dependency-track icon indicating copy to clipboard operation
dependency-track copied to clipboard
verified publisher icon DependencyTrack

OSV : replace ecosystem hardcoding with list of ecosystems managed by Google

Open sahibamittal opened this issue 3 years ago • 2 comments

Current Behavior:

For OSV mirroring, we hard code the list of ecosystems to get vulnerabilities.

Proposed Behavior:

OSV has enabled a list of ecosystems they maintain -> https://osv-vulnerabilities.storage.googleapis.com/ecosystems.txt

Issue: https://github.com/google/osv.dev/issues/619

Proposed UI interaction:

While enabling the OSV mirroring in UI, user can select (list or all) ecosystems to mirror. This will reduce load if all ecosystems are not required.

sahibamittal avatar Aug 23 '22 12:08 sahibamittal

@VinodAnandan @nscuro

sahibamittal avatar Aug 23 '22 12:08 sahibamittal

Oh wow, that was quick. 😄

nscuro avatar Aug 23 '22 12:08 nscuro

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

github-actions[bot] avatar Nov 09 '22 10:11 github-actions[bot]