Skip to content
/ vulnerablecode Public
forked from aboutcode-org/vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities.

gitter.im/aboutcode-org/vulnerablecode

License

Apache-2.0 license
1 star 201 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ngi-nix/vulnerablecode

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,239 Commits
.github/workflows
.github/workflows
 
 
docs
docs
 
 
etc
etc
 
 
vulnerabilities
vulnerabilities
 
 
vulnerablecode
vulnerablecode
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
.readthedocs.yml
.readthedocs.yml
 
 
AUTHORS.rst
AUTHORS.rst
 
 
CHANGELOG.rst
CHANGELOG.rst
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.gif
README.gif
 
 
README.rst
README.rst
 
 
SOURCES.rst
SOURCES.rst
 
 
apache-2.0.LICENSE
apache-2.0.LICENSE
 
 
docker-compose.yml
docker-compose.yml
 
 
docker.env
docker.env
 
 
manage.py
manage.py
 
 
pyproject.toml
pyproject.toml
 
 
pytest.ini
pytest.ini
 
 
requirements-dev.txt
requirements-dev.txt
 
 
requirements.txt
requirements.txt
 
 
setup.cfg
setup.cfg
 
 
setup.py
setup.py
 
 

Repository files navigation

VulnerableCode

Build Status License Python 3.8 stability-wip Gitter chat

VulnerableCode is a free and open database of FOSS software package vulnerabilities and the tools to create and keep the data current.

It is made by the FOSS community to improve and secure the open source software ecosystem.

README.gif

Getting started

Run with Docker

git clone https://github.com/nexB/vulnerablecode.git && cd vulnerablecode
make envfile
docker-compose build
docker-compose up
docker-compose run vulnerablecode ./manage.py import --list

At this point, the VulnerableCode app should be running at port 8000 on your Docker host.

Local development installation

sudo apt-get install \
    python3-venv python3-dev postgresql libpq-dev build-essential
git clone https://github.com/nexB/vulnerablecode.git && cd vulnerablecode
make dev envfile postgres
make test
make run

At this point, the VulnerableCode app should be running at port 8000 on your machine.

Populate VulnerableCode data

To run all importers and improvers use:

./manage.py import --all
./manage.py improve --all

Read more about VulnerableCode here: https://vulnerablecode.readthedocs.org/

About

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities.

gitter.im/aboutcode-org/vulnerablecode

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages

  • Python 90.5%
  • HTML 6.4%
  • CSS 1.4%
  • Nix 0.8%
  • Makefile 0.6%
  • Shell 0.3%