зеркало из https://github.com/golang/vulndb.git
703236d8e9
The OSV affected.package.name field is now the module path, not the package import path. The affected.package.ecosystem_speficic.imports field now contains a list of Go packages and symbols within those packages. Restructure the report YAML to match the OSV structure: A report contains a list of modules, a module contains a list of packages, a package contains a list of symbols. Move GOOS/GOARCH to the package, rather than being report-global. This change updates the canonical YAML format and changes the OSV generation to the new form, but does not reformat data/reports. The report loader rewrites the old report YAML into the new style. Followup CLs will convert the reports and remove the rewriter. Change-Id: I71af994846721fdd43a8ee5c41574387ff781332 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/424895 Reviewed-by: Julie Qiu <julieqiu@google.com> Run-TryBot: Damien Neil <dneil@google.com> |
||
|---|---|---|
| .. | ||
| cveclient | ||
| cvelistrepo | ||
| cveschema | ||
| cveschema5 | ||
| database | ||
| derrors | ||
| ghsa | ||
| gitrepo | ||
| issues | ||
| report | ||
| stdlib | ||
| worker | ||
| internal.go | ||