feat: Add Advisor parsing

[heliocastro]

No description provided.

[Copilot]

Pull request overview

This pull request adds advisor parsing functionality to the python-ort library, including support for vulnerability and defect tracking with CVSS rating systems. The changes introduce new models for advisor results, vulnerability references, defects, and CVSS v2/v3/v4 rating calculations. Additionally, the PR updates several dependencies, removes some development tools (pre-commit, pycodestyle, pyrefly), adds a new dependency (ty), and refactors import paths throughout the codebase to use relative imports. The version is bumped from 0.5.0 to 0.6.0.

Changes:

• Added comprehensive advisor parsing models including AdvisorResult, AdvisorRun, AdvisorDetails, AdvisorSummary, AdvisorCapability, and Defect
• Implemented vulnerability models with CVSS v2/v3/v4 rating support and qualitative rating calculations
• Refactored imports to use relative paths and renamed OrtRepositoryConfiguration to RepositoryConfiguration
• Updated dependencies: datamodel-code-generator (0.53.0→0.54.0), pathspec (1.0.3→1.0.4), platformdirs (4.5.1→4.9.2), pytokens (0.4.0→0.4.1), rich (14.3.1→14.3.2), ruff (0.14.14→0.15.1), typeguard (4.4.4→4.5.0), added ty (0.0.17)
• Removed development dependencies: pre-commit, pycodestyle, pyrefly and their transitive dependencies

Reviewed changes

Copilot reviewed 48 out of 49 changed files in this pull request and generated 10 comments.

Show a summary per file

File	Description
uv.lock	Updated dependency versions and removed pre-commit tooling dependencies
pyproject.toml	Version bump to 0.6.0, updated dev dependencies
src/ort/models/advisor_*.py	New advisor-related models for parsing advisor results
src/ort/models/vulnerabilities/*.py	New CVSS rating enums and vulnerability models
src/ort/models/defect.py	New model for software defect tracking
src/ort/models/config/advisor_configuration.py	Configuration model for advisor
src/ort/models/repository_configuration.py	Renamed OrtRepositoryConfiguration to RepositoryConfiguration
src/ort/models/*.py (various)	Refactored to use relative imports
src/ort/models/remote_artifact.py	Changed url and hash fields (added defaults)
src/ort/models/vcsinfo.py	Changed url type from AnyUrl to str with default
src/ort/models/package_linkage.py	Changed from Enum with auto() to IntEnum with explicit values
src/ort/models/ort_result.py	Added advisor field and labels dict
src/ort/models/init.py	Added exports for new models
tests/test_*.py (new)	Comprehensive test coverage for new advisor and vulnerability models
tests/test_*.py (existing)	Updated imports to remove type: ignore comments
tests/utils/load_yaml_config.py	Updated type signature to accept Path
tests/data/advisor/*.yml	New test data for advisor functionality
examples/ort_result.py	Added CLI flags for selective output
.pre-commit-config.yaml	Updated ruff and uv versions, removed pyrefly hook
python-ort.code-workspace	Deleted workspace file

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

According to the test on line 95 in test_cvss_ratings.py, a score of 0.0 should return Cvss3Rating.LOW, but the implementation returns Cvss3Rating.NONE for scores less than 0.0 (line 31-32). This is inconsistent with the CVSS v3.1 specification which states that scores of 0.0 are rated as "None" not "Low". The test expectation appears to be incorrect, or the specification link in the docstring should be verified.

[Copilot]

Pull request overview

Copilot reviewed 50 out of 51 changed files in this pull request and generated 4 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.