Skip to content
Snippets Groups Projects
Select Git revision
  • renovate/major-opa
  • spike/go-tools-124-gql
  • spike/go-tools-124
  • main default protected
  • chore/deepmap
  • docs/mas
  • build/notify
  • fix/du
  • defect/diff
  • defect/json
  • chore/schema
  • feat/diff-json
  • chore/typo
  • build/binaries
  • build/changelog-
  • defect/otel
  • chore/otel
  • chore/dep
  • docs/changelog
  • defect/changelog
  • v0.115.3 protected
  • v0.115.2 protected
  • v0.115.1 protected
  • v0.115.0 protected
  • v0.114.0 protected
  • v0.113.5 protected
  • v0.113.4 protected
  • v0.113.3 protected
  • v0.113.2 protected
  • v0.113.1 protected
  • v0.113.0 protected
  • v0.112.0 protected
  • v0.111.1 protected
  • v0.111.0 protected
  • v0.110.2 protected
  • v0.110.1 protected
  • v0.110.0 protected
  • v0.109.0 protected
  • v0.108.0 protected
  • v0.107.0 protected
40 results

schema.go

  • Jamie Tanna's avatar
    b63bbe83
    Add CVE checking functionality · b63bbe83
    Jamie Tanna authored
    To be able to more easily get a grasp over which of your dependencies
    have CVEs associated with them, we can add a new `generate cve`
    subcommand.
    
    We can use the excellent service https://osv.dev to do the underlying
    checks, and record CVE numbers, whether official CVE- or issued through
    other ecosystems like GO- or GHSA-.
    
    This requires a small translation layer for our dependencies, and a
    hand-rolled API client due to the OpenAPI 2.0 (Swagger) document not
    working with `oapi-codegen`, as well as the JSON Schema not working with
    `jsonschemagen`.
    
    Right now, we only support the Renovate datasource, and don't provide a
    `report` subcommand, but the CVEs can be highlighted with:
    
      SELECT organisation, repo, package_name, cve_id FROM renovate NATURAL JOIN osvdev_cves;
    
    Closes #56.
    b63bbe83
    History
    Add CVE checking functionality
    Jamie Tanna authored
    To be able to more easily get a grasp over which of your dependencies
    have CVEs associated with them, we can add a new `generate cve`
    subcommand.
    
    We can use the excellent service https://osv.dev to do the underlying
    checks, and record CVE numbers, whether official CVE- or issued through
    other ecosystems like GO- or GHSA-.
    
    This requires a small translation layer for our dependencies, and a
    hand-rolled API client due to the OpenAPI 2.0 (Swagger) document not
    working with `oapi-codegen`, as well as the JSON Schema not working with
    `jsonschemagen`.
    
    Right now, we only support the Renovate datasource, and don't provide a
    `report` subcommand, but the CVEs can be highlighted with:
    
      SELECT organisation, repo, package_name, cve_id FROM renovate NATURAL JOIN osvdev_cves;
    
    Closes #56.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
schema.go 81 B