The references section of a report doesn't need to include
links to GitHub/MITRE/NIST for advisories listed as aliases,
since we'll generate those links from the alias information.
Add a lint rule to fund these redundant references.
Allow ADVISORY links to these destinations, which indicate
that the source is the canonical advisory for a vuln.
Allow links to CVEs/GHSAs not listed as aliases, since it's
legitimate to link to a related vulnerability for further
information.
Change-Id: Ibdc103a3ef76f306c2e9ddac7f839f3b94d8467f
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/432975
Run-TryBot: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
Create data/osv, containing the OSV version for all reports.
This directory will be used as the source for database generation
in the future.
Set creation times on all existing reports; future reports will
take the creation time from the OSV entry history.
Change-Id: Ibe0f3a9fc76c0d4afee8102d6a0fd35c7641e97d
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/430682
Run-TryBot: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
Tatiana Bradley
Damien Neil