-
Notifications
You must be signed in to change notification settings - Fork 198
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for all osv ecosystems #926
Conversation
64dc907
to
87abb5b
Compare
87abb5b
to
f35ed57
Compare
importer logs :
improver logs :
|
@ziadhany we should also support |
f35ed57
to
4064dbd
Compare
I don't think we support |
@ziadhany you can use |
4064dbd
to
309fd36
Compare
@ziadhany please attach logs for importer and improver |
|
309fd36
to
09ef8dd
Compare
try: | ||
yield parse_advisory_data( | ||
raw_data, | ||
supported_ecosystems=[ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
support rubygems as well
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think I should add mapper for ecosystems , OSV relay on RANGE_CLASS_BY_SCHEMES
: gems
but osv call the ecosystem : rubygems
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would make sense to use a variable for the list of ecosystems as it does not help reading to have a long list of values in a function arguments.
And surely you need a mapping for OSV to PURL types that's at https://github.com/nexB/vulnerablecode/pull/926/files#diff-33c32124a3048b04cb219fc5540512cf1c658d638b86bc51e2e74a477de15dd5R33
@ziadhany as I can see the improver logs some URLs doesn't look valid, can you please look into the reason for this ? |
c2a9677
to
cc3c549
Compare
@TG1999 I am a little confused, Is this a bug in univers?
importer logs : github_osv_importer.log |
@ziadhany instead of deduping list of |
@TG1999 All the ecosystems work except ruby, so I think it is a |
Yes, this is a univers bug |
Reference: aboutcode-org/vulnerablecode#926 Reference: aboutcode-org/vulnerablecode#608 Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@ziadhany please update univers to v30.9.2 |
f286880
to
550a765
Compare
#749 See that |
@ziadhany please resolve the conflicts |
550a765
to
73979eb
Compare
Done |
73979eb
to
1dcdd7b
Compare
045c60d
to
b7f4670
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some nits for your consideration!
b7f4670
to
e4a57ca
Compare
Done |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ziadhany thanks++ please resolve merge conflicts and squash and merge this
Add a GithubOSVImporter to git_importer parametrize test Refactor OSV ecosystem mapping Fix the test Update univers version and pass nuget test Resolve merge conflict Add a test for golang Fix test by adding cwe to expected files Resolve merge conflict Signed-off-by: ziadhany <ziadhany2016@gmail.com>
b53bb26
to
5d18863
Compare
Done , but I can't merge because the docs CI is falling |
@ziadhany thanks++ |
Add a GithubOSVImporter to git_importer parametrize test Refactor OSV ecosystem mapping Fix the test Update univers version and pass nuget test Resolve merge conflict Add a test for golang Fix test by adding cwe to expected files Resolve merge conflict Signed-off-by: ziadhany <ziadhany2016@gmail.com>
Signed-off-by: ziadhany ziadhany2016@gmail.com