Introduce means to mark custom packages with (not necessarily security) advisories
- I.e.
github.com/pkg/errors - i.e.
github.com/gorilla/* - i.e.
github.com/satori/go.uuid - I.e. "this specific version of this library"
- I.e. "<= this version of this library"
With advisory_type:
deprecatedsecurityother
select
renovate.repo,
package_name,
renovate.version,
renovate.current_version,
advisories.package_pattern,
advisory_type,
description
from
renovate
inner join advisories on renovate.package_name like replace(advisories.package_pattern, '*', '%')
where
(
case
when version_match_strategy IS NULL then true
when version_match_strategy = 'ANY' then true
when version_match_strategy = 'EQUAL' then current_version = advisories.version
when version_match_strategy = 'LESS_THAN' then current_version < advisories.version
when version_match_strategy = 'LESS_EQUAL' then current_version <= advisories.version
when version_match_strategy = 'GREATER_THAN' then current_version > advisories.version
when version_match_strategy = 'GREATER_EQUAL' then current_version >= advisories.version
else false
end)
order by advisory_typeEdited by Jamie Tanna