| commit | abe7a418aeab38d4023c4a54a07b59a6c4ecbaac | [log] [tgz] |
|---|---|---|
| author | Roland Shoemaker <roland@golang.org> | Tue Mar 16 12:02:37 2021 -0700 |
| committer | Filippo Valsorda <valsorda@google.com> | Tue Apr 13 16:18:02 2021 +0200 |
| tree | 4c751efbe0c05e13788914f51d1a48d52c78471c |
all: initial commit
This repository contains a handful of prototypes for the Go vulnerability database, as well as a initial set of vulnerability reports. Some of these packages can probably be coalesced, but for now are easier to work on in a more segmented fashion.
reports contains TOML security reports, the format is described in format.mdreport provides a package for parsing and linting TOML reportsosv provides a package for generating OSV-style JSON vulnerability entries from a report.Reportclient contains a client for accesing HTTP/fs based vulnerability databases, as well as a minimal caching implementationcmd/gendb provides a tool for converting TOML reports into JSON databasecmd/genhtml provides a tool for converting TOML reports into a HTML websitecmd/linter provides a tool for linting individual reportscmd/report2cve provides a tool for converting TOML reports into JSON CVEs