vulnerablecode
vulnerablecode copied to clipboard
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase...
formerly known as WhiteSource https://www.mend.io/vulnerability-database/
Instead of running `./manage.py import --all` in sequence We can use multiprocessing and try to use all CPU power. suggestions: - we can use Celery and schedule tasks and run...
- [x] Decide on a DNS domain name and acquire name - [x] Provision server (Philippe), possibly with GCP credits at least for the initial DB creation - [ ]...
We have major changes coming up and it would be best to start versioning the API.
Signed-off-by: Ziad
Reference: #806 Signed-off-by: ziad
- add Vulnerablecode datasource - test VulnerableCodeDataSource Closes https://github.com/nexB/vulnerablecode/issues/821
from @tdruez The current implementation of the `fixed_packages` on the package endpoint is not convient for the data consumer: ``` { 'purl': 'pkg:npm/%40theia/[email protected]', 'affected_by_vulnerabilities': [{ 'summary': 'Insufficient Verification of Data...