pip-audit json structure has changed

[remote-tty1]

Bug description
Defectdojo v2.32.1 is unable to import pip-audit v2.7.2 json output ( --format json)
old json structure (the one you use with unit tests https://github.com/DefectDojo/django-DefectDojo/blob/master/unittests/scans/pip_audit/many_vulns.json):

[
    {
        "name": "component_name",
        "version": "component_version",
        "vulns": [
            {
                "id": "vuln_id",
                "fix_versions": [
                    "vuln_fix_versions"
                ],
                "description": "vuln_description"
            }
        ]
    }
]

new json structure:

{
  "dependencies": [
    {
      "name": "component_name",
      "version": "component_version",
      "vulns": [
        {
          "id": "vuln_id",
          "fix_versions": [
            "vuln_fix_versions"
          ],
          "aliases": [
            "vuln_aliases"
          ],
          "description": "vuln_description"
        }
      ]
    }
  ],
  "fixes": []
}

I've attached a patch file with a fix that worked for me
pip-audit_parser.patch.txt

Hope it helps

[manuel-sommer]

Do you have a complete scan result?

[remote-tty1]

Sure, I've attached a sample

sample.json

[grendel513]

@remote-tty1 This pull request which has already been merged to dev takes care of this issue: #9696

[manuel-sommer]

Ah nice @grendel513, was about to help here.

[manuel-sommer]

Can we close this?