Oliver Chang
Oliver Chang
Hi! This assumption is not correct -- the `severity` field is an array only to account for multiple scoring algorithms (currently only CVSS is supported). I think we need some...
Thanks a lot for flagging this @sbs2001 ! It would be awesome if Kubernetes is able to publish their vulnerabilities in the OSV format. We'd be very happy to work...
Hi! Thanks for filing this issue. We haven't tried, but it's likely not very easy to deploy OSV.dev on-premise. May we understand your use case a bit more here? What...
@susperius has been working on this!
This is technically feasible: we'd just need to correlate the introduced/fixed/limit git hashes to the closest git tags and add the additional ranges.
hey @VinodAnandan ! Could you please clarify what you mean by mirroring batch data? Do you mean accessing a data dump of all aggregated OSV data? There is already a...
> Hey @oliverchang, The initial batch will contain all the data at that particular point in time. The subsequent process will fetch the new/modified data. > > Can we periodically...
Hi! Thanks for trying our API and filing this issue. > According to the Swagger documentation at https://osv.dev/docs/#operation/OSV_QueryAffectedBatch the endpoint `https://api.osv.dev/v1/querybatch` should return a list of `osvVulnerability`. > > Instead...
Hi @fviernau, Thanks for trying the OSV API! Option 2. is definitely the preferred option from our perspective also. GETing vulnerabilities by ID is extremely fast/cheap and you can do...