search

sonatype-nexus-community / oysteR

Create purls from the filtered sands of your dependencies, powered by OSS Index
https://sonatype-nexus-community.github.io/oysteR/
Apache License 2.0
40 stars 9 forks source link

How often is the sonatype database updated? #19

Closed csgillespie closed 3 years ago

csgillespie commented 4 years ago

Basically, how often to check cran for new packages/versions.

DarthHater commented 4 years ago

@ken-duck would know the specifics. We had I believe the ingest happening nightly, but there can be hiccups from time to time. @ken-duck @brittanybelle @ndonewar and myself have been doing some work to make this process a bit better though!

csgillespie commented 4 years ago

Is this information available via the API or some other method?

DarthHater commented 4 years ago

Not as of now, I think @brittanybelle or @ndonewar could comment further on that.

brittanybelle commented 4 years ago

Sorry for the delayed response! At the moment the CRAN package ingest is happening on an ad-hoc basis while we figure out an automated process.

I should note that the CRAN ingest for OSS Index would only affect component metadata (mainly package description). Our vulnerability records are updated on a more regular basis through a separate process.