Comments (7)
This functionality is currently offered by several providers, and what we discussed in person at NINA to not have an API to query the dataset, but just providing the dataset to be downloaded, or something similar. If someone wants an API, they should build their own.
I am neutral to this, as I will not have any bandwidth to contribute to the development of this service.
from security-wg.
I'm in the same position of @mcollina, no time to implement this, but after we have some data stored, if someone wanted to do this, I can't think of any objects right now (though I don't think we want to get in the business of competing with the APIs behind any of the providers of security tools, we would want to be careful about that).
from security-wg.
This isn't a priority right now, but we'll leave open for the future if someone wants to pick it up (after we have the data managed and available).
from security-wg.
If no one is planning on working on this, perhaps we can close? It can always be repopened if someone does want to step up and make the case for this and implement it. Any objections, @joshgav ?
from security-wg.
I'm just going to close, but @joshgav (or anybody) feel free to reopen if you want to keep it alive.
from security-wg.
So this was closed, but with npm acquiring nsp I'm not 100% sure which is the source of truth nowadays, @vdeturckheim told me it's https://github.com/nodejs/security-wg/tree/master/vuln/npm, but it isn't always super practical to fetch from GitHub, keep it up to date and have an API. I guess if there isn't an official one, I could make my own, would that be something you'd be interested in?
from security-wg.
@Haroenv we discussed in some other issue to see if we could have an auto-published npm package containing issues (#115). I reopenned this issue I closed by mistake.
from security-wg.
Related Issues (20)
- Threat Model question about Permission Model HOT 2
- Security Vulnerability to report HOT 1
- OpenSSF Scorecard Report Updated!
- OpenSSF Scorecard Report Updated!
- Scores of vulnerability found in experimental features can be too high HOT 9
- Adding language to Bug Bounty program to differentiate "security features" from "defense in depth features" HOT 1
- Permission Model adoption from Package Managers HOT 3
- Node.js Security team Meeting 2024-05-09
- OpenSSF Scorecard Report Updated!
- OpenSSF Scorecard Report Updated!
- OpenSSF Scorecard Report Updated!
- OpenSSF Scorecard Report Updated!
- Node.js Security team Meeting 2024-05-23
- Node.js Security team Meeting 2024-06-06 HOT 4
- OpenSSF Scorecard Report Updated!
- OpenSSF Scorecard Report Updated!
- Ping TSC on deps update not from GithubBot HOT 10
- [Bug]:use pm2 and --experimental-permission, throw Error: Access to this API has been restricted
- Node.js Security team Meeting 2024-06-20 HOT 1
- Node.js maintainers: Threat Model HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from security-wg.