Multiple warnings when using github_osv.GithubOSVImporter

[Skad0sh]

When trying to import the advisories using github_osv.GithubOSVImporter, I encountered multiple warnings:

Unsupported package type

Unsupported package type: {'package': {'ecosystem': 'crates.io', 'name': 'openssl-src'}, 'ranges': [{'type': 'ECOSYSTEM', 'events': [{'introduced': '0'}, {'fixed': '111.18.0'}]}]} in OSV: 'GHSA-x3mh-jvjw-3xwx'Unsupported package type: {'package': {'ecosystem': 'crates.io', 'name': 'openssl-src'}, 'ranges': [{'type': 'ECOSYSTEM', 'events': [{'introduced': '300.0.0'}, {'fixed': '300.0.5'}]}]} in OSV: 'GHSA-x3mh-jvjw-3xwx'
Unsupported package type: {'package': {'ecosystem': 'crates.io', 'name': 'openssl-src'}, 'ranges': [{'type': 'ECOSYSTEM', 'events': [{'introduced': '0'}, {'fixed': '111.18.0'}]}]} in OSV: 'GHSA-x3mh-jvjw-3xwx'
Unsupported package type: {'package': {'ecosystem': 'crates.io', 'name': 'regex'}, 'ranges': [{'type': 'ECOSYSTEM', 'events': [{'introduced': '0'}, {'fixed': '1.5.5'}]}]} in OSV: 'GHSA-m5pq-gvj9-9vr8'
...

Unsupported severity type

Invalid vulnerability reference

Invalid vulnerability reference: <VulnerabilityReference: github.com/prometheus/prometheus>: {'url': ['Enter a valid URL.］｝

Invalid version class

Invalid version class: <class 'univers.versions.PypiVersion'> - '10.0.2-1.1' for OSV id: 'GHSA-hvxr-2fvv-c3wq'

After running python3 manage.py import vulnerabilities.importers.github_osv.GithubOSVImporter completely, there are only 21,260 records.

select count(id) from vulnerabilities_advisory va where created_by = 'vulnerabilities.importers.github_osv.GithubOSVImporter'
>> 21,260

Is this because a lot of the advisories were ignored due to the above issues?

[pombredanne]

Thanks. These are expected at this stage, but they need fixing too.