ziad hany

> @TG1999 and @ziadhany I forgot to add the dependency `progress==1.6` to `setup.cfg`. Please rerun the checks. The lastest commit [7f5eb72](https://github.com/nexB/vulnerablecode/pull/1378/commits/7f5eb721e78be0f41ad57ce5db85a007e5424315) fixes this. I apologise for the carelessness No worries...

@ambuj-1211 Let's tackle this in four steps: - [ ] Identify Missing Scores: create Python or SQL query that finds vulnerabilities with severity information but lacking a CVSSv3 score. We'll...

@ambuj-1211 No, just a Django or SQL query like this : https://docs.djangoproject.com/en/5.0/topics/db/queries/#retrieving-specific-objects-with-filters no need to create a custom management command

@ambuj-1211 I think we need to import CSFA data and also support the vulnerability CSAF format

@mcopik I think we have `clientQueue` . Do we need to create a new SQS queue ?

> @ziadhany please add tests I think this pull request needs some changes to make it fit with docs and I will start by adding some tests https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html

@pombredanne I thought of the same implementation but what if we have two stars like this https://github.com/dtolnay/semver/blob/master/tests/test_version_req.rs#L371 ``` #[test] fn test_cargo3202() { let ref r = req("0.*.*"); assert_to_string(r, "0.*"); assert_match_all(r,...

@ambuj-1211 please add a curl improver to the `valid_versions.py` ex: https://github.com/nexB/vulnerablecode/blob/main/vulnerabilities/improvers/valid_versions.py#L472

> work! just a few nits for your consi > > I think you tagged someone else in this comment, is it a mistake? > And I am working on...

@ambuj-1211 Absolutely! Once all the changes are in place, squashing them into a single commit before merging will create a cleaner history for everyone. to fix the test update the...