Jess Lowe
Jess Lowe
Sorry for taking so long to get back to you. We believe that while the downstream records are addressing the same CVE or other record, downstream data providers should be...
Hi @wenottingham, thanks for bringing this to our attention! From the looks of things, what might have happened is that prior to May of last year, we may have been...
Yeah, I can see how it might be confusing to users. I'll discuss with the team about a better solution.
Hi there, thanks for your interest in OSV's data quality! In this case, Ubuntu gives us their data directly, by publishing at this [git repository](https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-38541.json). As such, Canonical (Ubuntu) will...
Hey @mbauman, this is an interesting one. A couple of months ago we decoupled the Debian and Alpine CVE records we ingest to their own records. This record predates that,...
Hey @cdupuis, excited to have Docker Hardened Images onboard! Going through the published advisories, I've noticed a few issues, that it'd be great to have addressed before ingestion. 1. `"ecosystem":...
> Hmm... I remember us not changing to gcloud / reverting back to gsutil because gcloud messes up the Update Time or Created time or something. https://github.com/google/osv.dev/pull/2196 seems like it
Also - I believe we are at schema vers 1.7.4 :)