Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Ingest first patched version of security vulnerabilities from the GitHub API #7686
We have decided we would like to ingest this field from GitHub as well.
Unfortunately, this means that we also need to introduce logic to compare the existing vulnerable range metadata to the updated vulnerable range metadata, because previously these could not change. If we find that a vulnerable range has been updated, we must mark all packages it applies to as updated as well, so the new first patched version will flow through V3.