-
Notifications
You must be signed in to change notification settings - Fork 201
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CISA Data Importer via GitHub Repo- Added #1614
base: main
Are you sure you want to change the base?
Conversation
Signed-off-by: Rishi Garg <[email protected]>
@keshav-space should we now instead use the new importer pipeline approach? |
@pombredanne yes, we have a decent number of pipelines here https://github.com/aboutcode-org/vulnerablecode/tree/main/vulnerabilities/pipelines, and there is a brief instruction on how to write a pipeline here #1589 (comment). I still need to add this to our tutorials in Read the Docs. |
@keshav-space Can you please tell me that what is the difference between the importer pipeline approach and the normal importing? |
Signed-off-by: Rishi Garg <[email protected]>
Signed-off-by: Rishi Garg <[email protected]>
Signed-off-by: Rishi Garg <[email protected]>
Add CISA GOV Vulnrichment Importer
This pull request adds a new importer for the CISA GOV Vulnrichment dataset. The importer fetches vulnerability data from the CISAGOV/vulnrichment GitHub repository and imports it into our database.
Related Issue
Closes #1475
Changes
VulnrichImporter
class invulnerabilities/importers/cisagov.py
How to Use
To use the new importer, run the following management command:
python manage.py import vulnerabilities.importers.vulnrichment.VulnrichImporter
This command will fetch the latest data from the CISAGOV/vulnrichment repository and import it into the database.
Features
Testing
Additional Notes
GITHUB_API_BASE
,REPO_OWNER
,REPO_NAME
, andBRANCH
constants in the importer can be adjusted if the source repository changes in the future.Please review and let me know if any changes or additional information is needed.