Script to generate vulnerability records for each release

ZOSOpenTools / meta

Meta repository to tie together the various underlying z/OS Open Source tools repositories here

https://zosopentools.github.io/meta/

Apache License 2.0

37 stars 25 forks source link

Closed IgorTodorovskiIBM closed 1 month ago

IgorTodorovskiIBM commented 4 months ago

We can then use jq to process the release using the project name + commitsha (present in the metadata.json) to report any vulnerabilities.

 jq '.["gitdummy"][] | select(.commit_sha == "564d0252ca632e0264ed670534a51d18a689ef5d") | .CVEs' zopen_vulnerability.json

TODOs:

IgorTodorovskiIBM commented 1 month ago

Closing, @KeplerBoyce will be continuing this effort