From 876ecc7c0c194b8f6286adca21fa67941ba92470 Mon Sep 17 00:00:00 2001
From: Terri Oda <terri@toybox.ca>
Date: Tue, 24 Oct 2023 08:30:24 -0700
Subject: [PATCH] fix: flake8 and codeql tweaks

---
 cve_bin_tool/data_sources/osv_source.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/cve_bin_tool/data_sources/osv_source.py b/cve_bin_tool/data_sources/osv_source.py
index e58638fd5f..0823dcbe21 100644
--- a/cve_bin_tool/data_sources/osv_source.py
+++ b/cve_bin_tool/data_sources/osv_source.py
@@ -302,7 +302,7 @@ def format_data(self, all_cve_entries):
                     "unknown"
                 )  # OSV Schema does not provide vendor names for packages
 
-                if "github.com/" in product:
+                if product.startswith("github.com/"):
                     vendor = product.split("/")[-2]
                     product = product.split("/")[-1]
 
@@ -356,7 +356,6 @@ def format_data(self, all_cve_entries):
 
         return severity_data, affected_data
 
-
     async def get_cve_data(self):
         await self.update_ecosystems()