hannesfostie
commented
9 years ago We're providing the library/API allowing you to check a package against outstanding CVE's. I don't think it's bisu's job to actually collect which packages are installed, or parse them for that matter.
People will use regular scripts or something like ohai to do that
vncntvandriessche
Bisu should be capable of looking up relevant issues on a per-node basis.