Include vulnerability feed parsing code (maybe in another repo) #1115
Assignees
Labels
changelog-ignore
Don't include this issue in the release changelog
enhancement
New feature or request
Comments
|
Hi @rhdesmond, this is something we're actively working on and we'll have something to share soon. It's a priority for us. Thanks for asking, and stay tuned. I'll leave this issue open and try to reply once we have something available. |
|
Awesome thanks! No rush |
|
Wanted to drop an update here: we've open sourced the entire data pipeline for grype-db! There are two projects that relate to this:
Here's the announcement post as well with further information https://anchore.com/blog/build-your-own-grype-database/ Shout out if you have more questions about this! |
wagoodman
added
the
changelog-ignore
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What would you like to be added: The logic used for parsing the vulnerability feeds
Why is this needed:
Provides more transparency into the vulnerability data sources and creation of the vulnerability database (similar to open source scanners Trivy and osv-scanner).
The text was updated successfully, but these errors were encountered: