vexy
vexy copied to clipboard
madpah
Generate VEX (Vulnerability Exploitability Exchange) CycloneDX documents
The current vexy versions fails with > ValueError: '1.4.0' is not a valid OsvSchemaVersion using the following config file ```yaml sources: osv: ```
[DEBUG] - 2023-10-19 18:11:02.425760 - !!! DEBUG MODE ENABLED !!! [DEBUG] - 2023-10-19 18:11:02.425819 - Parsed Arguments: Namespace(vexy_config=, quiet_enabled=False, debug_enabled=True, input_source=, output_format='json', output_schema_version='1.4', output_file='.', output_file_overwrite=False) Vexy is configured to use...
I try to intall vexy via `pip install vexy`, and get the error Could not find a version that satisfies the requirement vexy (from versions: ) the pip version is...
Community has fed back that in some scenarios they would require the VEX data to be in "the original" CycloneDX BOM and not output as a separate document. This would...
Another popular publicly available data source is [osv.dev](https://osv.dev). Lets support this too! FYI - thanks @nscuro