| commit | 0e62b48164bcf288fd06d93c25819381166d5af8 | [log] [tgz] |
|---|---|---|
| author | Jonathan Amsterdam <jba@google.com> | Tue Feb 08 14:24:42 2022 -0500 |
| committer | Jonathan Amsterdam <jba@google.com> | Mon Feb 28 14:34:01 2022 +0000 |
| tree | 4799e452f4efe46a30f30f63733db2e2b8b91ab2 | |
| parent | 8fc1aa839bd24dd16982ac46ab99ec78cfb18aaa [diff] |
{cmd,internal}/worker: update GitHub security advisories
Add code to update the store state with information from GitHub's API
about its security advisories.
Since we can process the entire set of advisories in one transaction
(there are only 34 non-CVE Go-related advisories as of this writing),
this update process is considerably simpler than that for CVEs. We
don't need to worry about concurrent updates, for one thing. So we
avoid a separate record for each run, as we have with the
CommitUpdateRecord for CVEs.
Change-Id: I913864b4c83e39144af84da9447b33870c8cc5f0
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/384214
Trust: Jonathan Amsterdam <jba@google.com>
Run-TryBot: Jonathan Amsterdam <jba@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
This repository contains the reports for the Go Vulnerability Database.
If you are interested accessing data from the Go Vulnerability Database, see x/vuln for information. This repository is only used for adding new vulnerabilities.
We are not accepting new vulnerability reports at this time. We will update this README.md once we are ready to receive reports.
Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.
Database entries are distributed under the terms of the CC-BY 4.0 license. See x/vuln for information on how to access these entries.