.NET libraries for Open Source Vulnerabilities (OSV) schema and API client. Currently support version 1.7.0 of the OSV schema.
There are two ways to use the OSV.NET library:
- Manual instantiation
- Dependency injection (DI)
using OSV.Client;
using var client = new OSVClient();
try
{
var query = new Query
{
Package = new Package
{
Name = "lodash",
Ecosystem = "npm"
},
Version = "4.17.20"
};
var response = await client.QueryAffectedAsync(query);
Console.WriteLine($"Found {response.Vulnerabilities.Count()} vulnerabilities for lodash@4.17.20");
}
catch (OSVException ex)
{
// Handle OSV-specific exceptions
}Register the OSV client in your application's service collection, typically in Program.cs:
// Register OSV client
builder.Services.AddOSVClient(client =>
{
// Add any additional HttpClient configuration
client.Timeout = TimeSpan.FromSeconds(30);
});All packages in this repository are licensed under the MIT license.