Skip to content

Comments

Fix API root contract and CVE alert creation regression#2

Draft
Copilot wants to merge 2 commits intomainfrom
copilot/fix-bugs-and-update-repo
Draft

Fix API root contract and CVE alert creation regression#2
Copilot wants to merge 2 commits intomainfrom
copilot/fix-bugs-and-update-repo

Conversation

Copy link
Contributor

Copilot AI commented Feb 18, 2026
edited
Loading

This PR addresses two production-facing regressions behind the “fix bugs and update repo” request: the root API contract was no longer stable, and CVE alert creation could fail at runtime due to model/schema drift.

  • Root endpoint contract restored

    • Added an explicit GET / handler in backend/main.py that always returns API metadata JSON (message, version, docs, health), independent of static frontend mounting.
    • This preserves frontend static serving while re-establishing a deterministic API root response.

  • CVE alert persistence failure fixed

    • Updated backend/services/alert_checker.py to stop passing non-existent ORM fields (exploitability, remediation) into Alert(...).
    • This removes a runtime constructor error and allows CVE alerts to be created and flushed as intended.

  • Minimal surface-area change

    • No dependency or schema changes.
    • Only touched:
      • backend/main.py
      • backend/services/alert_checker.py
# before (runtime error: invalid keyword args for Alert)
alert = Alert(
    ...,
    cvss_score=cve.get("cvss_score"),
    exploitability=cve.get("exploitability"),
    remediation=cve.get("remediation"),
    ...
)

# after
alert = Alert(
    ...,
    cvss_score=cve.get("cvss_score"),
    source_url=cve.get("source_url"),
    ...
)

Root endpoint response

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • services.nvd.nist.gov
    • Triggering command: /usr/bin/python python -m pytest -q (dns block)
    • Triggering command: /usr/bin/python python -m pytest -q tests/test_alert_logic.py::TestAlertChecker::test_create_alert_from_cve tests/test_api.py::TestHealthAndRoot::test_root_endpoint (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

@mangod12
Fix root endpoint response and CVE alert model mismatch
54bc579 
Co-authored-by: mangod12 <140415797+mangod12@users.noreply.github.com>
Copilot AI changed the title [WIP] Fix bugs and update repository Fix API root contract and CVE alert creation regression Feb 18, 2026
Copilot AI requested a review from mangod12 February 18, 2026 07:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mangod12 mangod12 Awaiting requested review from mangod12

Assignees

@mangod12 mangod12

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mangod12