Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OSV, PyPI: Do not use "details" field for vuln summaries #323

Merged
merged 5 commits into from
Jul 20, 2022

Conversation

woodruffw
Copy link
Member

The "details" field is frequently multiline and OSV allows it to be Markdown formatted, which causes problems for the surrounding columnar and Markdown formats. The correct field in our context is the "summary" field, which is specified as a short plaintext string.

Closes #314.

@woodruffw woodruffw added the component:vuln-sources Components that provide sources of vulnerability information label Jul 19, 2022
@woodruffw woodruffw requested review from di and tetsuo-cpp July 19, 2022 20:02
@woodruffw woodruffw self-assigned this Jul 19, 2022
Signed-off-by: William Woodruff <[email protected]>
pip_audit/_service/osv.py Outdated Show resolved Hide resolved
@woodruffw woodruffw requested a review from di July 20, 2022 21:56
@woodruffw woodruffw merged commit 68effd7 into main Jul 20, 2022
@woodruffw woodruffw deleted the ww/do-not-use-desc branch July 20, 2022 22:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
component:vuln-sources Components that provide sources of vulnerability information
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Slightly broken Markdown formatting when used with --desc
2 participants