Skip to content

Migrate to NVD 2.0 API #40

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Sep 11, 2025
Merged

Migrate to NVD 2.0 API #40

merged 3 commits into from
Sep 11, 2025

Conversation

paolo9921
Copy link

Migrate to NVD 2.0 API

Migrate the CVE source to the new NVD 2.0 API, replacing the deprecated 1.1 endpoint.

  • Update download URLs and gzip filenames.
  • Adjust JSON parsing for the new schema.
  • Add support for CVSS v4.0.
  • Refresh fixtures and unit tests to align with NVD 2.0 examples.
  • Remove legacy 1.1 fixtures.

Reference: https://nvd.nist.gov/general/news/api-20-announcements

Closes: exein-io/analyzer-platform#476, #39

@paolo9921 paolo9921 force-pushed the nvd-2.0-api branch 2 times, most recently from 8611169 to 19b6177 Compare September 2, 2025 08:56
dommyrock
dommyrock reviewed Sep 2, 2025
View reviewed changes
domain-db/src/db/mod.rs
///
/// We can set it to maximum of about 5500 for current [`domain_db::db::NewCVE`] parameteer count.
///
/// DOCS: https://www.postgresql.org/docs/current/limits.html
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For me, this part of comment was quite useful to remind us about this specific batch size limit on the PG side. So if possible i would keep it .

@paolo9921 paolo9921 requested review from krsh and dommyrock September 4, 2025 12:12
@paolo9921 paolo9921 force-pushed the nvd-2.0-api branch 2 times, most recently from 8c838e2 to 6691525 Compare September 9, 2025 07:53
@paolo9921 paolo9921 merged commit ab6e3c5 into main Sep 11, 2025
6 checks passed
@dommyrock dommyrock mentioned this pull request Sep 12, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@krsh krsh Awaiting requested review from krsh

@dommyrock dommyrock Awaiting requested review from dommyrock

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@paolo9921 @dommyrock