Skip to content

Scripts for generating Vulnerability Disclosure Reports

Notifications You must be signed in to change notification settings

adoptium/temurin-vdr-generator

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

83 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

temurin-vdr-generator

Scripts for generating Vulnerability Disclosure Reports

Currently the VDR is generated by aggregating data from 2 sources: the OpenJDK Vulnerability Group and the NIST API. We use ojvg_download.py to download data from OpenJDK Vulnerability Group, and parse it into a more machine readable format . We use ojvg_convert.py to generate CycloneDX format objects, enhance with data from NIST, and generate a vdr, which is saved in data/vdr.json

Installation

To install the requirements:

python3 -m pip install -r requirements.txt

Tests

There are some tests, in order to run them, you can do:

python3 -m pytest

Formatting

This project is formatted using black (a fairly standard Python formatter).To format files, use:

python3 -m black <filename>.py.

About

Scripts for generating Vulnerability Disclosure Reports

Topics

Resources

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published