New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Can ecosystem and GITLAB Advisory database #1827
Comments
Hey @jacky92, thank you for the request. This is probably something we could do by implementing a new provider in https://github.com/anchore/vunnel to parse the publicly-available GitLab data. Note: if we implemented that, we'd need to also implement a per-ecosystem filter to prevent duplicates of vulnerabilities from GHSA that we would also be using to match in Grype. If you are interested in working on the Vunnel provider, please let us know! We would be happy to help get you pointed in the right direction. |
Hello,
What would you like to be added:
I would like to add Conan (C/C++ package manager) CVEs on Grype
Why is this needed:
Syft support Conan scanning.
GITLAB Advisory database manage conan CVE.
Additional context:
URL to GITLAB Advisory : https://gitlab.com/gitlab-org/advisories-community
GITLAB Advisory support also GEM/GO/MAVEN/NPM/NUGET/PYPI, maybe it is possible to add complementary information for these ecosystem...
Thanks in advance.
The text was updated successfully, but these errors were encountered: