Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ingest github ecosystems #1039

Open
pombredanne opened this issue Dec 8, 2022 · 3 comments · Fixed by #1427 · May be fixed by #1417
Open

Ingest github ecosystems #1039

pombredanne opened this issue Dec 8, 2022 · 3 comments · Fixed by #1427 · May be fixed by #1417

Comments

@pombredanne
Copy link
Member

We have some issue wrt Go that needs to purl library updates.

@pombredanne pombredanne added this to the v32.0.0 milestone Dec 8, 2022
@TG1999
Copy link
Contributor

TG1999 commented Dec 28, 2022

Available ecosystems that we are not ingesting right now:
Erlang, Go, Pub, Rust

@shravankshenoy
Copy link
Contributor

I would like to work on this issue.

I have raised a PR for ingesting Pub data. PR #1417. Started with this as the number of advisories was less so it is easier to cross verify

Wrt the remaining ecosystems, I believe Rust would be very similar to Pub - with the minor difference that in the mapping dictionary the mapping would be
"RUST": "cargo"

For Erlang, I do not think it is supported yet in purl-spec (https://github.com/package-url/purl-spec/blob/master/PURL-TYPES.rst). So not sure if we can create a PR on it until purl-spec supports it.

For Go, I believe we have to work on #742 first before we can take this issue up.

@keshav-space
Copy link
Member

Not yet completed. We still need to ingest golang, swift, pub and erlang advisories from GitHub.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment