We can use the cabal-audit library to fetch the latest advisories, then parse the files.
We will need a new table called security_advisories, to store normalised informations about the advisory. Most, if not all of the information contained in the OVS file should be stored, and references to versions should be stored as foreign keys. It's mostly "introduced", "fixed" and the numbers that we can link to https://osv.dev & company.
We can use the cabal-audit library to fetch the latest advisories, then parse the files.
We will need a new table called
security_advisories
, to store normalised informations about the advisory. Most, if not all of the information contained in the OVS file should be stored, and references to versions should be stored as foreign keys. It's mostly "introduced", "fixed" and the numbers that we can link to https://osv.dev & company.