Closed h3xstream closed 6 years ago
ashcrow
commented
9 years ago Nice! So you are pulling the victims data from github? I've started to (slowly) work on a replacement api which can be used in the future but for now using github is a great workaround.
:clap: :clap: :clap: :clap:
What license is your code under?
h3xstream
commented
9 years ago It is loading the archive of the master branch from github. It is reading the atom feed prior re-downloading the db. [Ref: VictimsDbLoader.java]
The license will probably have to be AGPL because of the dependency to the victims-cve-db project.
jasinner
commented
6 years ago Sorry it took so long to comment on this, but do you think we could move this under the 'victims' Github organization?
h3xstream
commented
6 years ago @jasinner No problem.
At the same time, we could change the package name to com.redhat.victims and release the plugin to Maven Central.
h3xstream
commented
6 years ago @jasinner I am trying to do the migration I get : "You don’t have the permission to create repositories on victims"
jasinner
commented
6 years ago I've added you as a project owner for victims. So you should be able to add the repository now. It would be good if we could also change the package name, thanks.
h3xstream
commented
6 years ago Same error.
I get this warning when I click on the plus sign to create a repo :
Alternatively the project can be forked.
jasinner
commented
6 years ago sorry, please try again. Seems I did update your membership status correctly the first time.
h3xstream
commented
6 years ago
Hi victims team, I am using actively the victims-cve-db unfortunately the enforcer plugin failed on most of my tests. I have create a alternative maven plugin that does verification directly based on versions rather than the intermediary hashes.
I am posting this mainly for full disclosure. I am not looking to do a fork or create something bigger. If the victims team is interested, it could become a "official" victims client.
Smalls differences/additions: