Input sqlite db should follow lowercase identifier convention (#526)

* input db should also follow lowercase ID convention

Fixes a bug where overrides were always missing because of writing on an
uppercase key and reading on a lowercase key.

Signed-off-by: Will Murphy <[email protected]>

* remove unneeded input

Signed-off-by: Will Murphy <[email protected]>

* fix: only log that overrides are disabled if true

Signed-off-by: Will Murphy <[email protected]>

---------

Signed-off-by: Will Murphy <[email protected]>

src/vunnel/providers/nvd/manager.py

@@ -81,8 +81,8 @@ def get(
                     yield cve_to_id(cve), self._apply_override(cve, original_record)
 
             self.logger.debug(f"applied overrides for {len(override_remaining_cves)} CVEs")
-
-        self.logger.debug("overrides are not enabled, skipping...")
+        else:
+            self.logger.debug("overrides are not enabled, skipping...")
 
     def _download_nvd_input(
         self,
@@ -165,7 +165,7 @@ def _unwrap_records(
             record_id = cve_to_id(cve_id)
 
             # keep input for future overrides
-            writer.write(record_id, self.schema, vuln)
+            writer.write(record_id.lower(), self.schema, vuln)
 
             # apply overrides to output
             yield record_id, self._apply_override(cve_id=cve_id, record=vuln)

tests/unit/providers/nvd/test_manager.py

@@ -35,3 +35,5 @@ def test_parser(tmpdir, helpers, mock_data_path, mocker):
     actual_vulns = list(subject.get(None))
 
     assert expected_vulns == actual_vulns
+    for vuln in actual_vulns:
+        assert subject._sqlite_reader().read(vuln[0].lower()) is not None