Add support got git version ranges

aboutcode-org / vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

https://public.vulnerablecode.io

Apache License 2.0

526 stars 198 forks source link

Add support got git version ranges #767

Open pombredanne opened 2 years ago

pombredanne commented 2 years ago

While importing PySEC I get this NotImplementedError GIT Version - 'PYSEC-2022-84' - 'fcd18ce3101f245b083b30655c27b239dc72221e' and we should be able to support these

ziadhany commented 3 months ago

The OSV schema uses Git for affected version ranges : https://ossf.github.io/osv-schema/#affectedrangestype-field

"ranges": [ {
    "type": "GIT",
    "repo": "https://github.com/owner/repo",
    "events": [
      { "introduced": "X" },
      { "fixed": "Y" },
    ]
} ]