You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Mar 8, 2023. It is now read-only.
**Note:** This project will be discontinued after **December 13th, 2021**.
6
+
4
7
## Overview
5
8
The vulnerable code database (Vulncode-DB) is a database for vulnerabilities and their corresponding
6
9
source code if available. The database extends the NVD / CVE data sets with user-supplied
@@ -9,10 +12,24 @@ Particularly, the database intends to make real-world examples of vulnerable cod
9
12
10
13
The main instance is hosted on [vulncode-db.com](https://www.vulncode-db.com) and more context is provided at [vulncode-db.com/about](https://www.vulncode-db.com/about).
11
14
12
-
**Please note:**
15
+
### Why is this project deprecated?
16
+
-**Bootstrapping problem** - Vulncode-DB 's usefulness depends on having unique content. We can automatically detect some vulnerability patches via CVE/NVD metadata. We can also highlight relevant sections and annotate them in a write-up fashion. We also allow users to modify or annotate content themselves. However, this by itself is insufficient to make anyone use the platform. You need much and high-quality data first to make this useful, which a prototype like ours can't attain at this stage without extensive investment.
17
+
-**Lack of community support** - While there was some positive feedback there have been only a few contributors. The platform and vision seem to be inadequate to get more practical support.
18
+
-**Insufficient resources** - Developing the platform and for example a feature like a version control system for user moderated content similar to Wikipedia requires much engineering work for which we, as 20% contributors, are understaffed.
19
+
-**Added value unknown** - Even if all of the above would be solved it's still unclear whether the platform would provide sufficient value for individuals to justify a dedicated project. You can go to CVE details or Google for write-ups to learn more about a vulnerability. This is an established habit, hard to break and might already be good enough for individuals to learn more.
20
+
21
+
### How and when?
22
+
- This repository will be kept alive. However, we'll discontinue the [https://vulncode-db.com](https://vulncode-db.com) website and API after **December 13th, 2021**.
23
+
24
+
### Do you have feedback/ideas for how it should be continued?
25
+
- We're open to feedback, let's talk! You can reach us via [https://twitter.com/evonide](https://twitter.com/evonide) (rhabalov [at] gmail.com) or [https://twitter.com/bluec0re](https://twitter.com/bluec0re).
26
+
27
+
Finally, thank you to all contributors and individuals who supported the project. We are very grateful for your support, time and feedback.
28
+
29
+
Best,
30
+
31
+
Ruslan and Timo
13
32
14
-
This application is currently in an experimental alpha version mostly for demonstration purposes.
15
-
The application might be unreliable, contains many bugs and is not feature complete. Please set your expectations accordingly.
0 commit comments