x/vulndb: create tool to display # importers of a module's packages to support vuln triage

golang / go

The Go programming language

https://go.dev

BSD 3-Clause "New" or "Revised" License

123.85k stars 17.65k forks source link

x/vulndb: create tool to display # importers of a module's packages to support vuln triage #61597

Open tatianab opened 1 year ago

tatianab commented 1 year ago

Create a CLI tool (or similar) which can determine the number of importers of a Go module's importable packages. (E.g., as a start, display the package with the most importers).

jba commented 1 year ago

https://go-review.googlesource.com/c/vulndb/+/513499

robpike commented 1 year ago

Also see the https://deps.dev UI and API.

jba commented 1 year ago

The API is (exciting) news to me. I'll check it out.

jba commented 1 year ago

@robpike I don't see how to get the dependents from the API.

robpike commented 1 year ago

@jba Sorry I thought you could. Maybe one day. But there is this: https://blog.deps.dev/enumerating-dependents/

jba commented 1 year ago

Thanks, I didn't know about the BigQuery data set either. Will look into it.