Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a live endpoint to find vulnerabilities in a dependency tree #1447

Closed
TG1999 opened this issue Nov 18, 2022 · 2 comments
Closed

Add a live endpoint to find vulnerabilities in a dependency tree #1447

TG1999 opened this issue Nov 18, 2022 · 2 comments

Comments

@TG1999
Copy link
Contributor

TG1999 commented Nov 18, 2022

We can use python-inspector and point towards vulnerable packages in a dependency tree.

Reported by @pombredanne
@TG1999 TG1999 added this to the v32.0.0 milestone Nov 18, 2022
@pombredanne pombredanne removed this from the v32.0.0 milestone Dec 8, 2022
@pombredanne
Copy link
Member

I am moving this is Scancode.io

@pombredanne pombredanne transferred this issue from aboutcode-org/vulnerablecode Nov 11, 2024
@Marsh-sudo Marsh-sudo mentioned this issue Mar 16, 2023
Open
@AyanSinhaMahapatra
Copy link
Member

With #1066 we now have the models required to store dependency tree information and the find_vulnerabilities pipeline looks for vulnerabilities in those dependencies/resolved packages.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pombredanne @AyanSinhaMahapatra @TG1999