Supporting osv.dev's vulnerability database

fasten-project / vulnerability-producer

Gathers, enriches and publishes vulnerability information to a Kafka topic.

https://www.fasten-project.eu/

Apache License 2.0

6 stars 3 forks source link

Supporting osv.dev's vulnerability database #117

Open mir-am opened 2 years ago

mir-am commented 2 years ago

Recently, Google has released a new API for gathering vulnerability information for package versions across different ecosystems. It might be worth using their API in our producer. https://osv.dev/ https://github.com/google/osv