-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Register HSEC database and Hackage ecosystem in osv-schema #4
Comments
Once the system is in place, we should also create an issue for https://github.com/github/advisory-database#sources . |
I propose registering:
|
Working on this right now, will have a PR by end of week |
PR was merged: ossf/osv-schema#157 But the updates have not been "released". And we still need to give some examples. So I guess we leave this open for now. |
Everything is done on the osv.dev side (google/osv.dev#1463). Probably we just need to add some examples to the osv-schema repo, and then we can close this. |
Yeah, I have left some TODOs there, I'll take care of them during this weekend. |
I had left 2 TODOs to add JSON examples. Filling them now (will redo the GHC one when we get a real GHC issue) and closing haskell/security-advisories#4. Signed-off-by: Mihai Maruseac <mihai.maruseac@gmail.com>
Closed accidentally due to the way I set-up the upstream/fork repos |
I had left 2 TODOs to add JSON examples. Filling them now (will redo the GHC one when we get a real GHC issue) and closing haskell/security-advisories#4. --------- Signed-off-by: Mihai Maruseac <mihai.maruseac@gmail.com>
The osv-schema PR was merged. This ticket is resolved. |
osv-schema has a registry of advisory database identifiers (https://ossf.github.io/osv-schema/#id-modified-fields) and a registry of "package ecosystems" (https://ossf.github.io/osv-schema/#affectedpackage-field). We should send a PR to register the HSEC advisory database, and Hackage (as well as, perhaps, GHC itself, e.g. see the definition for
Linux
).The text was updated successfully, but these errors were encountered: