Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Collect advisories for AlmaLinux #1201

Open
mjherzog opened this issue May 23, 2023 · 3 comments · May be fixed by #1491
Open

Collect advisories for AlmaLinux #1201

mjherzog opened this issue May 23, 2023 · 3 comments · May be fixed by #1491
Assignees
@ambuj-1211
Labels
Data collection GSoC 24 GSoC 24 (Data Collection & Data Quality project) importer

Comments

@mjherzog
Copy link
Member

AlmaLinux (CentOS successor) has its own listing of applicable OSV advisories at: https://github.com/AlmaLinux/osv-database/tree/master/advisories. We may want to add these to VulnerableCode.
@ambuj-1211
Copy link
Collaborator

@mjherzog If this one is free I am working on it.

@ziadhany
Copy link
Collaborator

@ambuj-1211 AlmaLinux uses OSV schema and we have a script to handle OSV
you should use this script instead of writing the importer from scratch.
https://github.com/nexB/vulnerablecode/blob/4a6734b1bbaa8df6fd816f3eb4fd843a88c1ecec/vulnerabilities/importers/osv.py

and try to have a look at similar importers :
https://github.com/nexB/vulnerablecode/blob/main/vulnerabilities/importers/github_osv.py
https://github.com/nexB/vulnerablecode/blob/main/vulnerabilities/importers/oss_fuzz.py

@ambuj-1211
Copy link
Collaborator

@ambuj-1211 AlmaLinux uses OSV schema and we have a script to handle OSV
you should use this script instead of writing the importer from scratch.
https://github.com/nexB/vulnerablecode/blob/4a6734b1bbaa8df6fd816f3eb4fd843a88c1ecec/vulnerabilities/importers/osv.py

and try to have a look at similar importers :
https://github.com/nexB/vulnerablecode/blob/main/vulnerabilities/importers/github_osv.py
https://github.com/nexB/vulnerablecode/blob/main/vulnerabilities/importers/oss_fuzz.py

Okay @ziadhany

@ambuj-1211 ambuj-1211 linked a pull request Jun 22, 2024 that will close this issue
Open
@ambuj-1211 ambuj-1211 added the GSoC 24 GSoC 24 (Data Collection & Data Quality project) label Jun 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ambuj-1211 ambuj-1211

Labels
Data collection GSoC 24 GSoC 24 (Data Collection & Data Quality project) importer
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add Almalinux advisories ambuj-1211/vulnerablecode
3 participants
@mjherzog @ziadhany @ambuj-1211