Open JonDouglas opened 2 months ago
NuGet SDK
I should be able to override or append to the NuGet vulnerability auditing functionality a feed that I'd like to check for vulnerabilities with.
This feed is typically an OSV .json format - https://ossf.github.io/osv-schema/
The use case for this could be companies that have not yet disclosed vulnerabilities but would like to audit them internally or for customers to use other feeds they prefer.
No response
Is it any different from https://github.com/NuGet/Home/issues/12975 ?
They are related. This one is more related to standalone OSV .json feeds: https://github.com/NuGet/Home/pull/12918#discussion_r1356720562
NuGet Product(s) Involved
NuGet SDK
The Elevator Pitch
I should be able to override or append to the NuGet vulnerability auditing functionality a feed that I'd like to check for vulnerabilities with.
This feed is typically an OSV .json format - https://ossf.github.io/osv-schema/
The use case for this could be companies that have not yet disclosed vulnerabilities but would like to audit them internally or for customers to use other feeds they prefer.
Additional Context and Details
No response