feat(github): capture cvss_severities and additional reference urls#1032
Merged
westonsteimel merged 3 commits intomainfrom Feb 3, 2026
Merged
feat(github): capture cvss_severities and additional reference urls#1032westonsteimel merged 3 commits intomainfrom
westonsteimel merged 3 commits intomainfrom
Conversation
westonsteimel
added
the
run-pr-quality-gate
westonsteimel
force-pushed
the
github-cvss-severities
branch
6 times, most recently
from
26c5498 to
ef7979a
Compare
westonsteimel
changed the title
westonsteimel
force-pushed
the
github-cvss-severities
branch
9 times, most recently
from
f429351 to
710d12e
Compare
Signed-off-by: Weston Steimel <[email protected]>
Signed-off-by: Weston Steimel <[email protected]>
westonsteimel
force-pushed
the
github-cvss-severities
branch
from
4180ff0 to
01b6558
Compare
Signed-off-by: Christopher Phillips <[email protected]>
spiffcs
approved these changes
Feb 3, 2026
Contributor
|
@westonsteimel this looks good to me If you want I can also take a look at the |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Capture the new
cvssSeveritiesproperty from the GitHub GraphQL api, but retain the legacyCVSSproperty behaviour in our output json to avoid breaking schema changes. This allows this vunnel change to land independently of the grype-db parsing change and keeps v5 schema dbs going for now. Additionally capture all reference urls in the vunnel output. It is necessary to bump thegithubprovider version to 2 because this is an iterative provider and we need to ensure all of history is pulled again since the input is changing.Resolves #871
Resolves #646