-
Notifications
You must be signed in to change notification settings - Fork 225
Description
FreeBSD is in path to convert current vulnerability database which is in VuXML-format to OSV format. There is currently only testing repository available but there is decision for adding FreeBSD things to OSV Schema at the beging and rest when they are ready.
-
Prepare your data - refer to the OSV Schema documentation for information on how to properly format the data so it can be accepted.
-
Create a PR to reserve an ID prefix and define a new ecosystem (example). We review the records you start publishing for OSV Schema correctness and quality as part of reviewing and merging this PR.
-
Prepare and publish your records via a Git repository (example). If this method isn’t ideal, we also support publishing records from REST API endpoints or through a GCS bucket(example).
-
To support API querying, please create a PR to extend purl_helpers.py and create a new ecosystem in _ecosystems.py. You can refer to existing examples showing how to implement support for Semver and non-Semver ecosystems.
-
Create a PR to start importing the records you are publishing into our test instance of OSV.dev and validate everything is working as intended there.
-
Create a PR to start importing the records you are publishing into our production environment