Skip to content
  • Jamie Tanna's avatar
    3dbd02e3
    Add `sensitive_packages` table to avoid external lookups · 3dbd02e3
    Jamie Tanna authored
    As noted in #189, there's no way right now to avoid leaking internal
    package names to the public Internet when generating advisories or
    missing data.
    
    Right now, the solution is to just deal with it, which isn't ideal.
    Instead, we can add this as a first-class citizen with a new table, and
    the ability to ignore these packages when performing lookups.
    
    This requires we tweak our existing queries to now left join (in case
    there's no match) the `sensitive_packages` table and filter out/in
    packages as appropriate.
    
    Closes #189.
    3dbd02e3
    Add `sensitive_packages` table to avoid external lookups
    Jamie Tanna authored
    As noted in #189, there's no way right now to avoid leaking internal
    package names to the public Internet when generating advisories or
    missing data.
    
    Right now, the solution is to just deal with it, which isn't ideal.
    Instead, we can add this as a first-class citizen with a new table, and
    the ability to ignore these packages when performing lookups.
    
    This requires we tweak our existing queries to now left join (in case
    there's no match) the `sensitive_packages` table and filter out/in
    packages as appropriate.
    
    Closes #189.
Loading