commit | b88680fc6842d04b9f9a5e15e17823dc3ff56028 | [log] [tgz] |
---|---|---|
author | Zvonimir Pavlinovic <zpavlinovic@google.com> | Tue Mar 23 11:19:57 2021 -0700 |
committer | Filippo Valsorda <valsorda@google.com> | Tue Apr 13 16:18:34 2021 +0200 |
tree | d3b09b19eab9446c92216c133ed99fc9c506d374 | |
parent | 2992f259b81505bc4075411a0e423d3936f2deca [diff] |
client: allows fsCache to be publicly accessable for go audit. fsCache is the only cache implementation available. In order to be integrated in goaudit, it needs to be made publicly accessable as go audit and cache do not live in the same repo. fsCache will be made private again once go audit and client live in the same space in the near future. Change-Id: I4dd86f407ce83f2162e8a1921f86643bbefdd456 Reviewed-on: https://team-review.git.corp.google.com/c/golang/vulndb/+/1033548 Reviewed-by: Roland Shoemaker <bracewell@google.com>
This repository contains a handful of prototypes for the Go vulnerability database, as well as a initial set of vulnerability reports. Some of these packages can probably be coalesced, but for now are easier to work on in a more segmented fashion.
reports
contains TOML security reports, the format is described in format.md
report
provides a package for parsing and linting TOML reportsosv
provides a package for generating OSV-style JSON vulnerability entries from a report.Report
client
contains a client for accesing HTTP/fs based vulnerability databases, as well as a minimal caching implementationcmd/gendb
provides a tool for converting TOML reports into JSON databasecmd/genhtml
provides a tool for converting TOML reports into a HTML websitecmd/linter
provides a tool for linting individual reportscmd/report2cve
provides a tool for converting TOML reports into JSON CVEs