#nixos-security on 2020-05-21

00:08 anselmolsm has joined #nixos-security

00:27 hmpffff has joined #nixos-security

00:49 colemickens_ has joined #nixos-security

00:51 colemickens_ has left #nixos-security [#nixos-security]

01:02 anselmolsm has quit [Quit: Konversation terminated!]

01:04 hmpffff has quit [Quit: nchrrrr…]

03:28 justanotheruser has quit [Ping timeout: 260 seconds]

03:41 justanotheruser has joined #nixos-security

08:05 <JJJollyjim> i think "how do CVEs in python work" has an answer about as simple as "how does packaging in python work"

08:08 <JJJollyjim> pyup.io maintains a commercial database of vulnerable packages

08:09 <JJJollyjim> then https://github.com/pyupio/safety-db has monthly exports of that data, for non-commercial use only

08:09 <JJJollyjim> idk how that interacts with "open-source projects that don't expressly forbid commercial use"

08:10 <JJJollyjim> that's the only effort i know of :/

08:54 <andi-> Since I am not paid to do this work I should be fine to use it to create a list of issues..

10:14 hmpffff has joined #nixos-security

10:31 hmpffff has quit [Quit: nchrrrr…]

12:26 hmpffff has joined #nixos-security

15:56 justanotheruser has quit [Ping timeout: 260 seconds]

16:09 justanotheruser has joined #nixos-security

20:35 zarel has quit [Ping timeout: 260 seconds]

20:38 zarel has joined #nixos-security

21:08 hmpffff has quit [Quit: Bye…]

22:20 anselmolsm has joined #nixos-security

22:53 justanotheruser has quit [Ping timeout: 260 seconds]

23:07 justanotheruser has joined #nixos-security