Add support for all osv ecosystems by ziadhany · Pull Request #926 · aboutcode-org/vulnerablecode

ziadhany · 2022-09-24T16:13:08Z

Signed-off-by: ziadhany ziadhany2016@gmail.com

vulnerabilities/importers/github_osv.py

ziadhany · 2023-01-12T10:50:34Z

importer logs :

Unsupported package type: PackageURL(type='rubygems', namespace=None, name='sprout', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-229r-pqp6-8w6g'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='rails', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-24fg-p96v-hxh8'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='rails', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-24fg-p96v-hxh8'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='actionpack', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-29gr-w57f-rpfw'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='actionpack', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-29gr-w57f-rpfw'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='actionpack', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-29gr-w57f-rpfw'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='actionpack', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-2xjj-5x6h-8vmf'
....
Invalid version class: None - '1.4.3' for OSV id: 'GHSA-fjgq-224f-fq37'
Unknown version range for ecosystem go for OSV id: 'GHSA-fjgq-224f-fq37'
Invalid version class: None - '3.0.9' for OSV id: 'GHSA-fjgq-224f-fq37'
Unknown version range for ecosystem go for OSV id: 'GHSA-fv6c-rfg3-gvjw'
Invalid version class: None - '0.9.0' for OSV id: 'GHSA-fv6c-rfg3-gvjw'
Invalid file name: advisory-database-main/advisories/github-reviewed/2022/12/GHSA-g3wc-xv93-445q/GHSA-g3wc-xv93-445q.json - unhashable type: 'Version'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='prettytable-rs', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-gfgm-chr3-x6px'
Unknown version range for ecosystem go for OSV id: 'GHSA-gfj4-wg89-m22r'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-gfj4-wg89-m22r'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-gg8r-xjwq-4w92'
Invalid version class: None - '6.3.1' for OSV id: 'GHSA-gg8r-xjwq-4w92'
Invalid file name: advisory-database-main/advisories/github-reviewed/2022/12/GHSA-gg8r-xjwq-4w92/GHSA-gg8r-xjwq-4w92.json - unhashable type: 'Version'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-ghw3-5qvm-3mqc'
Invalid version class: None - '4.2.11' for OSV id: 'GHSA-ghw3-5qvm-3mqc'
Unknown version range for ecosystem go for OSV id: 'GHSA-ghx2-6v4g-9wmm'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-ghx2-6v4g-9wmm'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-gqgq-784q-v9xp'
Unknown version range for ecosystem go for OSV id: 'GHSA-gvfj-fxx3-j323'
Invalid version class: None - '0.3.1' for OSV id: 'GHSA-gvfj-fxx3-j323'
Unknown version range for ecosystem go for OSV id: 'GHSA-gw62-c7w4-x449'
Unknown version range for ecosystem go for OSV id: 'GHSA-gw9m-2m5v-c6x5'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-gw9m-2m5v-c6x5'
Unknown version range for ecosystem go for OSV id: 'GHSA-gxgj-xjcw-fv9p'
Invalid version class: None - '0.0.0-20130808000456-233bccbb1abe' for OSV id: 'GHSA-gxgj-xjcw-fv9p'
Unknown version range for ecosystem go for OSV id: 'GHSA-gxgj-xjcw-fv9p'
Invalid version class: None - '0.0.0-20130808000456-233bccbb1abe' for OSV id: 'GHSA-gxgj-xjcw-fv9p'
Unknown version range for ecosystem go for OSV id: 'GHSA-gxqf-4g4p-q3hc'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-gxqf-4g4p-q3hc'
Unknown version range for ecosystem go for OSV id: 'GHSA-h2ph-vhm7-g4hp'
Invalid version class: None - '2.9.6' for OSV id: 'GHSA-h2ph-vhm7-g4hp'
Unknown version range for ecosystem go for OSV id: 'GHSA-h4q8-96p6-jcgr'
Invalid version class: None - '2.0.0' for OSV id: 'GHSA-h4q8-96p6-jcgr'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-h972-v458-m892'
Invalid version class: None - '3.7.33' for OSV id: 'GHSA-h972-v458-m892'
Unknown version range for ecosystem go for OSV id: 'GHSA-hc5q-26h8-r9wf'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-hc5q-26h8-r9wf'
Unknown version range for ecosystem go for OSV id: 'GHSA-hggr-p7v6-73p5'
Invalid version class: None - '1.0.0' for OSV id: 'GHSA-hggr-p7v6-73p5'
Unknown version range for ecosystem go for OSV id: 'GHSA-hhxg-px5h-jc32'
Invalid version class: None - '0.0.0-20200329073418-5d38f39de352' for OSV id: 'GHSA-hhxg-px5h-jc32'
Unknown version range for ecosystem go for OSV id: 'GHSA-hrm3-3xm6-x33h'
Invalid version class: None - '0.0.0-20200131131040-063a3fb69896' for OSV id: 'GHSA-hrm3-3xm6-x33h'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-hvwx-qh2h-xcfj'
Invalid version class: None - '1.5.0' for OSV id: 'GHSA-hvwx-qh2h-xcfj'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-hvwx-qh2h-xcfj'
Invalid version class: None - '2.1.1' for OSV id: 'GHSA-hvwx-qh2h-xcfj'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-hvwx-qh2h-xcfj'
Invalid version class: None - '10.4.33' for OSV id: 'GHSA-hvwx-qh2h-xcfj'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-hvwx-qh2h-xcfj'
Invalid version class: None - '11.5.20' for OSV id: 'GHSA-hvwx-qh2h-xcfj'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-hvwx-qh2h-xcfj'
Invalid version class: None - '12.1.1' for OSV id: 'GHSA-hvwx-qh2h-xcfj'
Unknown version range for ecosystem go for OSV id: 'GHSA-j453-hm5x-c46w'
Invalid version class: None - '4.2.0' for OSV id: 'GHSA-j453-hm5x-c46w'
Unknown version range for ecosystem go for OSV id: 'GHSA-j593-h5v3-45x6'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-j593-h5v3-45x6'
Unknown version range for ecosystem go for OSV id: 'GHSA-j7qp-mfxf-8xjw'
Invalid version class: None - '0.18.0' for OSV id: 'GHSA-j7qp-mfxf-8xjw'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-j82x-fh8h-326g'
Invalid version class: None - '0.1.9' for OSV id: 'GHSA-j82x-fh8h-326g'
Unknown version range for ecosystem go for OSV id: 'GHSA-j8x2-2m5w-j939'
Invalid version class: None - '1.247355' for OSV id: 'GHSA-j8x2-2m5w-j939'
Unknown version range for ecosystem go for OSV id: 'GHSA-jcr6-mmjj-pchw'
Invalid version class: None - '1.3.0' for OSV id: 'GHSA-jcr6-mmjj-pchw'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-jfp7-79g7-89rf'
Invalid version class: None - '8.7.49' for OSV id: 'GHSA-jfp7-79g7-89rf'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-jfp7-79g7-89rf'
Invalid version class: None - '9.5.38' for OSV id: 'GHSA-jfp7-79g7-89rf'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-jfp7-79g7-89rf'
Invalid version class: None - '10.4.33' for OSV id: 'GHSA-jfp7-79g7-89rf'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-jfp7-79g7-89rf'
Invalid version class: None - '11.5.20' for OSV id: 'GHSA-jfp7-79g7-89rf'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-jfp7-79g7-89rf'
Invalid version class: None - '12.1.1' for OSV id: 'GHSA-jfp7-79g7-89rf'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-jfp7-79g7-89rf'
Invalid version class: None - '10.4.33' for OSV id: 'GHSA-jfp7-79g7-89rf'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-jfp7-79g7-89rf'
Invalid version class: None - '11.5.20' for OSV id: 'GHSA-jfp7-79g7-89rf'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-jfp7-79g7-89rf'
Invalid version class: None - '12.1.1' for OSV id: 'GHSA-jfp7-79g7-89rf'
Unknown version range for ecosystem go for OSV id: 'GHSA-jpf8-h7h7-3ppm'
Invalid version class: None - '0.0.0-20201201191210-20a61371de5b' for OSV id: 'GHSA-jpf8-h7h7-3ppm'
Unknown version range for ecosystem go for OSV id: 'GHSA-jpgg-cp2x-qrw3'
Invalid version class: None - '1.5.2' for OSV id: 'GHSA-jpgg-cp2x-qrw3'
Unknown version range for ecosystem go for OSV id: 'GHSA-jr65-gpj5-cw74'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='libp2p', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-jvgw-gccv-q5p8'
Unknown version range for ecosystem go for OSV id: 'GHSA-jvq8-w7qv-hqp6'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-jvq8-w7qv-hqp6'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-jw6x-4h8h-569x'
Invalid version class: None - '4.1.0' for OSV id: 'GHSA-jw6x-4h8h-569x'
Unknown version range for ecosystem go for OSV id: 'GHSA-jwrv-x6rx-8vfm'
Invalid version class: None - '0.5.0' for OSV id: 'GHSA-jwrv-x6rx-8vfm'
Unknown version range for ecosystem go for OSV id: 'GHSA-m3cq-xcx9-3gvm'
Invalid version class: None - '1.8.5' for OSV id: 'GHSA-m3cq-xcx9-3gvm'
Invalid VersionRange  for affected_pkg: {'package': {'ecosystem': 'Go', 'name': 'github.com/openfga/openfga'}, 'ranges': [{'type': 'ECOSYSTEM', 'events': [{'introduced': '0.3.0'}, {'fixed': '0.3.1'}]}], 'versions': ['0.3.0']} for OSV id: 'GHSA-m3q4-7qmj-657m': error:KeyError('go')
Unknown version range for ecosystem go for OSV id: 'GHSA-m3q4-7qmj-657m'
Invalid version class: None - '0.3.1' for OSV id: 'GHSA-m3q4-7qmj-657m'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-m54v-gv8p-9pqp'
Unknown version range for ecosystem go for OSV id: 'GHSA-m5pr-wm6q-x4g2'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-m5pr-wm6q-x4g2'
Unknown version range for ecosystem go for OSV id: 'GHSA-m7qp-cj9p-gj85'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='rails-html-sanitizer', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-mcvf-2q2m-x72m'
Unknown version range for ecosystem go for OSV id: 'GHSA-mfmp-8mqg-q4wm'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-mfmp-8mqg-q4wm'
Unknown version range for ecosystem go for OSV id: 'GHSA-mfvq-m3jj-8864'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-mfvq-m3jj-8864'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-mgj2-q8wp-29rr'
Invalid version class: None - '10.4.33' for OSV id: 'GHSA-mgj2-q8wp-29rr'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-mgj2-q8wp-29rr'
Invalid version class: None - '11.5.20' for OSV id: 'GHSA-mgj2-q8wp-29rr'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-mgj2-q8wp-29rr'
Invalid version class: None - '12.1.1' for OSV id: 'GHSA-mgj2-q8wp-29rr'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-mgj2-q8wp-29rr'
Invalid version class: None - '10.4.33' for OSV id: 'GHSA-mgj2-q8wp-29rr'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-mgj2-q8wp-29rr'
Invalid version class: None - '11.5.20' for OSV id: 'GHSA-mgj2-q8wp-29rr'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-mgj2-q8wp-29rr'
Invalid version class: None - '12.1.1' for OSV id: 'GHSA-mgj2-q8wp-29rr'
Unknown version range for ecosystem go for OSV id: 'GHSA-mq5q-gpgv-pwxw'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-mq5q-gpgv-pwxw'
Unknown version range for ecosystem go for OSV id: 'GHSA-p228-4mrh-ww7r'
Invalid version class: None - '1.3.50' for OSV id: 'GHSA-p228-4mrh-ww7r'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-p4qr-vq2g-22wp'
Invalid version class: None - '6.0.14' for OSV id: 'GHSA-p4qr-vq2g-22wp'
Unknown version range for ecosystem go for OSV id: 'GHSA-p6fg-723f-hgpw'
Unknown version range for ecosystem go for OSV id: 'GHSA-p82q-rxpm-hjpc'
Invalid version class: None - '1.8.13' for OSV id: 'GHSA-p82q-rxpm-hjpc'
Unknown version range for ecosystem go for OSV id: 'GHSA-pmg2-rph8-p8r6'
Invalid version class: None - '3.6.0' for OSV id: 'GHSA-pmg2-rph8-p8r6'
Unknown version range for ecosystem go for OSV id: 'GHSA-pp3p-6jjh-rmg7'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-pp3p-6jjh-rmg7'
Unknown version range for ecosystem go for OSV id: 'GHSA-ppp9-7jff-5vj2'
Invalid version class: None - '0.3.7' for OSV id: 'GHSA-ppp9-7jff-5vj2'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-pwh3-3pcm-6vjh'
Unknown version range for ecosystem go for OSV id: 'GHSA-pwhr-p68w-296x'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-pwhr-p68w-296x'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-q7qq-9gx2-ggxv'
Invalid version class: None - '4.9.0' for OSV id: 'GHSA-q7qq-9gx2-ggxv'
Unknown version range for ecosystem go for OSV id: 'GHSA-q9qr-jwpw-3qvv'
Invalid version class: None - '0.3.0' for OSV id: 'GHSA-q9qr-jwpw-3qvv'
Unknown version range for ecosystem go for OSV id: 'GHSA-qcf5-m2c6-89f2'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-qcf5-m2c6-89f2'
Unknown version range for ecosystem go for OSV id: 'GHSA-qcw2-492v-57xj'
Invalid version class: None - '0.9.0' for OSV id: 'GHSA-qcw2-492v-57xj'
Unknown version range for ecosystem go for OSV id: 'GHSA-qf9q-3wwx-8qjv'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-qf9q-3wwx-8qjv'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='capnp', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-qqff-4vw4-f6hx'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='capnp', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-qqff-4vw4-f6hx'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='capnp', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-qqff-4vw4-f6hx'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-qqv9-gqh5-7h99'
Unknown version range for ecosystem go for OSV id: 'GHSA-qr52-59r6-49f4'
Invalid version class: None - '0.9.0' for OSV id: 'GHSA-qr52-59r6-49f4'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-qr97-v87p-x965'
Invalid version class: None - '3.0' for OSV id: 'GHSA-qr97-v87p-x965'
Unknown version range for ecosystem go for OSV id: 'GHSA-qrrf-xvcf-p64q'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-qrrf-xvcf-p64q'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='nokogiri', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-qv4q-mr5r-qprj'
Unknown version range for ecosystem go for OSV id: 'GHSA-qvx2-59g8-8hph'
Invalid version class: None - '1.2.1' for OSV id: 'GHSA-qvx2-59g8-8hph'
Unknown version range for ecosystem go for OSV id: 'GHSA-qw36-rw5q-gxcq'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-qw36-rw5q-gxcq'
Unknown version range for ecosystem go for OSV id: 'GHSA-r3p3-5f35-h6mf'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-r3p3-5f35-h6mf'
Unknown version range for ecosystem go for OSV id: 'GHSA-r7hg-2cpp-8wqq'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-r7hg-2cpp-8wqq'
Unknown version range for ecosystem go for OSV id: 'GHSA-r88r-gmrh-7j83'
Invalid version class: None - '2.2.3' for OSV id: 'GHSA-r88r-gmrh-7j83'
Unknown version range for ecosystem go for OSV id: 'GHSA-rgj5-jj5q-v3v7'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-rjf6-wj7r-5fj2'
Invalid version class: None - '3.1.9' for OSV id: 'GHSA-rjf6-wj7r-5fj2'
Unknown version range for ecosystem go for OSV id: 'GHSA-rmhx-9h5h-3xh3'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-rmhx-9h5h-3xh3'
Unknown version range for ecosystem go for OSV id: 'GHSA-rmj9-q58g-9qgg'
Invalid version class: None - '2.0.0' for OSV id: 'GHSA-rmj9-q58g-9qgg'
Unknown version range for ecosystem go for OSV id: 'GHSA-rprg-4v7q-87v7'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='rails-html-sanitizer', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-rrfc-7g8p-99q8'
Unknown version range for ecosystem go for OSV id: 'GHSA-rx2m-xr4x-54hh'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-rx2m-xr4x-54hh'
Unknown version range for ecosystem go for OSV id: 'GHSA-v92p-phmp-xffr'
Invalid version class: None - '0.9.0' for OSV id: 'GHSA-v92p-phmp-xffr'
Unknown version range for ecosystem go for OSV id: 'GHSA-vh43-cc6x-prpr'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-vh43-cc6x-prpr'
Unknown version range for ecosystem go for OSV id: 'GHSA-vp56-r7qv-783v'
Invalid version class: None - '0.12.4' for OSV id: 'GHSA-vp56-r7qv-783v'
Invalid file name: advisory-database-main/advisories/github-reviewed/2022/12/GHSA-vq23-hwg7-hxrh/GHSA-vq23-hwg7-hxrh.json - unhashable type: 'Version'
Unknown version range for ecosystem go for OSV id: 'GHSA-vwg4-846x-f94v'
Invalid version class: None - '0.9.0' for OSV id: 'GHSA-vwg4-846x-f94v'
Invalid file name: advisory-database-main/advisories/github-reviewed/2022/12/GHSA-vx2x-9cff-fhjw/GHSA-vx2x-9cff-fhjw.json - unhashable type: 'Version'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-vxwf-79ch-f7f7'
Invalid version class: None - '4.7.2' for OSV id: 'GHSA-vxwf-79ch-f7f7'
Unknown version range for ecosystem go for OSV id: 'GHSA-w57v-6xp4-rm2v'
Invalid version class: None - '0.9.0' for OSV id: 'GHSA-w57v-6xp4-rm2v'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-w6qf-j4qr-f946'
Invalid version class: None - '2.0.0-beta1' for OSV id: 'GHSA-w6qf-j4qr-f946'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-w9wc-4xcq-8gr6'
Invalid version class: None - '6.0.53' for OSV id: 'GHSA-w9wc-4xcq-8gr6'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-w9wc-4xcq-8gr6'
Invalid version class: None - '5.0.119' for OSV id: 'GHSA-w9wc-4xcq-8gr6'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-wpgc-5cr5-h9gg'
Invalid version class: None - '3.1.9' for OSV id: 'GHSA-wpgc-5cr5-h9gg'
Unknown version range for ecosystem go for OSV id: 'GHSA-x39j-h85h-3f46'
Invalid version class: None - '0.8.1' for OSV id: 'GHSA-x39j-h85h-3f46'
Unknown version range for ecosystem go for OSV id: 'GHSA-x45c-cvp8-q4fm'
Invalid version class: None - '0.1.3' for OSV id: 'GHSA-x45c-cvp8-q4fm'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-x5q4-m45m-fm94'
Invalid version class: None - '1.8.7' for OSV id: 'GHSA-x5q4-m45m-fm94'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-x87m-36g7-6mpw'
Unknown version range for ecosystem go for OSV id: 'GHSA-x9p9-v3x6-68mq'
Invalid version class: None - '0.9.1' for OSV id: 'GHSA-x9p9-v3x6-68mq'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-xj33-8r43-r227'
Invalid version class: None - '8.5.10' for OSV id: 'GHSA-xj33-8r43-r227'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-xj33-8r43-r227'
Invalid version class: None - '9.1.3' for OSV id: 'GHSA-xj33-8r43-r227'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='tendermint-light-client-verifier', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-xqqc-c5gw-c5r5'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='tendermint-light-client', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-xqqc-c5gw-c5r5'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='tendermint-light-client-js', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-xqqc-c5gw-c5r5'
Unknown version range for ecosystem go for OSV id: 'GHSA-xr7p-8q82-878q'
Invalid version class: None - '2.0.0-rc.4' for OSV id: 'GHSA-xr7p-8q82-878q'
Invalid VersionRange  for affected_pkg: {'package': {'ecosystem': 'Go', 'name': 'teler.app'}, 'ranges': [{'type': 'ECOSYSTEM', 'events': [{'introduced': '2.0.0-dev'}, {'fixed': '2.0.0-dev.2'}]}], 'versions': ['2.0.0-dev']} for OSV id: 'GHSA-xr7p-8q82-878q': error:KeyError('go')
Unknown version range for ecosystem go for OSV id: 'GHSA-xr7p-8q82-878q'
Invalid version class: None - '2.0.0-dev.2' for OSV id: 'GHSA-xr7p-8q82-878q'
Unknown version range for ecosystem go for OSV id: 'GHSA-xv6x-456v-24xh'
Invalid version class: None - '2.2.2' for OSV id: 'GHSA-xv6x-456v-24xh'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-xv8h-43h9-v3jq'
Unknown version range for ecosystem go for OSV id: 'GHSA-xxfx-w2rw-gh63'
Invalid version class: None - '0.8.2' for OSV id: 'GHSA-xxfx-w2rw-gh63'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-22m9-m3ww-53h3'
Invalid version class: None - '1.6.3' for OSV id: 'GHSA-22m9-m3ww-53h3'
Unknown version range for ecosystem go for OSV id: 'GHSA-3244-8mff-w398'
Invalid version class: None - '2.2.3' for OSV id: 'GHSA-3244-8mff-w398'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='httparty', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-5pq7-52mg-hr42'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-64wv-c7jw-jw2q'
Invalid version class: None - '3.0.0' for OSV id: 'GHSA-64wv-c7jw-jw2q'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-6m7c-45ff-3328'
Invalid version class: None - '1.4.0' for OSV id: 'GHSA-6m7c-45ff-3328'
Unknown version range for ecosystem go for OSV id: 'GHSA-6rrr-78xp-5jp8'
Invalid version class: None - '2.17.3' for OSV id: 'GHSA-6rrr-78xp-5jp8'
Unknown version range for ecosystem go for OSV id: 'GHSA-6rrr-78xp-5jp8'
Invalid version class: None - '2.16.4' for OSV id: 'GHSA-6rrr-78xp-5jp8'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-7m9r-rq9j-wmmh'
Invalid version class: None - '4.12.5' for OSV id: 'GHSA-7m9r-rq9j-wmmh'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='tokio', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-7rrj-xr53-82p7'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='tokio', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-7rrj-xr53-82p7'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='tokio', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-7rrj-xr53-82p7'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-7vcx-v65q-9wpg'
Invalid version class: None - '4.9.0' for OSV id: 'GHSA-7vcx-v65q-9wpg'
Unknown version range for ecosystem go for OSV id: 'GHSA-8686-4cr3-76wj'
Invalid version class: None - '0.10.0' for OSV id: 'GHSA-8686-4cr3-76wj'
Unknown version range for ecosystem go for OSV id: 'GHSA-89qm-wcmw-3mgg'
Invalid version class: None - '0.12.0' for OSV id: 'GHSA-89qm-wcmw-3mgg'
Invalid file name: advisory-database-main/advisories/github-reviewed/2023/01/GHSA-8f7f-vqg5-jrv9/GHSA-8f7f-vqg5-jrv9.json - unhashable type: 'Version'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-8gcg-vwmw-rxj4'
Invalid version class: None - '1.6.3' for OSV id: 'GHSA-8gcg-vwmw-rxj4'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='bzip2', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-96jv-r488-c2rj'
Unsupported package type: PackageURL(type='pub', namespace=None, name='personnummer', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-9f2c-xxfm-32mj'
Unknown version range for ecosystem go for OSV id: 'GHSA-9h7x-9pmh-7gg8'
Invalid version class: None - '0.10.0' for OSV id: 'GHSA-9h7x-9pmh-7gg8'
Unknown version range for ecosystem go for OSV id: 'GHSA-c653-6hhg-9x92'
Invalid version class: None - '0.19.0' for OSV id: 'GHSA-c653-6hhg-9x92'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-cf5r-3pvm-w64w'
Invalid version class: None - '2.0.6' for OSV id: 'GHSA-cf5r-3pvm-w64w'
Unknown version range for ecosystem go for OSV id: 'GHSA-fpjc-cxr6-w6h8'
Invalid version class: None - '0.10.0' for OSV id: 'GHSA-fpjc-cxr6-w6h8'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-ggj9-6x8j-49w9'
Invalid version class: None - '1.0' for OSV id: 'GHSA-ggj9-6x8j-49w9'
Unknown version range for ecosystem go for OSV id: 'GHSA-gqx8-hxmv-c4v4'
Unknown version range for ecosystem go for OSV id: 'GHSA-h2ph-9r76-37v5'
Invalid version class: None - '0.10.0' for OSV id: 'GHSA-h2ph-9r76-37v5'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-hph3-hv3c-7725'
Invalid version class: None - '1.6.3' for OSV id: 'GHSA-hph3-hv3c-7725'
Unknown version range for ecosystem go for OSV id: 'GHSA-jxgp-jgh3-8jc8'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-m95x-m25c-w9mp'
Invalid version class: None - '4.9.0' for OSV id: 'GHSA-m95x-m25c-w9mp'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='inline_svg', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-p33q-4h4m-j994'
Unknown version range for ecosystem go for OSV id: 'GHSA-pcvh-px2p-vmxw'
Invalid version class: None - '0.10.0' for OSV id: 'GHSA-pcvh-px2p-vmxw'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='git', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-pfpr-3463-c6jh'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-pxqj-xrv5-qvjf'
Invalid version class: None - '4.9.2' for OSV id: 'GHSA-pxqj-xrv5-qvjf'
Unsupported package type: PackageURL(type='crates.io', namespace=None, name='cargo', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-r5w3-xm58-jv6j'
Unknown version range for ecosystem go for OSV id: 'GHSA-v4w5-r2xc-7f8h'
Invalid version class: None - '1.6.4' for OSV id: 'GHSA-v4w5-r2xc-7f8h'
Unsupported package type: PackageURL(type='rubygems', namespace=None, name='pghero', version=None, qualifiers={}, subpath=None) in OSV: 'GHSA-vf99-xw26-86g5'
Unknown version range for ecosystem go for OSV id: 'GHSA-vjhf-8vqx-vqpq'
Invalid version class: None - '1.6.3' for OSV id: 'GHSA-vjhf-8vqx-vqpq'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-wm32-3r4m-jvcc'
Unknown version range for ecosystem packagist for OSV id: 'GHSA-wqqv-jcfr-9f5g'
Invalid version class: None - '4.8.1' for OSV id: 'GHSA-wqqv-jcfr-9f5g'
Unknown version range for ecosystem go for OSV id: 'GHSA-wr3c-g326-486c'
Invalid version class: None - '0.12.0' for OSV id: 'GHSA-wr3c-g326-486c'
Unknown version range for ecosystem go for OSV id: 'GHSA-x22v-qgm2-7qc7'
Invalid version class: None - '0.10.0' for OSV id: 'GHSA-x22v-qgm2-7qc7'
Successfully imported data using vulnerabilities.importers.github_osv.GithubOSVImporter

improver logs :

Improving data using vulnerabilities.improvers.default.DefaultImprover
Invalid vulnerability reference: <VulnerabilityReference: github.com/prometheus/prometheus>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/ipld/go-codec-dagpb>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/coredns/coredns>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/ipld/go-ipfs>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/google/fscrypt>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/google/fscrypt>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/rancher/rancher>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: apache/cayenne>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: apache/cayenne>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/npm/cli>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: https://github.com/symfony/symfony >: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: ://github.com/rochacbruno/quokka>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: ttps://github.com/jenkinsci/gatling-plugin>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: ttps://github.com/jenkinsci/jenkins>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: ttps://github.com/jenkinsci/jenkins>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: ://github.com/google/slo-generator>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/traefik/traefik>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/rancher/rancher>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/rancher/rancher>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/cloudflare/cfrpki>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/argoproj/argo-workflows/v3>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/gen2brain/go-unarr>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/cloudflare/cfrpki>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/rancher/rancher>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/hyperledger/fabric>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference:  https://github.com/yetiforcecompany/yetiforcecrm>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/mattermost/mattermost-server>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/coreos/ignition>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/hashicorp/nomad>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/hashicorp/nomad>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/stripe/smokescreen>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/fluxcd/kustomize-controller>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/argoproj/argo-cd>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/argoproj/argo-cd>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/ipld/go-codec-dagpb>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/open-falcon/falcon-plus>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/opencontainers/runc>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/argoproj/argo-workflows>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/argoproj/argo-cd>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/ethereum/go-ethereum>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/cilium/cilium>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/cilium/cilium>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/stripe/smokescreen>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/pion/dtls>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/pion/dtls>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/pion/dtls>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/mindoc-org/mindoc>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/gphper/ginadmin>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/gphper/ginadmin>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/blevesearch/bleve>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/kubeedge/kubeedge>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/kubeedge/kubeedge>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/kubeedge/kubeedge>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/kubeedge/kubeedge>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: github.com/zitadel/zitadel>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: https://https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: https://https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: https://https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: https://https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: https://https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: https://https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: https://https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: https://https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference: https://https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221>: {'url': ['Enter a valid URL.']}
Invalid vulnerability reference: <VulnerabilityReference:  https://github.com/jenkinsci/osf-builder-suite-xml-linter-plugin>: {'url': ['Enter a valid URL.']}
Successfully improved data using vulnerabilities.improvers.default.DefaultImprover

TG1999 · 2023-01-12T12:48:39Z

@ziadhany we should also support nuget, gems and crates

ziadhany · 2023-01-12T18:36:04Z

@ziadhany we should also support nuget, gems and crates

I don't think we support crates.io in univers (RANGE_CLASS_BY_SCHEMES)

TG1999 · 2023-01-12T18:37:59Z

@ziadhany you can use cargo for rust packages.

TG1999 · 2023-01-19T12:50:17Z

@ziadhany please attach logs for importer and improver

ziadhany · 2023-01-20T06:07:12Z

@ziadhany please attach logs for importer and improver

github_osv_logs.zip

TG1999 · 2023-01-24T13:14:19Z

vulnerabilities/importers/github_osv.py

+                    try:
+                        yield parse_advisory_data(
+                            raw_data,
+                            supported_ecosystems=[


support rubygems as well

I think I should add mapper for ecosystems , OSV relay on RANGE_CLASS_BY_SCHEMES : gems but osv call the ecosystem : rubygems

It would make sense to use a variable for the list of ecosystems as it does not help reading to have a long list of values in a function arguments.
And surely you need a mapping for OSV to PURL types that's at https://github.com/nexB/vulnerablecode/pull/926/files#diff-33c32124a3048b04cb219fc5540512cf1c658d638b86bc51e2e74a477de15dd5R33

TG1999 · 2023-01-24T13:23:18Z

@ziadhany as I can see the improver logs some URLs doesn't look valid, can you please look into the reason for this ?

ziadhany · 2023-01-27T01:56:14Z

@TG1999 I am a little confused, Is this a bug in univers?

vulnerabilities/importers/osv.py:80: in parse_advisory_data
    fixed_version = get_fixed_versions(
vulnerabilities/importers/osv.py:277: in get_fixed_versions
    return dedupe(fixed_versions)
vulnerabilities/utils.py:273: in dedupe
    return list(dict.fromkeys(original))
<attrs generated hash univers.versions.RubygemsVersion>:2: in __hash__
    return hash((
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = GemVersion('2.3.11')

    def __hash__(self):
>       return hash(self.canonical_
segments)
E       TypeError: unhashable type: 'list'

venv/lib/python3.10/site-packages/univers/gem.py:228: TypeError

importer logs : github_osv_importer.log

TG1999 · 2023-02-03T12:38:44Z

@ziadhany instead of deduping list of GemVersion, dedupe list of strings and then parse them as GemVersion

ziadhany · 2023-02-06T18:03:10Z

@ziadhany instead of deduping list of GemVersion, dedupe list of strings and then parse them as GemVersion

@TG1999
I am not using GemVersion explicitly in code, I am using RANGE_CLASS_BY_SCHEMES to determine which univers version should be used for the ecosystem ( RubyGems -> RubygemsVersion which use GemVersion).

All the ecosystems work except ruby, so I think it is a RubygemsVersion bug.
please have a look at line: 47 def test_to_advisories4

pombredanne · 2023-02-10T10:27:00Z

@TG1999 I am a little confused, Is this a bug in univers?

vulnerabilities/importers/osv.py:80: in parse_advisory_data
    fixed_version = get_fixed_versions(
vulnerabilities/importers/osv.py:277: in get_fixed_versions
    return dedupe(fixed_versions)
vulnerabilities/utils.py:273: in dedupe
    return list(dict.fromkeys(original))
<attrs generated hash univers.versions.RubygemsVersion>:2: in __hash__
    return hash((
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = GemVersion('2.3.11')

    def __hash__(self):
>       return hash(self.canonical_
segments)
E       TypeError: unhashable type: 'list'

venv/lib/python3.10/site-packages/univers/gem.py:228: TypeError

importer logs : github_osv_importer.log

Yes, this is a univers bug

Reference: aboutcode-org/vulnerablecode#926 Reference: aboutcode-org/vulnerablecode#608 Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>

TG1999 · 2023-02-10T11:34:48Z

@ziadhany please update univers to v30.9.2

DennisClark · 2023-11-14T16:15:38Z

#749 See that

TG1999 · 2023-11-20T11:46:35Z

@ziadhany please resolve the conflicts

ziadhany · 2023-11-21T15:13:32Z

@ziadhany please resolve the conflicts

Done

TG1999

Some nits for your consideration!

vulnerabilities/importers/github_osv.py

vulnerabilities/importers/osv.py

ziadhany · 2024-02-05T20:01:44Z

Some nits for your consideration!

Done

TG1999

@ziadhany thanks++ please resolve merge conflicts and squash and merge this

Add a GithubOSVImporter to git_importer parametrize test Refactor OSV ecosystem mapping Fix the test Update univers version and pass nuget test Resolve merge conflict Add a test for golang Fix test by adding cwe to expected files Resolve merge conflict Signed-off-by: ziadhany <ziadhany2016@gmail.com>

ziadhany · 2024-02-13T12:03:42Z

@ziadhany thanks++ please resolve merge conflicts and squash and merge this

Done , but I can't merge because the docs CI is falling

TG1999 · 2024-02-13T12:22:51Z

@ziadhany thanks++

Add a GithubOSVImporter to git_importer parametrize test Refactor OSV ecosystem mapping Fix the test Update univers version and pass nuget test Resolve merge conflict Add a test for golang Fix test by adding cwe to expected files Resolve merge conflict Signed-off-by: ziadhany <ziadhany2016@gmail.com>

ziadhany mentioned this pull request Sep 24, 2022

Plan for merging pull requestes #925

Open

9 tasks

TG1999 added this to the v31.0 milestone Oct 11, 2022

ziadhany force-pushed the osv_ecosystem branch from 64dc907 to 87abb5b Compare October 31, 2022 20:39

TG1999 reviewed Nov 21, 2022

View reviewed changes

vulnerabilities/importers/github_osv.py Outdated Show resolved Hide resolved

TG1999 added the Data collection label Nov 23, 2022

pombredanne modified the milestones: v31.0, v32.0.0 Dec 8, 2022

ziadhany force-pushed the osv_ecosystem branch from 87abb5b to f35ed57 Compare January 12, 2023 10:23

ziadhany force-pushed the osv_ecosystem branch from f35ed57 to 4064dbd Compare January 12, 2023 18:14

ziadhany force-pushed the osv_ecosystem branch from 4064dbd to 309fd36 Compare January 12, 2023 18:46

ziadhany force-pushed the osv_ecosystem branch from 309fd36 to 09ef8dd Compare January 20, 2023 06:08

TG1999 reviewed Jan 24, 2023

View reviewed changes

pombredanne assigned TG1999 Jan 26, 2023

ziadhany force-pushed the osv_ecosystem branch 2 times, most recently from c2a9677 to cc3c549 Compare January 27, 2023 01:53

pombredanne added a commit to ziadhany/univers that referenced this pull request Feb 10, 2023

Test that GemVersion is hashable

1794018

Reference: aboutcode-org/vulnerablecode#926 Reference: aboutcode-org/vulnerablecode#608 Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>

TG1999 modified the milestones: v32.0.0, v33.0.0 Feb 10, 2023

ziadhany force-pushed the osv_ecosystem branch from f286880 to 550a765 Compare September 22, 2023 19:41

ziadhany requested a review from pombredanne September 22, 2023 19:44

ziadhany force-pushed the osv_ecosystem branch from 550a765 to 73979eb Compare November 21, 2023 14:52

ziadhany force-pushed the osv_ecosystem branch from 73979eb to 1dcdd7b Compare December 5, 2023 15:13

TG1999 changed the title ~~add support for all osv ecosystems~~ [WIP] add support for all osv ecosystems Dec 12, 2023

TG1999 marked this pull request as draft December 12, 2023 19:36

TG1999 modified the milestones: v33.0.0, v34.0.0 Jan 9, 2024

ziadhany force-pushed the osv_ecosystem branch 2 times, most recently from 045c60d to b7f4670 Compare January 18, 2024 19:09

ziadhany requested a review from TG1999 January 18, 2024 19:27

TG1999 added Priority: medium and removed Priority: high labels Jan 30, 2024

TG1999 marked this pull request as ready for review January 30, 2024 17:05

TG1999 changed the title ~~[WIP] add support for all osv ecosystems~~ Add support for all osv ecosystems Jan 30, 2024

TG1999 requested changes Feb 5, 2024

View reviewed changes

vulnerabilities/importers/github_osv.py Show resolved Hide resolved

vulnerabilities/importers/osv.py Outdated Show resolved Hide resolved

vulnerabilities/importers/osv.py Outdated Show resolved Hide resolved

ziadhany force-pushed the osv_ecosystem branch from b7f4670 to e4a57ca Compare February 5, 2024 19:52

TG1999 approved these changes Feb 13, 2024

View reviewed changes

ziadhany force-pushed the osv_ecosystem branch from b53bb26 to 5d18863 Compare February 13, 2024 12:00

TG1999 merged commit dee6ea2 into aboutcode-org:main Feb 13, 2024

ziadhany deleted the osv_ecosystem branch February 13, 2024 13:20

ziadhany mentioned this pull request Feb 27, 2024

Add OSV importer #608

Closed

Uh oh!

Conversation

ziadhany commented Sep 24, 2022

Uh oh!

Uh oh!

ziadhany commented Jan 12, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

TG1999 commented Jan 12, 2023

Uh oh!

ziadhany commented Jan 12, 2023

Uh oh!

TG1999 commented Jan 12, 2023

Uh oh!

TG1999 commented Jan 19, 2023

Uh oh!

ziadhany commented Jan 20, 2023

Uh oh!

TG1999 Jan 24, 2023

Choose a reason for hiding this comment

Uh oh!

ziadhany Jan 24, 2023

Choose a reason for hiding this comment

Uh oh!

pombredanne Sep 7, 2023

Choose a reason for hiding this comment

Uh oh!

TG1999 commented Jan 24, 2023

Uh oh!

ziadhany commented Jan 27, 2023

Uh oh!

TG1999 commented Feb 3, 2023

Uh oh!

ziadhany commented Feb 6, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

pombredanne commented Feb 10, 2023

Uh oh!

TG1999 commented Feb 10, 2023

Uh oh!

DennisClark commented Nov 14, 2023

Uh oh!

TG1999 commented Nov 20, 2023

Uh oh!

ziadhany commented Nov 21, 2023

Uh oh!

TG1999 left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

ziadhany commented Feb 5, 2024

Uh oh!

TG1999 left a comment

Choose a reason for hiding this comment

Uh oh!

ziadhany commented Feb 13, 2024

Uh oh!

TG1999 commented Feb 13, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

ziadhany commented Jan 12, 2023 •

edited

Loading

ziadhany commented Feb 6, 2023 •

edited

Loading