tdruez
tdruez
For example, the `metadata.tools` as an array was deprecated in 1.5 and replaced by an object structure where you can define a list of `components` and `services`. The issue is...
From https://github.com/nexB/dejacode/issues/26#issuecomment-1879020960 > one other observation, which is not directly related to this issue, but something that is somewhat perplexing. DejaCode found the existing scans that I created yesterday for...
When adding a package to a product after upgrading the version in the codebase: - I'm adding this package to DejaCode - Get the automated scan results and generate an...
Looking at a Package details in the API, https://public.vulnerablecode.io/api/packages/?purl=pkg:pypi/[email protected] It seems that we could do a better job at providing a `reference_id` in some cases: ``` { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24680.json", "reference_id":...
A simple Vulnerability details view can take over 3min to be returned, for example https://public.vulnerablecode.io/api/vulnerabilities/516832 This needs to be optimized to make the API usable. See also these related issues:...
We only offer XLSX at the moment. I would be useful to offer JSON as well so Package selection could be exported to be imported in another context.
Using the latest release v34.7.0 on the SCIO setup.cfg file: ``` docker pull ghcr.io/nexb/scancode.io:latest docker run --rm \ ghcr.io/nexb/scancode.io:latest \ sh -c "run resolve_dependencies https://github.com/nexB/scancode.io/blob/main/setup.cfg" \ > results.json ``` ```...
In general, when multiple package entries are found in the PurlDB, we decided to use the most recent version for "package enriching" or data display in ScanCode.io and DejaCode. When...