| commit | b88680fc6842d04b9f9a5e15e17823dc3ff56028 | [log] [tgz] |
|---|---|---|
| author | Zvonimir Pavlinovic <zpavlinovic@google.com> | Tue Mar 23 11:19:57 2021 -0700 |
| committer | Filippo Valsorda <valsorda@google.com> | Tue Apr 13 16:18:34 2021 +0200 |
| tree | d3b09b19eab9446c92216c133ed99fc9c506d374 | |
| parent | 2992f259b81505bc4075411a0e423d3936f2deca [diff] |
client: allows fsCache to be publicly accessable for go audit. fsCache is the only cache implementation available. In order to be integrated in goaudit, it needs to be made publicly accessable as go audit and cache do not live in the same repo. fsCache will be made private again once go audit and client live in the same space in the near future. Change-Id: I4dd86f407ce83f2162e8a1921f86643bbefdd456 Reviewed-on: https://team-review.git.corp.google.com/c/golang/vulndb/+/1033548 Reviewed-by: Roland Shoemaker <bracewell@google.com>
This repository contains a handful of prototypes for the Go vulnerability database, as well as a initial set of vulnerability reports. Some of these packages can probably be coalesced, but for now are easier to work on in a more segmented fashion.
reports contains TOML security reports, the format is described in format.mdreport provides a package for parsing and linting TOML reportsosv provides a package for generating OSV-style JSON vulnerability entries from a report.Reportclient contains a client for accesing HTTP/fs based vulnerability databases, as well as a minimal caching implementationcmd/gendb provides a tool for converting TOML reports into JSON databasecmd/genhtml provides a tool for converting TOML reports into a HTML websitecmd/linter provides a tool for linting individual reportscmd/report2cve provides a tool for converting TOML reports into JSON CVEs