Synchronize gemnasium-db with PHP Security Advisories DB
Problem to solve
As part of maintaining the Gemnasium DB we need to sync with PHP Security Advisories DB
Intended users
~"Secure::Software Composition Analysis" team members
Further details
See epic's proposal for the expected workflow to implement.
Proposal
Added an adapter to https://gitlab.com/gitlab-org/security-products/advisory-db-curation-tools that automatically checks for advisories that are added to the PHP Security Advisories DB GitLab advisory.
Documentation
Updated the Sources documentation to mention the automated process.
What does success look like, and how can we measure that?
Advisories from PHP Security Advisories DB are automatically synchronized with gemnasium-db. This probably can't be a fully automated sync but this should relieve team members from checking the source manually for updates.
Links / references
Edited by Julian Thome