objects.only(
+                    "id",
+                    "url",
+                    "reference_type",
+                    "reference_id",
+                ),
+            ),
+            Prefetch(
+                "severities",
+                queryset=AdvisorySeverity.objects.only(
+                    "id",
+                    "url",
+                    "value",
+                    "scoring_system",
+                    "scoring_elements",
+                    "published_at",
+                ),
+            ),
+            "weaknesses",
+            "aliases",
+            "related_ssvcs__source_advisory",
+            "source_ssvcs__source_advisory",
+        )
 
         page = self.paginate_queryset(latest_advisories)
         serializer = self.get_serializer(page, many=True, context={"request": request})

vulnerabilities/tests/test_api_v3.py

@@ -193,7 +193,7 @@ def test_packages_post_purl_with_many_advisories(self):
     def test_advisories_post(self):
         url = reverse("advisory-v3-list")
 
-        with self.assertNumQueries(64):
+        with self.assertNumQueries(10):
             response = self.client.post(
                 url,
                 data={"purls": ["pkg:pypi/sample@1.0.0"]},