This standalone application is intended to check for disclosed vulnerabilities for a given package and release based on available CVE data. Example APIs and related resources are listed here, but are not considered to be specific requirements for the final design of the application, provided its objectives are well met.
As described in CVE Checks:
- Check published CVE lists for package using available APIs
- Check time from exposure to patch for past CVEs
- Append results to fair-forge-meta per spec
Resulting output to STDOUT is fine, can be piped where we need it later. Output format should be along these lines:
This standalone application is intended to check for disclosed vulnerabilities for a given package and release based on available CVE data. Example APIs and related resources are listed here, but are not considered to be specific requirements for the final design of the application, provided its objectives are well met.
As described in CVE Checks:
Resulting output to STDOUT is fine, can be piped where we need it later. Output format should be along these lines: