Add Can ecosystem and GITLAB Advisory database #1827
Labels
enhancement
New feature or request
Comments
|
Hey @jacky92, thank you for the request. This is probably something we could do by implementing a new provider in https://github.com/anchore/vunnel to parse the publicly-available GitLab data. Note: if we implemented that, we'd need to also implement a per-ecosystem filter to prevent duplicates of vulnerabilities from GHSA that we would also be using to match in Grype. If you are interested in working on the Vunnel provider, please let us know! We would be happy to help get you pointed in the right direction. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
What would you like to be added:
I would like to add Conan (C/C++ package manager) CVEs on Grype
Why is this needed:
Syft support Conan scanning.
GITLAB Advisory database manage conan CVE.
Additional context:
URL to GITLAB Advisory : https://gitlab.com/gitlab-org/advisories-community
GITLAB Advisory support also GEM/GO/MAVEN/NPM/NUGET/PYPI, maybe it is possible to add complementary information for these ecosystem...
Thanks in advance.
The text was updated successfully, but these errors were encountered: