Skip to content
This repository has been archived by the owner on Sep 18, 2023. It is now read-only.

Add a CPE Enrichment Provider #121

Closed
ericrippetoe opened this issue Jul 24, 2023 · 1 comment
Closed

Add a CPE Enrichment Provider #121

ericrippetoe opened this issue Jul 24, 2023 · 1 comment
Labels
proposed

Comments

@ericrippetoe
Copy link

Target Audience
The Harbor system.

What’s the Value
The Harbor system itself needs a CPE ID to correlate vulnerability data across enrichment sources.

Details
The Harbor system needs a way to correlate CPEs to PURLs because different enrichment sources in the vulnerability ecosystem use one or the other IDs. For example, Ion Channel and NVD use CPE, whereas Snyk uses PURL.

Definition of Done
An enrichment provider that runs each day that downloads public PURL to CPE data sources.
The enrichment provider will then attempt to resolve Harbor PURL index against the CPE index.
It should report back basic statistics (total number, percentage) regarding how many PURLs cannot be resolved to a CPE.
@ericrippetoe ericrippetoe mentioned this issue Jul 24, 2023
Closed
19 tasks
@sbolel
Copy link
Contributor

sbolel commented Sep 18, 2023

⚠️ Repository Decommission Notice: This repository is scheduled to be archived as it has been decommissioned and will no longer be actively maintained. As part of the archival process, we are closing all open issues and pull requests.

@sbolel sbolel closed this as not planned Won't fix, can't repro, duplicate, stale Sep 18, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
proposed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@DerekStrickland @sbolel @ericrippetoe